Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: FeoM9nGMIAj1TFBszyTLsGQNlSMcvP/+mchGM9JDhxU=
Subject key identifier: 7C:86:B1:E0:C1:25:82:F0:D2:05:7E:8E:CE:45:27:39:38:0F:EB:AE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2433AADF9E22D5F60433EC3B41318E1DFE949DA8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Wed 15 Apr 2026 22:14:48 +0000
ROA not before: Wed 15 Apr 2026 22:09:48 +0000
ROA not after: Wed 14 Apr 2027 22:14:48 +0000
asID: 40676
IP address blocks: 145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
162.141.105.0/24 maxlen: 24
168.222.81.0/24 maxlen: 24
168.222.84.0/24 maxlen: 24
168.222.85.0/24 maxlen: 24
168.222.86.0/24 maxlen: 24
168.222.87.0/24 maxlen: 24
168.222.88.0/24 maxlen: 24
168.222.90.0/24 maxlen: 24
168.222.92.0/24 maxlen: 24
168.222.93.0/24 maxlen: 24
168.222.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:33:aa:df:9e:22:d5:f6:04:33:ec:3b:41:31:8e:1d:fe:94:9d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 15 22:09:48 2026 GMT
Not After : Apr 14 22:14:48 2027 GMT
Subject: CN=7C86B1E0C12582F0D2057E8ECE452739380FEBAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c2:be:62:69:e4:11:25:74:14:a7:63:7a:f4:
37:cd:81:f1:b7:c5:c0:7e:69:b5:0e:7f:25:1a:80:
83:9a:23:63:35:28:87:7a:2f:98:20:42:1c:98:b6:
87:e7:03:98:46:a3:1b:30:75:a4:c2:68:d4:f8:c7:
fb:b2:1d:32:df:7c:17:37:d6:3c:99:4c:13:dc:a0:
eb:fd:16:65:1a:81:8b:65:aa:4d:fe:ce:6d:34:b0:
3f:66:70:10:60:fa:d2:49:c6:93:3b:64:38:b6:f3:
27:8a:0a:8c:ff:d5:ea:6a:94:14:5b:5e:2f:64:7a:
98:46:d7:76:0e:aa:eb:ce:ef:82:07:93:51:8f:9a:
36:f0:ea:7e:35:4c:c1:db:e8:17:e1:35:92:37:2e:
05:16:39:3c:ad:cd:3b:c9:3a:29:8f:52:03:ed:b3:
1d:53:fb:a2:c4:5f:67:80:99:e8:7f:5e:33:f6:1d:
a7:04:6a:e6:25:f7:dd:dd:89:81:22:c5:11:ad:cc:
91:a6:f4:fe:7e:77:f2:5d:5d:65:11:e2:1e:40:ad:
da:47:dd:45:b3:54:8a:83:47:71:e9:fb:a3:16:e7:
ea:c7:48:1e:cd:2e:f0:f2:6f:c2:a0:7d:ed:f6:6f:
1b:55:cf:75:b3:0b:b0:58:a1:2e:1f:2f:89:ef:40:
08:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:86:B1:E0:C1:25:82:F0:D2:05:7E:8E:CE:45:27:39:38:0F:EB:AE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
162.141.105.0/24
168.222.81.0/24
168.222.84.0-168.222.88.255
168.222.90.0/24
168.222.92.0-168.222.94.255
Signature Algorithm: sha256WithRSAEncryption
9b:fe:0e:88:55:af:6e:ee:4c:bf:62:1e:ec:37:72:d0:cb:c4:
d9:51:41:5e:e0:fa:3b:4c:54:23:5b:53:ca:4c:a1:0c:f5:2c:
d5:d7:d6:07:09:be:95:47:b0:69:58:b5:de:8c:56:ac:07:2d:
84:12:7b:3f:ef:59:ad:12:b1:53:ee:a1:c7:a6:85:0c:e5:62:
0a:c7:02:5d:dd:f8:c9:bc:59:7c:cf:0a:79:25:b2:49:f0:90:
2c:ea:14:c4:8a:5c:b6:78:54:a3:7d:f3:7b:b4:3e:13:30:6d:
4e:c3:6b:33:59:49:4d:77:32:73:89:31:7a:a7:e0:50:4e:99:
44:ed:01:5d:64:89:51:1f:b6:0d:9f:4a:60:c0:18:0b:d4:dd:
c6:71:30:a0:ab:40:7b:ee:d6:2b:7e:df:19:77:4a:56:e7:32:
39:12:69:60:2b:b9:53:46:5d:25:e3:38:59:f1:63:53:e6:30:
97:4e:c5:10:3d:85:50:6d:7a:a8:cf:f9:2d:ea:38:d3:a4:d9:
a0:7c:db:5d:8e:ca:03:8d:27:d7:bb:e7:e0:c6:8a:32:4f:40:
ba:a4:f9:c9:7b:68:a6:13:fa:f8:b0:e3:99:2d:ce:20:4e:ed:
33:48:3f:ed:79:ea:f4:b1:e8:4f:b3:9a:b0:2b:38:5c:b3:6b:
66:5c:ea:26
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUJDOq354i1fYEM+w7QTGOHf6UnagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTUyMjA5NDhaFw0yNzA0MTQyMjE0NDhaMDMxMTAvBgNV
BAMTKDdDODZCMUUwQzEyNTgyRjBEMjA1N0U4RUNFNDUyNzM5MzgwRkVCQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKwr5iaeQRJXQUp2N69DfNgfG3
xcB+abUOfyUagIOaI2M1KId6L5ggQhyYtofnA5hGoxswdaTCaNT4x/uyHTLffBc3
1jyZTBPcoOv9FmUagYtlqk3+zm00sD9mcBBg+tJJxpM7ZDi28yeKCoz/1epqlBRb
Xi9kephG13YOquvO74IHk1GPmjbw6n41TMHb6BfhNZI3LgUWOTytzTvJOimPUgPt
sx1T+6LEX2eAmeh/XjP2HacEauYl993diYEixRGtzJGm9P5+d/JdXWUR4h5ArdpH
3UWzVIqDR3Hp+6MW5+rHSB7NLvDyb8Kgfe32bxtVz3WzC7BYoS4fL4nvQAjVAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUfIax4MElgvDSBX6OzkUnOTgP664wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXwYIKwYBBQUHAQcBAf8EUDBOMEwEAgABMEYDBACR3zQD
BACR3zgDBACSZywDBACSZzcDBACijWkDBACo3lEwDAMEAqjeVAMEAKjeWAMEAKje
WjAMAwQCqN5cAwQAqN5eMA0GCSqGSIb3DQEBCwUAA4IBAQCb/g6IVa9u7ky/Yh7s
N3LQy8TZUUFe4Po7TFQjW1PKTKEM9SzV19YHCb6VR7BpWLXejFasBy2EEns/71mt
ErFT7qHHpoUM5WIKxwJd3fjJvFl8zwp5JbJJ8JAs6hTEily2eFSjffN7tD4TMG1O
w2szWUlNdzJziTF6p+BQTplE7QFdZIlRH7YNn0pgwBgL1N3GcTCgq0B77tYrft8Z
d0pW5zI5EmlgK7lTRl0l4zhZ8WNT5jCXTsUQPYVQbXqoz/kt6jjTpNmgfNtdjsoD
jSfXu+fgxooyT0C6pPnJe2imE/r4sOOZLc4gTu0zSD/teer0sehPs5qwKzhcs2tm
XOom
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:06:44 2026 by rpki-client