Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: ZtR+4kivN6cLVM9lV1ISDl2CjK8uxQiGKIHDgBTo3ic=
Subject key identifier: 64:C2:92:12:C8:9D:D0:09:38:0B:25:E5:B0:B6:FD:82:53:8F:80:5C
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 273232AC23B2B37D3E8A9B093EAE5A01FEAA4FBB
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Mon 21 Jul 2025 16:41:40 +0000
ROA not before: Mon 21 Jul 2025 16:36:40 +0000
ROA not after: Mon 20 Jul 2026 16:41:40 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
62.182.32.0/22 maxlen: 22
85.235.72.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
212.115.100.0/22 maxlen: 22
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:32:32:ac:23:b2:b3:7d:3e:8a:9b:09:3e:ae:5a:01:fe:aa:4f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jul 21 16:36:40 2025 GMT
Not After : Jul 20 16:41:40 2026 GMT
Subject: CN=64C29212C89DD009380B25E5B0B6FD82538F805C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:2f:a3:37:93:ff:60:a5:8a:a0:8f:db:35:
d7:86:f3:8c:73:32:e6:41:c3:46:52:36:84:39:61:
b5:e8:a3:f2:53:17:b8:2b:58:30:e7:58:0c:32:96:
15:7f:f9:38:43:86:f9:ef:1f:61:a2:d5:5b:ce:68:
08:b8:75:c2:36:87:48:04:ea:32:9b:65:cb:c9:b8:
5b:7a:3b:d4:d1:00:06:ec:ce:c1:e4:0b:c0:c9:c7:
15:f0:eb:3d:da:26:96:c5:87:48:7a:35:94:90:7a:
74:11:b2:76:4f:6b:f2:09:46:1f:98:a3:d6:fb:df:
47:38:2c:be:f5:d8:57:5e:f3:09:be:2f:df:1b:a4:
d7:40:19:d9:0a:a3:4a:db:3a:e5:23:2a:cb:23:49:
8b:24:27:d1:09:94:32:a5:80:84:20:8c:b9:55:6a:
52:ed:35:da:88:c6:0a:d3:88:2d:da:37:64:e6:db:
1e:65:82:be:cc:7c:68:39:dc:13:6b:ff:1b:ef:8c:
b9:84:3f:8e:f8:cb:bc:50:dd:92:ee:88:8a:3a:91:
bc:0e:e5:e0:ea:73:18:d9:c9:18:0b:a1:a5:ed:a5:
24:ea:ba:5a:e0:43:78:1f:e3:43:96:14:4c:f7:4d:
4e:dc:31:b0:58:74:18:ac:79:27:a7:e6:ad:76:95:
78:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C2:92:12:C8:9D:D0:09:38:0B:25:E5:B0:B6:FD:82:53:8F:80:5C
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
37.221.76.0/23
37.221.79.0/24
62.182.32.0/22
85.235.72.0/24
85.235.74.0/24
92.249.63.0/24
139.28.48.0/22
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
212.115.100.0/22
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ad:a0:ca:81:05:1c:90:47:76:e6:6a:2c:ba:b4:c9:d8:54:
65:f9:aa:7e:f4:d7:16:8e:ac:26:d2:0a:8b:b7:d1:4f:b4:a7:
10:90:97:31:74:88:68:f2:87:1a:a2:35:5a:35:2e:27:69:c8:
f3:ce:8d:3e:13:49:a9:70:5e:30:b4:d2:3b:cb:6c:3c:31:1f:
e4:09:c9:31:73:9b:ed:27:44:71:ef:f2:86:4a:f2:95:e1:be:
94:30:cf:67:bc:dc:0f:b3:5c:e6:3f:9e:fd:54:52:51:dd:39:
ed:59:54:b9:32:4c:43:35:b1:6f:87:99:45:0e:56:9e:f2:80:
4d:69:d6:27:bd:64:49:e6:6a:8d:aa:b7:09:89:6b:58:66:09:
68:9b:77:d8:0a:a7:4f:bf:f7:5c:53:e5:15:a5:99:8e:2c:77:
9e:1f:a0:cc:65:88:dd:eb:db:77:55:2d:f5:89:fd:90:a2:56:
07:f5:cc:ec:54:63:be:ba:3e:bd:39:02:fb:54:df:62:ca:7c:
3c:ed:9a:df:44:b2:9d:30:b2:ae:9b:54:f7:af:0c:78:ca:d4:
19:86:0d:f2:11:6f:5a:1c:fe:c3:dc:53:bc:ee:67:91:32:1d:
b4:0f:67:e6:f7:f5:af:4d:80:de:6b:fd:91:01:c0:17:8e:79:
fe:9d:33:b5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIUJzIyrCOys30+ipsJPq5aAf6qT7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA3MjExNjM2NDBaFw0yNjA3MjAxNjQxNDBaMDMxMTAvBgNV
BAMTKDY0QzI5MjEyQzg5REQwMDkzODBCMjVFNUIwQjZGRDgyNTM4RjgwNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Zi+jN5P/YKWKoI/bNdeG84xz
MuZBw0ZSNoQ5YbXoo/JTF7grWDDnWAwylhV/+ThDhvnvH2Gi1VvOaAi4dcI2h0gE
6jKbZcvJuFt6O9TRAAbszsHkC8DJxxXw6z3aJpbFh0h6NZSQenQRsnZPa/IJRh+Y
o9b730c4LL712Fde8wm+L98bpNdAGdkKo0rbOuUjKssjSYskJ9EJlDKlgIQgjLlV
alLtNdqIxgrTiC3aN2Tm2x5lgr7MfGg53BNr/xvvjLmEP474y7xQ3ZLuiIo6kbwO
5eDqcxjZyRgLoaXtpSTqulrgQ3gf40OWFEz3TU7cMbBYdBiseSen5q12lXiTAgMB
AAGjggKKMIIChjAdBgNVHQ4EFgQUZMKSEsid0Ak4CyXlsLb9glOPgFwwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ8GCCsGAQUFBwEHAQH/BIGPMIGMMIGJBAIAATCBggME
AAWFZQMEAR8oxAMEAB8oxwMEAR8ozAMEAB8ozwMEASXdTAMEACXdTwMEAj62IAME
AFXrSAMEAFXrSgMEAFz5PwMEAoscMDAMAwQHsGCAAwQAsGCCAwQAuefhAwQAwW9P
MAwDBADUV8UDBAPUV8ADBALUc2QDBAHZEtADBADZEtMwDQYJKoZIhvcNAQELBQAD
ggEBAHWtoMqBBRyQR3bmaiy6tMnYVGX5qn701xaOrCbSCou30U+0pxCQlzF0iGjy
hxqiNVo1LidpyPPOjT4TSalwXjC00jvLbDwxH+QJyTFzm+0nRHHv8oZK8pXhvpQw
z2e83A+zXOY/nv1UUlHdOe1ZVLkyTEM1sW+HmUUOVp7ygE1p1ie9ZEnmao2qtwmJ
a1hmCWibd9gKp0+/91xT5RWlmY4sd54foMxliN3r23dVLfWJ/ZCiVgf1zOxUY766
Pr05AvtU32LKfDztmt9Esp0wsq6bVPevDHjK1BmGDfIRb1oc/sPcU7zuZ5EyHbQP
Z+b39a9NgN5r/ZEBwBeOef6dM7U=
-----END CERTIFICATE-----
Generated at Mon Jul 21 19:12:09 2025 by rpki-client