Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: U+TmELw9WsaT7grQ9CubkBnuqRvOWjhVCE0rSgyDjhc=
Subject key identifier: 72:8D:24:5A:44:CC:FA:3E:B7:B7:04:0F:AF:27:38:B3:2A:0E:73:D6
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 4EC2163EC19C799111A8E5B6733C2155ED747AF2
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
Signing time: Tue 17 Feb 2026 12:01:31 +0000
ROA not before: Tue 17 Feb 2026 11:56:31 +0000
ROA not after: Tue 16 Feb 2027 12:01:31 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
141.98.48.0/24 maxlen: 24
141.98.112.0/24 maxlen: 24
141.98.113.0/24 maxlen: 24
141.98.114.0/24 maxlen: 24
141.98.115.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c2:16:3e:c1:9c:79:91:11:a8:e5:b6:73:3c:21:55:ed:74:7a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Feb 17 11:56:31 2026 GMT
Not After : Feb 16 12:01:31 2027 GMT
Subject: CN=728D245A44CCFA3EB7B7040FAF2738B32A0E73D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:00:b0:2e:69:4c:86:cf:58:de:c3:83:22:82:
c9:36:08:08:78:51:67:17:6f:47:38:46:0f:6c:fa:
c6:0a:c7:76:c3:d8:dd:89:a3:0e:c2:bf:7a:27:7b:
02:da:9d:a1:95:90:f4:fd:a4:7f:33:79:f0:e3:59:
a4:3f:58:45:57:23:cf:d1:31:bf:1c:cb:b8:34:05:
84:03:b1:ac:a6:31:24:c6:55:4a:66:c3:b4:8a:e2:
26:b1:0d:f4:94:9f:1e:93:98:c9:f4:7b:da:14:7a:
93:95:a3:ed:e7:c4:bc:03:fb:87:37:f5:2a:ec:a6:
77:df:ec:de:60:55:3f:3c:bd:0f:bf:a0:95:65:e9:
5d:06:7a:ad:24:73:e5:eb:e3:7a:d0:9a:51:68:9f:
af:59:db:52:68:c9:80:78:06:ec:6d:11:1e:cb:8a:
bc:bc:e3:bb:96:b5:43:e8:36:f7:e8:07:c6:5a:97:
6d:24:79:38:65:ca:07:00:b5:89:2c:f1:28:33:51:
b2:e4:a4:78:eb:6e:c1:70:c0:0a:04:1e:b0:97:9e:
9a:df:d6:44:4a:6c:09:17:74:b2:1f:ed:87:de:c8:
e4:ee:52:37:86:d7:2c:15:d1:44:43:61:46:24:99:
73:c1:4d:92:d6:56:ad:27:11:b8:c7:da:9b:8a:48:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8D:24:5A:44:CC:FA:3E:B7:B7:04:0F:AF:27:38:B3:2A:0E:73:D6
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.199.0/24
31.40.205.0/24
31.40.207.0/24
85.235.72.0-85.235.74.255
92.249.62.0/24
141.98.48.0/24
141.98.112.0/22
176.96.128.0/24
176.96.130.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:2c:f6:ba:9b:10:60:8e:64:21:00:36:0c:34:03:d6:65:27:
c6:b1:bc:f7:65:29:ca:8f:80:9c:07:8c:a6:21:31:ba:41:d4:
a1:95:94:81:df:e0:d6:6b:17:56:c8:50:a3:4d:86:ee:ea:5b:
83:c7:34:08:17:b8:09:82:75:7a:e7:65:ba:ab:be:72:86:3f:
6e:ca:e7:76:7a:4a:70:9f:f5:74:be:86:02:93:4e:5a:63:69:
d5:ac:8a:7c:75:9b:c7:80:94:c1:42:bd:77:ba:ef:c0:86:ea:
9c:aa:4c:d5:40:33:fc:e2:44:2d:58:a1:ed:a7:35:a8:54:73:
1a:0c:2d:29:ea:9c:2d:ed:b3:5d:c0:f9:fd:04:41:f2:e4:62:
e3:f8:03:48:13:a3:90:5a:50:64:43:97:36:e3:11:ff:f3:bc:
65:b7:02:48:d3:c6:80:71:f9:55:76:eb:8b:cf:5d:4e:3f:99:
f1:51:e5:eb:41:15:db:d8:c7:61:cf:be:35:25:e7:ce:39:e2:
bb:63:00:f6:11:e9:32:9e:f5:d8:06:50:2d:23:d9:5f:79:4e:
79:80:b2:35:d8:da:10:a5:b9:15:29:d7:ae:17:1b:49:ae:49:
89:b3:03:db:7c:c9:30:29:95:b4:5f:bc:d9:78:65:63:24:8d:
0b:2b:64:e8
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUTsIWPsGceZERqOW2czwhVe10evIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAyMTcxMTU2MzFaFw0yNzAyMTYxMjAxMzFaMDMxMTAvBgNV
BAMTKDcyOEQyNDVBNDRDQ0ZBM0VCN0I3MDQwRkFGMjczOEIzMkEwRTczRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpALAuaUyGz1jew4Migsk2CAh4
UWcXb0c4Rg9s+sYKx3bD2N2Jow7Cv3onewLanaGVkPT9pH8zefDjWaQ/WEVXI8/R
Mb8cy7g0BYQDsaymMSTGVUpmw7SK4iaxDfSUnx6TmMn0e9oUepOVo+3nxLwD+4c3
9Srspnff7N5gVT88vQ+/oJVl6V0Geq0kc+Xr43rQmlFon69Z21JoyYB4BuxtER7L
iry847uWtUPoNvfoB8Zal20keThlygcAtYks8SgzUbLkpHjrbsFwwAoEHrCXnprf
1kRKbAkXdLIf7YfeyOTuUjeG1ywV0URDYUYkmXPBTZLWVq0nEbjH2puKSKqRAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQUco0kWkTM+j63twQPryc4syoOc9YwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwewYIKwYBBQUHAQcBAf8EbDBqMGgEAgABMGIDBAAFhWUD
BAAfKMUDBAAfKMcDBAAfKM0DBAAfKM8wDAMEA1XrSAMEAFXrSgMEAFz5PgMEAI1i
MAMEAo1icAMEALBggAMEALBgggMEAMFvTAMEAMFvTwMEAdkS0AMEANkS0zANBgkq
hkiG9w0BAQsFAAOCAQEAoiz2upsQYI5kIQA2DDQD1mUnxrG892Upyo+AnAeMpiEx
ukHUoZWUgd/g1msXVshQo02G7upbg8c0CBe4CYJ1eudluqu+coY/bsrndnpKcJ/1
dL6GApNOWmNp1ayKfHWbx4CUwUK9d7rvwIbqnKpM1UAz/OJELVih7ac1qFRzGgwt
KeqcLe2zXcD5/QRB8uRi4/gDSBOjkFpQZEOXNuMR//O8ZbcCSNPGgHH5VXbri89d
Tj+Z8VHl60EV29jHYc++NSXnzjniu2MA9hHpMp712AZQLSPZX3lOeYCyNdjaEKW5
FSnXrhcbSa5JibMD23zJMCmVtF+82XhlYySNCytk6A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:21:43 2026 by rpki-client