Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: jL3NkV98Jb9Dr5KvqB1ugTyGwToOvmFSfQv+fcr2mhY=
Subject key identifier: 12:CB:E7:55:0E:B2:0A:A2:98:D5:0B:E8:8F:92:EF:6C:87:C3:E9:1A
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 3673E435DFF0754CBDFD948673CFE79D9017D53E
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Wed 11 Jun 2025 07:48:21 +0000
ROA not before: Wed 11 Jun 2025 07:43:21 +0000
ROA not after: Wed 10 Jun 2026 07:48:21 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:73:e4:35:df:f0:75:4c:bd:fd:94:86:73:cf:e7:9d:90:17:d5:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 11 07:43:21 2025 GMT
Not After : Jun 10 07:48:21 2026 GMT
Subject: CN=12CBE7550EB20AA298D50BE88F92EF6C87C3E91A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:61:48:86:56:38:d0:1b:a9:19:95:00:8c:5c:
f8:5d:c4:88:51:1e:a8:a3:7e:25:1b:20:85:33:6f:
9c:d5:6a:bc:e0:13:28:e9:29:98:1f:f8:46:a0:62:
60:43:a5:2d:1e:ef:bd:fa:05:87:a1:b5:df:d4:5d:
f6:75:03:4c:b6:d1:d3:f7:e8:30:bd:9e:9c:6f:5b:
88:94:24:1a:b5:07:ff:dc:e2:7b:b3:cc:43:a6:34:
50:79:8b:6f:f9:12:58:f4:78:35:fd:c4:18:9d:32:
a0:d2:cd:41:a5:df:5d:e3:f3:b0:16:49:86:c2:47:
16:54:c1:2c:2f:f1:66:18:36:98:c0:41:2e:49:fb:
4a:7c:6e:a5:9b:96:20:ed:f0:95:59:cf:88:6f:40:
bd:ec:c8:ac:9d:fd:f4:ef:6a:79:07:d6:9f:b7:19:
25:cd:81:8d:f2:63:6c:66:36:a8:d2:2a:64:51:4d:
5e:0d:5b:8c:bc:69:4b:cd:92:f1:e6:01:1e:f5:ee:
78:7d:9f:41:0f:56:82:5b:cb:85:a7:5e:24:cf:79:
e0:02:46:59:2e:f0:9f:d8:9d:be:5e:a4:f4:31:68:
c0:c4:49:9d:40:55:c6:de:a0:4c:5b:f5:48:40:7e:
50:71:57:1c:16:3e:f3:2b:ef:a9:3d:e5:ef:16:2d:
64:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CB:E7:55:0E:B2:0A:A2:98:D5:0B:E8:8F:92:EF:6C:87:C3:E9:1A
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
37.221.77.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e4:6e:58:96:41:9b:d8:ec:11:6a:47:92:45:a6:32:dd:2d:
c8:89:e6:3b:12:4f:9d:46:a0:9f:50:e5:1e:0e:c1:94:59:da:
b4:aa:c3:00:3b:9e:13:4c:5f:fc:f0:13:fc:37:6a:bb:07:1b:
c9:79:15:98:37:d2:4a:07:40:a2:96:71:f0:a8:e0:f8:93:ca:
16:81:0a:a8:45:ce:8a:6e:5f:22:be:bf:ce:e1:45:e3:36:d0:
a6:e2:a2:70:d4:42:07:a0:7b:d3:ef:7e:e4:49:16:5f:18:c7:
e3:f9:6e:71:e4:e5:c2:7e:ea:26:eb:20:aa:aa:bb:21:28:e0:
ed:e1:36:96:11:5e:1a:fa:21:6f:d6:56:a7:d8:cf:1b:d3:db:
0b:e1:22:fb:33:ae:77:e3:a0:65:71:98:a8:9a:0b:b4:79:6f:
13:41:c3:d9:be:24:01:43:85:57:2a:11:54:14:b4:73:9b:f0:
17:47:ce:75:01:47:41:b9:aa:e9:e3:32:e8:31:5e:78:15:21:
ce:d7:35:c6:d3:3c:18:9e:eb:e1:aa:b2:2f:4e:9a:65:57:b7:
ce:23:46:aa:ef:6a:f0:1d:2d:f9:cd:64:12:a4:d3:d6:e3:1a:
5e:30:3a:c1:29:75:ac:38:13:fe:e1:76:3c:58:02:15:67:bc:
88:fb:38:dc
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIUNnPkNd/wdUy9/ZSGc8/nnZAX1T4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MTEwNzQzMjFaFw0yNjA2MTAwNzQ4MjFaMDMxMTAvBgNV
BAMTKDEyQ0JFNzU1MEVCMjBBQTI5OEQ1MEJFODhGOTJFRjZDODdDM0U5MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZYUiGVjjQG6kZlQCMXPhdxIhR
HqijfiUbIIUzb5zVarzgEyjpKZgf+EagYmBDpS0e7736BYehtd/UXfZ1A0y20dP3
6DC9npxvW4iUJBq1B//c4nuzzEOmNFB5i2/5Elj0eDX9xBidMqDSzUGl313j87AW
SYbCRxZUwSwv8WYYNpjAQS5J+0p8bqWbliDt8JVZz4hvQL3syKyd/fTvankH1p+3
GSXNgY3yY2xmNqjSKmRRTV4NW4y8aUvNkvHmAR717nh9n0EPVoJby4WnXiTPeeAC
Rlku8J/Ynb5epPQxaMDESZ1AVcbeoExb9UhAflBxVxwWPvMr76k95e8WLWT/AgMB
AAGjggJwMIICbDAdBgNVHQ4EFgQUEsvnVQ6yCqKY1Qvoj5LvbIfD6RowHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYUGCCsGAQUFBwEHAQH/BHYwdDByBAIAATBsAwQABYVl
AwQBHyjEAwQAHyjHAwQBHyjMAwQAHyjPAwQAJd1NMAwDBANV60gDBABV60oDBAFc
+T4wDAMEB7BggAMEALBgggMEALnn4QMEAMFvTzAMAwQA1FfFAwQD1FfAAwQB2RLQ
AwQA2RLTMA0GCSqGSIb3DQEBCwUAA4IBAQB+5G5YlkGb2OwRakeSRaYy3S3IieY7
Ek+dRqCfUOUeDsGUWdq0qsMAO54TTF/88BP8N2q7BxvJeRWYN9JKB0CilnHwqOD4
k8oWgQqoRc6Kbl8ivr/O4UXjNtCm4qJw1EIHoHvT737kSRZfGMfj+W5x5OXCfuom
6yCqqrshKODt4TaWEV4a+iFv1lan2M8b09sL4SL7M65346BlcZiomgu0eW8TQcPZ
viQBQ4VXKhFUFLRzm/AXR851AUdBuarp4zLoMV54FSHO1zXG0zwYnuvhqrIvTppl
V7fOI0aq72rwHS35zWQSpNPW4xpeMDrBKXWsOBP+4XY8WAIVZ7yI+zjc
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:40:54 2025 by rpki-client