Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: XCOt268g7NRHi1Afpk4Zv6kp6GzK46sevioKVWB/N0I=
Subject key identifier: 55:1A:DA:D0:FB:59:06:60:0C:D8:D8:05:73:6E:C0:B1:94:44:09:C8
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 08A976375C71159EA3F517C0839D5EEC3B29B2B3
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Fri 30 May 2025 07:44:26 +0000
ROA not before: Fri 30 May 2025 07:39:26 +0000
ROA not after: Fri 29 May 2026 07:44:26 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 01:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a9:76:37:5c:71:15:9e:a3:f5:17:c0:83:9d:5e:ec:3b:29:b2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: May 30 07:39:26 2025 GMT
Not After : May 29 07:44:26 2026 GMT
Subject: CN=551ADAD0FB5906600CD8D805736EC0B1944409C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a2:11:7b:f2:bf:04:0b:1a:5f:f3:d1:8c:5e:
db:e4:c0:92:fc:bd:25:c3:01:13:10:5e:50:87:03:
4c:7f:75:17:c5:06:4d:49:63:cc:30:48:3f:74:67:
1d:2e:5c:c3:82:58:35:63:7f:b3:b7:13:71:e8:79:
55:35:a5:2f:0c:28:e6:95:9c:8f:fe:4f:79:77:ca:
61:78:c8:ab:91:57:71:aa:7a:c2:1e:9c:50:2d:9c:
09:1f:7a:c5:65:34:41:b3:a8:de:5c:c8:ae:16:ef:
35:ba:f5:5a:ae:3f:63:60:84:55:4d:c3:d8:4c:36:
01:0f:59:74:0f:c6:e3:bd:d7:11:43:23:d5:9c:9b:
0e:f2:58:a2:f8:93:9a:d1:c0:2b:72:fe:bb:b2:30:
fa:e3:ab:8a:aa:7d:a4:71:d6:a8:46:8c:76:cd:b8:
e3:e8:90:f0:a2:a5:03:05:a2:77:a2:41:43:c3:10:
f2:27:fc:51:66:4a:37:57:8f:0b:db:83:fc:90:91:
2a:0f:20:56:a2:f9:c6:d0:f3:d7:f7:ce:17:f6:4a:
8a:3c:03:fa:4f:6a:c8:f7:1f:61:88:13:49:87:3c:
3f:c0:36:e4:1a:54:71:b5:53:f1:c6:76:a2:35:55:
f0:f0:a5:8b:43:1d:20:1b:49:2d:27:a9:3a:fa:bc:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:1A:DA:D0:FB:59:06:60:0C:D8:D8:05:73:6E:C0:B1:94:44:09:C8
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/24
31.40.199.0/24
31.40.205.0/24
31.40.207.0/24
85.235.72.0-85.235.74.255
92.249.62.0/24
176.96.128.0/23
185.231.225.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
28:57:63:7b:23:17:b0:0d:46:7e:5d:83:23:b3:0c:28:54:58:
ec:d8:b6:c2:24:6d:ce:93:fb:da:35:b6:8d:bf:19:8a:65:69:
06:aa:fe:b9:7d:59:98:8a:25:ad:72:b6:a1:41:b9:cf:6b:43:
b2:05:05:df:85:61:b8:d1:11:b4:81:0d:3e:78:fb:99:0c:4d:
36:86:ce:97:a3:2f:70:7f:52:c6:73:99:7c:8c:82:f2:21:06:
77:b1:6d:14:b8:37:63:63:37:21:b9:b3:10:e4:5f:fc:4a:17:
10:03:32:93:8a:14:9c:e0:86:2b:cb:bd:94:24:50:e6:13:6c:
1f:78:87:82:a5:f4:04:ba:5b:98:ab:a4:82:55:2e:59:cc:5f:
dd:15:24:a5:f3:39:74:41:7b:ef:8e:0e:dc:1f:fb:c0:7d:c6:
34:12:44:f5:0e:df:f2:3c:73:06:6c:54:ac:5b:de:5d:55:e3:
59:7e:80:da:6c:7e:a7:c8:4f:5d:9b:ab:3a:a2:80:ca:6d:67:
6d:8d:12:99:35:47:34:74:b1:6a:50:95:18:d0:09:fd:f7:98:
39:59:84:85:d1:e7:bd:f6:a0:3f:fd:bc:f0:d4:7b:c2:5d:81:
08:de:56:52:90:09:4f:6d:d3:ce:b3:99:8a:55:f2:e1:07:53:
e3:e6:80:7a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIUCKl2N1xxFZ6j9RfAg51e7DspsrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA1MzAwNzM5MjZaFw0yNjA1MjkwNzQ0MjZaMDMxMTAvBgNV
BAMTKDU1MUFEQUQwRkI1OTA2NjAwQ0Q4RDgwNTczNkVDMEIxOTQ0NDA5QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRohF78r8ECxpf89GMXtvkwJL8
vSXDARMQXlCHA0x/dRfFBk1JY8wwSD90Zx0uXMOCWDVjf7O3E3HoeVU1pS8MKOaV
nI/+T3l3ymF4yKuRV3GqesIenFAtnAkfesVlNEGzqN5cyK4W7zW69VquP2NghFVN
w9hMNgEPWXQPxuO91xFDI9Wcmw7yWKL4k5rRwCty/ruyMPrjq4qqfaRx1qhGjHbN
uOPokPCipQMFoneiQUPDEPIn/FFmSjdXjwvbg/yQkSoPIFai+cbQ89f3zhf2Soo8
A/pPasj3H2GIE0mHPD/ANuQaVHG1U/HGdqI1VfDwpYtDHSAbSS0nqTr6vPAnAgMB
AAGjggJhMIICXTAdBgNVHQ4EFgQUVRra0PtZBmAM2NgFc27AsZRECcgwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdwYIKwYBBQUHAQcBAf8EaDBmMGQEAgABMF4DBAAFhWUD
BAAfKMQDBAAfKMcDBAAfKM0DBAAfKM8wDAMEA1XrSAMEAFXrSgMEAFz5PgMEAbBg
gAMEALnn4QMEAMFvTzAMAwQA1FfFAwQD1FfAAwQB2RLQAwQA2RLTMA0GCSqGSIb3
DQEBCwUAA4IBAQAoV2N7IxewDUZ+XYMjswwoVFjs2LbCJG3Ok/vaNbaNvxmKZWkG
qv65fVmYiiWtcrahQbnPa0OyBQXfhWG40RG0gQ0+ePuZDE02hs6Xoy9wf1LGc5l8
jILyIQZ3sW0UuDdjYzchubMQ5F/8ShcQAzKTihSc4IYry72UJFDmE2wfeIeCpfQE
uluYq6SCVS5ZzF/dFSSl8zl0QXvvjg7cH/vAfcY0EkT1Dt/yPHMGbFSsW95dVeNZ
foDabH6nyE9dm6s6ooDKbWdtjRKZNUc0dLFqUJUY0An995g5WYSF0ee99qA//bzw
1HvCXYEI3lZSkAlPbdPOs5mKVfLhB1Pj5oB6
-----END CERTIFICATE-----
Generated at Fri Jun 6 11:55:12 2025 by rpki-client