Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: v5Fq0CT4AbWftTxM+DL6cMn7e4usS1QmE4TZEp/3C8A=
Subject key identifier: B8:32:E9:C3:DF:0D:72:F1:0C:37:BD:DF:38:4A:45:2E:E2:50:D1:CC
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 2A139774A007DE3E579906C7CFE066E5FCC5D494
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
Signing time: Thu 11 Jun 2026 18:51:06 +0000
ROA not before: Thu 11 Jun 2026 18:46:06 +0000
ROA not after: Thu 10 Jun 2027 18:51:06 +0000
asID: 48678
IP address blocks: 31.40.199.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
141.98.48.0/24 maxlen: 24
141.98.112.0/24 maxlen: 24
141.98.113.0/24 maxlen: 24
141.98.114.0/24 maxlen: 24
141.98.115.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:13:97:74:a0:07:de:3e:57:99:06:c7:cf:e0:66:e5:fc:c5:d4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Jun 11 18:46:06 2026 GMT
Not After : Jun 10 18:51:06 2027 GMT
Subject: CN=B832E9C3DF0D72F10C37BDDF384A452EE250D1CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:9a:f3:a6:48:8a:f0:a7:e7:3a:92:e4:47:
63:77:7a:c9:b3:e0:00:17:dd:01:aa:6d:5e:d4:b7:
96:d7:7f:3c:26:ca:8e:66:ec:54:f4:63:f2:90:e9:
f2:2f:35:a6:90:2b:f1:7e:89:9f:7b:a9:22:8f:e9:
94:1e:94:4c:82:ec:64:d9:6e:ed:e6:9b:a7:e8:98:
33:ea:23:f3:cf:4c:3e:3a:3c:df:dd:7c:31:ac:0d:
03:5e:eb:7f:86:47:c2:18:57:d8:8b:3b:01:d4:c9:
a9:66:df:a0:f5:74:9b:b8:3b:30:1a:20:bf:89:24:
3b:a8:e6:5d:6d:2a:77:50:54:4b:d0:8c:07:58:6e:
dc:e6:d1:c9:d7:0e:f1:07:3b:be:2f:4e:d9:d3:aa:
94:1f:b2:c9:0e:76:e8:fe:a0:0c:9d:99:46:20:b1:
f6:ca:f1:cf:32:2f:d9:4a:be:e7:49:16:69:b7:76:
21:33:7a:3f:c2:00:1b:34:2e:15:af:23:97:4d:79:
b8:2e:27:70:c4:85:0b:87:6f:a4:76:d5:94:a6:68:
cc:84:ec:39:c8:b1:28:53:59:c9:26:3f:ee:55:a8:
7d:bf:57:5c:be:da:f6:1d:23:4f:fe:e1:12:e5:cd:
3a:4f:29:5e:1d:73:ef:5c:81:bf:14:49:ee:d5:0c:
90:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:32:E9:C3:DF:0D:72:F1:0C:37:BD:DF:38:4A:45:2E:E2:50:D1:CC
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.199.0/24
85.235.72.0/24
141.98.48.0/24
141.98.112.0/22
176.96.130.0/24
217.18.209.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:42:99:ef:ee:84:2d:74:7d:d7:f2:58:d8:ed:41:d6:3b:68:
5c:f6:06:80:b0:26:5a:d9:01:91:ee:f7:65:ff:ef:1f:1e:9d:
37:fc:63:9a:5f:6b:be:d4:6d:32:26:b9:48:4f:5a:5f:96:03:
eb:b0:e2:f0:72:c8:a7:ff:76:27:70:85:a4:40:d8:d3:bb:28:
61:65:cf:25:7c:a9:16:24:ad:a2:68:5f:90:66:01:f5:db:73:
84:b5:76:63:e8:ff:2a:d7:0c:93:2e:e9:6e:a8:a7:40:12:7a:
94:40:8c:8b:f5:63:f8:51:b6:49:68:c6:73:e0:de:4a:82:61:
06:08:09:92:a7:23:24:f6:90:87:19:9f:2a:59:08:a9:c8:b2:
86:ff:d8:e4:0e:57:5e:6c:b1:db:1d:fa:19:d7:97:1c:7c:73:
84:70:f7:ee:94:2f:7c:48:3e:e5:af:1c:77:81:46:a1:81:c1:
c9:46:13:42:94:49:98:bc:f0:d5:8f:8d:6d:68:61:e2:79:97:
74:db:28:55:18:05:1c:2d:40:d1:d2:17:9c:15:c6:fa:04:c5:
fe:81:75:6e:7a:29:39:73:90:22:af:92:63:cd:dc:b4:7f:d9:
4e:0d:c5:a6:c2:b6:80:11:6a:d4:03:27:77:4b:10:85:50:5e:
c1:7c:4e:6d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUKhOXdKAH3j5XmQbHz+Bm5fzF1JQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA2MTExODQ2MDZaFw0yNzA2MTAxODUxMDZaMDMxMTAvBgNV
BAMTKEI4MzJFOUMzREYwRDcyRjEwQzM3QkRERjM4NEE0NTJFRTI1MEQxQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEpprzpkiK8KfnOpLkR2N3esmz
4AAX3QGqbV7Ut5bXfzwmyo5m7FT0Y/KQ6fIvNaaQK/F+iZ97qSKP6ZQelEyC7GTZ
bu3mm6fomDPqI/PPTD46PN/dfDGsDQNe63+GR8IYV9iLOwHUyalm36D1dJu4OzAa
IL+JJDuo5l1tKndQVEvQjAdYbtzm0cnXDvEHO74vTtnTqpQfsskOduj+oAydmUYg
sfbK8c8yL9lKvudJFmm3diEzej/CABs0LhWvI5dNebguJ3DEhQuHb6R21ZSmaMyE
7DnIsShTWckmP+5VqH2/V1y+2vYdI0/+4RLlzTpPKV4dc+9cgb8USe7VDJBZAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUuDLpw98NcvEMN73fOEpFLuJQ0cwwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAAfKMcD
BABV60gDBACNYjADBAKNYnADBACwYIIDBADZEtEDBADZEtMwDQYJKoZIhvcNAQEL
BQADggEBAIxCme/uhC10fdfyWNjtQdY7aFz2BoCwJlrZAZHu92X/7x8enTf8Y5pf
a77UbTImuUhPWl+WA+uw4vByyKf/didwhaRA2NO7KGFlzyV8qRYkraJoX5BmAfXb
c4S1dmPo/yrXDJMu6W6op0ASepRAjIv1Y/hRtkloxnPg3kqCYQYICZKnIyT2kIcZ
nypZCKnIsob/2OQOV15ssdsd+hnXlxx8c4Rw9+6UL3xIPuWvHHeBRqGBwclGE0KU
SZi88NWPjW1oYeJ5l3TbKFUYBRwtQNHSF5wVxvoExf6BdW56KTlzkCKvkmPN3LR/
2U4NxabCtoARatQDJ3dLEIVQXsF8Tm0=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:49 2026 by rpki-client