Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: jFGOV16nOwhIpOooiHj033GLcWgxVNHIeOffL3c9HXE=
Subject key identifier: 5A:EB:FE:F4:92:85:08:4E:2B:AC:57:CB:21:0E:DB:5D:F4:F1:3D:F5
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 66707B42BC414614C319F897CB0F65C1895F933D
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
Signing time: Sun 12 Apr 2026 11:17:22 +0000
ROA not before: Sun 12 Apr 2026 11:12:22 +0000
ROA not after: Sun 11 Apr 2027 11:17:22 +0000
asID: 48678
IP address blocks: 31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
141.98.48.0/24 maxlen: 24
141.98.112.0/24 maxlen: 24
141.98.113.0/24 maxlen: 24
141.98.114.0/24 maxlen: 24
141.98.115.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:70:7b:42:bc:41:46:14:c3:19:f8:97:cb:0f:65:c1:89:5f:93:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Apr 12 11:12:22 2026 GMT
Not After : Apr 11 11:17:22 2027 GMT
Subject: CN=5AEBFEF49285084E2BAC57CB210EDB5DF4F13DF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a7:76:08:db:88:f1:fa:42:81:07:81:8c:2d:
ce:ae:ba:c0:a6:ce:3e:b6:76:04:c6:f9:85:78:ef:
ce:67:48:32:d5:c5:98:cf:bc:6a:ef:b7:80:a0:37:
59:0a:9e:39:76:13:07:0f:73:1a:17:9e:7a:84:fd:
4a:70:41:ee:5f:85:e2:64:aa:5b:b1:f0:6e:20:62:
be:20:ce:71:5a:36:4c:16:42:67:6c:78:d3:70:84:
0b:ea:64:d9:1d:c9:e4:57:f3:ed:7d:0c:53:5b:40:
10:7c:08:52:e4:52:0a:96:e5:9f:0a:a0:9f:6f:70:
0f:04:c9:73:1e:89:4e:2a:63:ae:ef:58:39:41:4e:
08:06:d2:28:cd:19:86:45:f7:fc:23:7d:62:a9:63:
4a:d2:cb:aa:c5:15:e0:5d:47:e5:52:10:34:11:84:
ca:3e:f5:99:1f:be:92:a5:d8:46:5e:70:c5:4d:e7:
47:85:5b:03:41:ea:24:64:8f:58:92:16:12:58:18:
b8:56:8e:4d:13:9e:fa:01:48:bd:d8:90:12:24:e0:
f8:38:24:08:9f:63:fd:b8:07:75:42:1b:13:ce:da:
da:77:32:c3:5c:45:fe:6b:ec:f6:b9:3a:6d:cf:13:
c8:5e:37:2e:79:4e:13:b4:d4:a0:c9:8c:f8:aa:ec:
10:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:EB:FE:F4:92:85:08:4E:2B:AC:57:CB:21:0E:DB:5D:F4:F1:3D:F5
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.197.0/24
31.40.199.0/24
31.40.205.0/24
31.40.207.0/24
85.235.72.0-85.235.74.255
141.98.48.0/24
141.98.112.0/22
176.96.128.0/24
176.96.130.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5c:66:80:b2:10:45:64:10:4b:18:fc:0a:84:b8:ba:15:3f:
ac:70:a3:41:81:ab:28:f2:03:47:40:a2:fb:33:96:b4:77:34:
30:70:6e:d0:8c:90:b4:08:e6:3f:5b:46:57:ac:da:30:67:34:
ae:c5:66:92:f2:3b:81:20:d5:0a:40:d7:b1:63:99:32:56:ea:
c1:13:d2:01:f0:b8:31:71:fd:81:02:5c:34:89:fa:ba:f4:4a:
13:a4:31:b0:af:aa:27:b0:01:66:65:b2:97:0a:b0:df:75:41:
9c:a7:fc:e3:cd:d3:97:bd:75:d2:2d:6a:06:c0:18:aa:4d:44:
e4:55:a2:5e:c6:c9:93:20:c5:9e:8c:48:ed:b1:fc:85:64:89:
aa:d5:58:5d:8f:63:ef:22:3a:8e:2e:df:0a:83:7c:66:49:3d:
f8:c0:c2:18:aa:40:aa:10:60:93:00:0c:59:ff:8b:b5:56:7c:
7a:e9:66:3c:e4:25:b0:0c:1f:1d:70:a7:f4:62:19:61:55:a7:
9b:7e:aa:ac:99:07:18:d2:58:4f:cc:9c:04:72:12:4c:9d:a3:
ee:d0:bc:97:13:c2:7d:dd:ba:71:d7:6a:ca:9a:c1:44:8e:99:
ca:b3:3e:3f:1a:92:ae:05:9f:0d:19:59:3d:bb:56:3d:b9:64:
19:fb:96:1b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUZnB7QrxBRhTDGfiXyw9lwYlfkz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA0MTIxMTEyMjJaFw0yNzA0MTExMTE3MjJaMDMxMTAvBgNV
BAMTKDVBRUJGRUY0OTI4NTA4NEUyQkFDNTdDQjIxMEVEQjVERjRGMTNERjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6p3YI24jx+kKBB4GMLc6uusCm
zj62dgTG+YV4785nSDLVxZjPvGrvt4CgN1kKnjl2EwcPcxoXnnqE/UpwQe5fheJk
qlux8G4gYr4gznFaNkwWQmdseNNwhAvqZNkdyeRX8+19DFNbQBB8CFLkUgqW5Z8K
oJ9vcA8EyXMeiU4qY67vWDlBTggG0ijNGYZF9/wjfWKpY0rSy6rFFeBdR+VSEDQR
hMo+9ZkfvpKl2EZecMVN50eFWwNB6iRkj1iSFhJYGLhWjk0TnvoBSL3YkBIk4Pg4
JAifY/24B3VCGxPO2tp3MsNcRf5r7Pa5Om3PE8heNy55ThO01KDJjPiq7BA3AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUWuv+9JKFCE4rrFfLIQ7bXfTxPfUwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBAAfKMUD
BAAfKMcDBAAfKM0DBAAfKM8wDAMEA1XrSAMEAFXrSgMEAI1iMAMEAo1icAMEALBg
gAMEALBgggMEAMFvTwMEAdkS0AMEANkS0zANBgkqhkiG9w0BAQsFAAOCAQEAjFxm
gLIQRWQQSxj8CoS4uhU/rHCjQYGrKPIDR0Ci+zOWtHc0MHBu0IyQtAjmP1tGV6za
MGc0rsVmkvI7gSDVCkDXsWOZMlbqwRPSAfC4MXH9gQJcNIn6uvRKE6QxsK+qJ7AB
ZmWylwqw33VBnKf8483Tl7110i1qBsAYqk1E5FWiXsbJkyDFnoxI7bH8hWSJqtVY
XY9j7yI6ji7fCoN8Zkk9+MDCGKpAqhBgkwAMWf+LtVZ8eulmPOQlsAwfHXCn9GIZ
YVWnm36qrJkHGNJYT8ycBHISTJ2j7tC8lxPCfd26cddqyprBRI6ZyrM+PxqSrgWf
DRlZPbtWPblkGfuWGw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:43:51 2026 by rpki-client