Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: ZBQRy5Ue67C3tVB5WCR7+z55SGcLEAEeJACzhPqH7XY=
Subject key identifier: CE:A6:92:5A:C6:C6:20:30:5D:DB:CB:EF:5F:F1:64:09:A3:5C:56:0E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 53D19B8C6CEFC18AE265697C2765F400660179FB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Fri 05 Jun 2026 05:44:26 +0000
ROA not before: Fri 05 Jun 2026 05:39:26 +0000
ROA not after: Fri 04 Jun 2027 05:44:26 +0000
asID: 40676
IP address blocks: 96.62.73.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:d1:9b:8c:6c:ef:c1:8a:e2:65:69:7c:27:65:f4:00:66:01:79:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 5 05:39:26 2026 GMT
Not After : Jun 4 05:44:26 2027 GMT
Subject: CN=CEA6925AC6C620305DDBCBEF5FF16409A35C560E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b2:39:6b:cb:9a:a6:28:12:59:78:2d:10:4c:
2e:6c:dd:83:a9:49:40:b6:5a:88:f3:65:8b:07:ca:
a5:2f:52:c3:06:3f:16:b4:31:6d:88:0a:2e:1b:f8:
56:70:8c:d0:44:69:0c:48:e1:27:ea:da:1e:b6:d3:
68:ce:55:22:77:a7:48:1b:1a:fd:88:eb:54:57:bb:
96:4e:9c:ea:5e:2b:a6:5a:1e:cb:c8:43:80:14:ca:
4d:4f:e1:e6:e3:e7:96:24:3e:86:9c:db:ab:d2:91:
8c:70:e4:9b:a3:1f:01:8b:1c:a9:95:66:f2:5c:ad:
58:e1:22:33:68:98:99:4a:20:b1:5b:cf:24:29:42:
ab:db:72:0b:f2:32:2b:6e:8b:05:8e:ec:5c:93:33:
19:31:0c:00:23:43:a6:69:ea:d4:71:25:8e:80:43:
f2:26:28:13:f4:db:75:76:11:4f:c7:bd:a1:c0:7e:
3f:bc:f1:b1:37:f9:fb:22:65:09:21:56:e1:15:32:
2a:50:e0:d8:cb:00:6b:af:e0:b0:6f:fa:d4:57:64:
b6:16:07:16:a8:9c:b6:fe:85:ab:33:a0:53:45:e1:
5d:19:9d:97:c1:7e:2b:c7:0a:f7:7d:08:e1:3a:db:
5d:a3:e7:93:45:5a:c6:e9:53:95:86:08:bb:17:c4:
a2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A6:92:5A:C6:C6:20:30:5D:DB:CB:EF:5F:F1:64:09:A3:5C:56:0E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0/24
140.233.173.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f4:ed:44:0c:3c:71:01:77:00:5e:ef:4a:5e:49:cb:3d:82:
36:46:f9:ac:fc:a2:7a:6e:1e:13:35:15:c3:19:f3:f0:87:71:
9b:d1:3d:6b:0e:15:ca:f3:a2:96:35:c5:af:2f:c0:df:73:63:
60:6d:5b:7d:30:4b:41:1d:b0:ce:a9:af:26:39:6b:6b:02:f2:
29:de:ea:d5:7c:59:b8:b7:53:25:1e:50:62:3f:16:b5:0c:25:
77:f8:00:09:42:fb:3a:3a:5e:b3:fe:2a:3e:e5:5c:88:23:8c:
34:3b:04:ec:6f:df:68:08:10:ff:26:fa:9c:77:eb:b5:8e:08:
c7:3c:af:7a:1f:c9:b4:f0:68:e3:78:e7:2a:14:77:83:ea:b8:
bb:b1:20:46:d4:cb:de:6a:c2:36:f0:1f:3f:99:bf:ac:8e:18:
a0:e8:03:7e:2b:f4:eb:e4:06:af:40:a3:2c:a9:e8:bb:c6:52:
4b:0c:bd:49:ae:07:9f:dc:4a:f8:92:2a:bb:92:d0:34:d5:d3:
e3:4f:5d:9f:f5:ce:d1:4e:04:bc:6c:54:2b:f4:32:5a:b9:ee:
b4:23:c6:7c:51:f7:90:fe:d9:be:c0:56:8a:8b:6a:09:5e:e6:
89:5a:46:e2:07:d7:a9:c1:95:bb:1c:80:6b:cf:14:35:fb:e5:
b8:a4:79:66
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUU9GbjGzvwYriZWl8J2X0AGYBefswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDUwNTM5MjZaFw0yNzA2MDQwNTQ0MjZaMDMxMTAvBgNV
BAMTKENFQTY5MjVBQzZDNjIwMzA1RERCQ0JFRjVGRjE2NDA5QTM1QzU2MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJsjlry5qmKBJZeC0QTC5s3YOp
SUC2WojzZYsHyqUvUsMGPxa0MW2ICi4b+FZwjNBEaQxI4Sfq2h6202jOVSJ3p0gb
Gv2I61RXu5ZOnOpeK6ZaHsvIQ4AUyk1P4ebj55YkPoac26vSkYxw5JujHwGLHKmV
ZvJcrVjhIjNomJlKILFbzyQpQqvbcgvyMituiwWO7FyTMxkxDAAjQ6Zp6tRxJY6A
Q/ImKBP023V2EU/HvaHAfj+88bE3+fsiZQkhVuEVMipQ4NjLAGuv4LBv+tRXZLYW
BxaonLb+haszoFNF4V0ZnZfBfivHCvd9COE6212j55NFWsbpU5WGCLsXxKLRAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUzqaSWsbGIDBd28vvX/FkCaNcVg4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABgPkkD
BACM6a0DBACR3zQDBACR3zgDBACSZywDBACSZzcwDQYJKoZIhvcNAQELBQADggEB
AED07UQMPHEBdwBe70peScs9gjZG+az8onpuHhM1FcMZ8/CHcZvRPWsOFcrzopY1
xa8vwN9zY2BtW30wS0EdsM6pryY5a2sC8ine6tV8Wbi3UyUeUGI/FrUMJXf4AAlC
+zo6XrP+Kj7lXIgjjDQ7BOxv32gIEP8m+px367WOCMc8r3ofybTwaON45yoUd4Pq
uLuxIEbUy95qwjbwHz+Zv6yOGKDoA34r9OvkBq9Aoyyp6LvGUksMvUmuB5/cSviS
KruS0DTV0+NPXZ/1ztFOBLxsVCv0Mlq57rQjxnxR95D+2b7AVoqLagle5olaRuIH
16nBlbscgGvPFDX75bikeWY=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:45:26 2026 by rpki-client