Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: DfuJDai8I63wWe10eGhk263g4dJw/eLfZD/9v5CSU/8=
Subject key identifier: 88:16:73:B0:79:FA:AB:E8:B3:D4:29:15:1F:26:24:3C:E7:22:CB:94
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 6F818D5C22E1EC347389B110DA294C619B5A50DF
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Mon 07 Apr 2025 09:48:09 +0000
ROA not before: Mon 07 Apr 2025 09:43:09 +0000
ROA not after: Mon 06 Apr 2026 09:48:09 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 14:58:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:81:8d:5c:22:e1:ec:34:73:89:b1:10:da:29:4c:61:9b:5a:50:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 7 09:43:09 2025 GMT
Not After : Apr 6 09:48:09 2026 GMT
Subject: CN=881673B079FAABE8B3D429151F26243CE722CB94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:f2:9b:07:99:1d:a4:4e:1d:61:aa:07:8d:
c9:07:52:55:e7:04:ee:9b:b1:6f:d9:99:1b:fd:b7:
8f:34:ed:f2:7d:f7:a0:6f:60:59:ac:27:86:7f:ac:
2b:ac:33:db:24:09:0e:e0:6e:ac:41:c3:28:5d:b9:
ee:96:7b:41:0d:b3:1f:06:19:5b:ab:e1:f1:ee:be:
63:f4:70:e0:36:35:a4:76:53:d5:35:b2:8d:ec:46:
5d:51:96:57:0a:62:95:e7:e2:34:7d:b4:0e:47:a7:
84:ae:24:ed:53:7b:3a:cd:82:93:b3:c9:7c:e7:aa:
9b:2b:4f:fb:0c:f5:a9:f9:7b:20:de:da:ca:c0:56:
2c:2c:73:11:f8:47:db:86:60:8d:f7:05:bc:e2:5c:
6c:2a:cc:0c:f6:7b:67:6e:3e:02:60:b0:f8:09:e5:
de:01:e6:fb:de:26:ec:05:7b:35:1e:d8:64:af:6d:
46:d4:47:60:aa:b6:d1:fb:2f:46:81:39:07:97:6d:
6e:bc:2b:51:0a:33:44:05:48:69:5a:6b:3a:12:22:
b3:d9:d1:4a:d1:4d:25:a0:1e:4f:d4:cb:c5:d4:49:
8f:3f:4b:98:61:ac:57:9c:32:05:02:0a:40:6d:c5:
eb:53:63:da:a0:3c:22:8d:42:75:d3:0d:43:0e:69:
39:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:16:73:B0:79:FA:AB:E8:B3:D4:29:15:1F:26:24:3C:E7:22:CB:94
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
37.221.76.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0/24
176.96.130.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:93:cd:e5:e3:ef:da:e5:d2:40:15:99:cc:c1:47:eb:c5:56:
4e:50:ac:6e:e7:59:ca:d9:ea:f9:42:47:f8:60:47:e2:d9:3a:
5e:00:c7:6a:c1:af:a0:12:b8:2e:f7:df:43:d3:55:97:5f:99:
e2:f1:9c:4e:e7:68:36:42:c3:45:fa:fa:2a:48:1b:ae:50:f6:
9e:e4:f4:09:0e:b6:a6:7c:d3:f8:a9:48:68:0c:31:2e:cd:32:
f2:91:cf:e5:79:21:6b:e6:ef:8e:ff:40:b0:4f:9b:75:f5:19:
ce:d7:b1:3d:47:89:eb:0a:ef:27:84:f9:85:11:29:ad:25:5e:
5c:7a:a1:ab:0a:14:de:a1:b5:b8:fa:cd:d7:5b:5b:24:92:57:
ff:f3:82:1a:cd:b8:0e:58:1c:0a:d4:97:f2:a6:10:f5:91:71:
39:54:9a:5a:d2:ba:77:4d:f1:23:03:58:41:07:7c:a2:9a:7e:
56:41:ce:56:68:4d:37:2b:e8:a8:a2:99:e8:43:7e:f2:8f:5d:
b0:b0:f2:b0:87:71:50:1c:67:0f:66:a4:a4:08:aa:16:5a:5c:
b0:bd:c9:7b:97:2d:55:f6:3b:89:62:bc:cf:68:23:87:2c:61:
71:8e:ec:d6:14:17:97:7a:70:02:41:a5:88:c4:fe:41:05:7d:
2c:86:4b:9f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUb4GNXCLh7DRzibEQ2ilMYZtaUN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MDcwOTQzMDlaFw0yNjA0MDYwOTQ4MDlaMDMxMTAvBgNV
BAMTKDg4MTY3M0IwNzlGQUFCRThCM0Q0MjkxNTFGMjYyNDNDRTcyMkNCOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC01/KbB5kdpE4dYaoHjckHUlXn
BO6bsW/ZmRv9t4807fJ996BvYFmsJ4Z/rCusM9skCQ7gbqxBwyhdue6We0ENsx8G
GVur4fHuvmP0cOA2NaR2U9U1so3sRl1RllcKYpXn4jR9tA5Hp4SuJO1TezrNgpOz
yXznqpsrT/sM9an5eyDe2srAViwscxH4R9uGYI33BbziXGwqzAz2e2duPgJgsPgJ
5d4B5vveJuwFezUe2GSvbUbUR2CqttH7L0aBOQeXbW68K1EKM0QFSGlaazoSIrPZ
0UrRTSWgHk/Uy8XUSY8/S5hhrFecMgUCCkBtxetTY9qgPCKNQnXTDUMOaTm5AgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUiBZzsHn6q+iz1CkVHyYkPOciy5QwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwDBAAFhWUD
BAEfKMQDBAAfKMcDBAEfKMwDBAAfKM8DBAAl3UwwDAMEA1XrSAMEAFXrSgMEAVz5
PgMEALBggAMEALBgggMEAMFvTAMEAMFvTwMEAdkS0AMEANkS0zANBgkqhkiG9w0B
AQsFAAOCAQEAs5PN5ePv2uXSQBWZzMFH68VWTlCsbudZytnq+UJH+GBH4tk6XgDH
asGvoBK4LvffQ9NVl1+Z4vGcTudoNkLDRfr6KkgbrlD2nuT0CQ62pnzT+KlIaAwx
Ls0y8pHP5Xkha+bvjv9AsE+bdfUZztexPUeJ6wrvJ4T5hREprSVeXHqhqwoU3qG1
uPrN11tbJJJX//OCGs24DlgcCtSX8qYQ9ZFxOVSaWtK6d03xIwNYQQd8opp+VkHO
VmhNNyvoqKKZ6EN+8o9dsLDysIdxUBxnD2akpAiqFlpcsL3Je5ctVfY7iWK8z2gj
hyxhcY7s1hQXl3pwAkGliMT+QQV9LIZLnw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:19:39 2025 by rpki-client