Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
File: AS48678.roa (raw, json)
Hash identifier: mWTOCCfaVpDtAFIZzMLaT2JnEjjeMGPUWQaZHgZlGyI=
Subject key identifier: 4C:CD:F5:3D:75:0C:5F:71:06:32:D5:4E:5D:4E:81:2D:A1:83:88:A5
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 4E663E5AFF09897767D168AB1CEB1B8B86E6735E
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
Signing time: Tue 22 Apr 2025 08:00:10 +0000
ROA not before: Tue 22 Apr 2025 07:55:10 +0000
ROA not after: Tue 21 Apr 2026 08:00:10 +0000
asID: 48678
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.199.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:66:3e:5a:ff:09:89:77:67:d1:68:ab:1c:eb:1b:8b:86:e6:73:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 22 07:55:10 2025 GMT
Not After : Apr 21 08:00:10 2026 GMT
Subject: CN=4CCDF53D750C5F710632D54E5D4E812DA18388A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:8f:fb:d1:aa:93:33:bf:35:74:39:86:1b:
22:37:8d:36:ec:7c:56:a1:bf:3f:f8:c8:ca:84:9e:
35:94:c2:ef:74:0a:c1:0e:e1:25:be:c2:a6:57:3d:
6e:0e:a4:36:ba:78:5d:44:3f:3f:e3:07:1a:01:0a:
10:f3:e5:b0:b3:a3:66:cc:1b:05:a1:62:46:44:9f:
32:17:a9:68:1d:8f:b4:02:fb:ef:96:4a:33:3a:50:
92:45:e1:fa:11:64:26:37:ff:2e:f3:c1:9d:7d:90:
95:bb:60:8f:e5:e9:f9:40:6c:bd:ee:26:2e:e1:5c:
13:c5:d2:b9:58:a9:d4:a6:3b:82:01:7b:18:e8:53:
f5:7b:08:51:0b:4a:78:91:77:73:b6:3a:b6:4a:ea:
5c:d6:be:4f:39:fd:92:22:17:4c:6d:f1:9e:50:ab:
1b:b8:04:be:13:96:cb:6f:f1:28:5f:b0:bf:dd:f9:
d8:70:4c:bb:57:68:2a:bb:8b:bb:6b:03:40:ba:e8:
0d:b6:08:ea:68:4b:52:c7:39:ea:68:89:3a:07:e4:
4d:13:0f:e1:e9:4d:5c:63:dc:41:e3:df:09:93:bd:
f6:15:4d:fe:b7:f1:ef:f0:2e:45:45:d2:72:f9:02:
a4:d8:db:4a:85:e9:99:e8:1a:4d:76:93:0a:e4:67:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CD:F5:3D:75:0C:5F:71:06:32:D5:4E:5D:4E:81:2D:A1:83:88:A5
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS48678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.199.0/24
31.40.204.0/23
31.40.207.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0/24
176.96.130.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/23
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
84:25:3c:c0:7f:25:8f:63:26:08:b5:3b:35:f9:6e:b7:c3:a4:
53:fe:c4:da:db:02:3e:47:93:1b:86:8e:77:db:e0:2c:c9:e7:
0c:c7:8f:a6:d2:f1:c6:ae:f3:b3:29:cf:f0:ad:9e:73:12:d4:
2c:09:c6:19:f5:45:c7:f6:9a:f4:a4:e7:7a:fa:e6:bf:1f:0d:
df:51:37:0d:50:67:9d:da:77:b8:36:6c:a7:05:0e:54:0c:28:
a6:7b:20:04:8b:42:b0:65:8d:36:f7:aa:50:59:64:27:8e:cf:
35:f5:06:a9:1a:4a:42:70:76:ca:98:7e:01:f7:68:c9:5c:fc:
0d:f4:89:08:58:a8:71:d1:6c:4b:a6:2c:a1:19:14:d6:ab:46:
2e:ff:ff:9b:aa:e0:c9:dc:cc:ea:05:03:8a:96:e4:a8:4d:9c:
bb:4b:67:17:65:6c:ec:60:bd:9c:e0:46:32:57:7f:63:1c:a5:
34:9a:3b:e4:86:8e:f2:1d:3b:b0:c3:12:90:f7:4c:3f:a0:54:
7c:9d:5c:d7:7f:48:6a:57:20:0c:45:11:1a:13:2b:ee:7f:6b:
2b:cd:84:21:ae:1a:00:fc:c1:82:99:9d:96:b8:fe:d1:12:29:
85:59:8a:47:c5:2e:4b:2b:68:a3:b8:8c:cf:b5:91:b5:b8:58:
71:33:bd:1b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUTmY+Wv8JiXdn0WirHOsbi4bmc14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MjIwNzU1MTBaFw0yNjA0MjEwODAwMTBaMDMxMTAvBgNV
BAMTKDRDQ0RGNTNENzUwQzVGNzEwNjMyRDU0RTVENEU4MTJEQTE4Mzg4QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYHo/70aqTM781dDmGGyI3jTbs
fFahvz/4yMqEnjWUwu90CsEO4SW+wqZXPW4OpDa6eF1EPz/jBxoBChDz5bCzo2bM
GwWhYkZEnzIXqWgdj7QC+++WSjM6UJJF4foRZCY3/y7zwZ19kJW7YI/l6flAbL3u
Ji7hXBPF0rlYqdSmO4IBexjoU/V7CFELSniRd3O2OrZK6lzWvk85/ZIiF0xt8Z5Q
qxu4BL4Tlstv8ShfsL/d+dhwTLtXaCq7i7trA0C66A22COpoS1LHOepoiToH5E0T
D+HpTVxj3EHj3wmTvfYVTf638e/wLkVF0nL5AqTY20qF6ZnoGk12kwrkZ8KPAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUTM31PXUMX3EGMtVOXU6BLaGDiKUwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNDg2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBAAFhWUD
BAEfKMQDBAAfKMcDBAEfKMwDBAAfKM8wDAMEA1XrSAMEAFXrSgMEAVz5PgMEALBg
gAMEALBgggMEAMFvTAMEAMFvTwMEAdkS0AMEANkS0zANBgkqhkiG9w0BAQsFAAOC
AQEAhCU8wH8lj2MmCLU7Nflut8OkU/7E2tsCPkeTG4aOd9vgLMnnDMePptLxxq7z
synP8K2ecxLULAnGGfVFx/aa9KTnevrmvx8N31E3DVBnndp3uDZspwUOVAwopnsg
BItCsGWNNveqUFlkJ47PNfUGqRpKQnB2yph+AfdoyVz8DfSJCFiocdFsS6YsoRkU
1qtGLv//m6rgydzM6gUDipbkqE2cu0tnF2Vs7GC9nOBGMld/YxylNJo75IaO8h07
sMMSkPdMP6BUfJ1c139IalcgDEURGhMr7n9rK82EIa4aAPzBgpmdlrj+0RIphVmK
R8UuSytoo7iMz7WRtbhYcTO9Gw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:13:30 2025 by rpki-client