Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: fr/dlXAHsA2d+H3tQv7yJMX0un9fekZYfBrs6QGKGHg=
Subject key identifier: DE:81:F4:B5:8F:BB:98:AF:C1:25:6C:71:B1:F2:2C:54:80:85:F5:66
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2ED048520F5F73215C38C00D9E29B81F166DE608
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Mon 30 Mar 2026 04:39:04 +0000
ROA not before: Mon 30 Mar 2026 04:34:04 +0000
ROA not after: Mon 29 Mar 2027 04:39:04 +0000
asID: 40676
IP address blocks: 179.61.238.0/24 maxlen: 24
181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.39.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 15:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:d0:48:52:0f:5f:73:21:5c:38:c0:0d:9e:29:b8:1f:16:6d:e6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 30 04:34:04 2026 GMT
Not After : Mar 29 04:39:04 2027 GMT
Subject: CN=DE81F4B58FBB98AFC1256C71B1F22C548085F566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:18:2a:fc:f8:99:e6:1e:fb:81:ba:23:ef:10:
89:12:eb:69:3f:1b:11:66:68:a3:17:6f:92:e6:e3:
c4:24:4f:7a:9c:47:8a:4d:b3:94:d0:54:d0:02:79:
3b:61:2f:46:f8:8a:ef:f0:fe:c2:dc:b6:fa:47:7f:
79:c2:e7:ac:ac:f8:29:a9:87:59:13:03:34:40:1a:
58:99:09:22:5f:d9:66:7a:4c:f6:d0:d8:d7:74:fc:
ce:82:b3:d1:86:6b:a5:66:2f:6e:ce:38:5e:79:a2:
16:8c:c4:a0:87:00:1c:55:b3:5c:26:7c:75:3c:bc:
8d:3d:1c:4c:75:39:7f:d4:3d:3e:51:f6:45:f2:a1:
62:77:c2:ff:ec:06:8d:7b:87:17:47:85:2c:36:65:
79:10:27:24:86:11:f0:cd:e4:2d:7c:f1:3a:15:5c:
5c:57:f3:e4:e8:76:39:75:b7:4a:b9:56:9a:2c:1c:
4f:8f:a1:bd:be:e4:ba:fc:23:3f:55:fd:96:eb:70:
cb:05:c8:c9:bd:3d:03:62:bb:d3:6e:e8:a7:f8:80:
04:5e:37:33:6c:a5:22:9b:e4:8f:63:a8:8c:36:5b:
ce:66:c2:87:f4:a8:1b:79:d9:63:0c:b6:25:08:34:
e5:0a:e3:99:65:78:c0:e5:92:b0:32:fc:87:e9:bd:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:81:F4:B5:8F:BB:98:AF:C1:25:6C:71:B1:F2:2C:54:80:85:F5:66
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.238.0/24
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.101.7.0/24
191.101.9.0/24
191.101.39.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e0:59:9d:c2:be:ce:1c:47:94:4a:09:75:3d:00:da:dc:1b:
32:b3:df:a4:3e:86:60:e9:7a:7d:a0:38:df:38:d2:a4:ca:fa:
fe:a0:4b:ce:3b:26:4f:51:3f:79:e7:dd:00:6f:20:56:71:98:
50:b4:50:9e:b8:79:47:6c:07:e8:2a:80:4c:a1:cc:82:ff:4b:
af:77:fa:80:53:73:bf:20:61:69:06:2a:cf:c1:06:1b:b3:24:
d6:50:02:d6:0b:7f:8c:f2:ee:15:09:23:fc:4c:29:c8:00:c2:
b9:55:c7:b1:15:62:91:6b:6e:e7:4f:96:03:6d:0d:13:61:93:
8a:12:c9:86:27:b9:5f:76:28:a7:fc:fd:7b:7d:34:f8:34:3d:
c7:c0:10:9c:be:5b:6c:31:c7:c2:0d:85:f5:d4:28:99:e7:18:
8b:93:2c:4c:4f:52:b8:00:3e:4c:92:a0:7f:dd:d8:f1:72:ec:
49:60:1c:af:bb:11:89:82:8f:5c:29:66:23:5f:4b:de:46:fa:
9f:5c:42:3d:9b:21:67:63:a5:0d:d1:e6:61:bc:13:21:84:5b:
43:09:f9:51:7e:74:d6:36:98:13:bb:d7:27:d5:67:36:ca:8d:
6a:7b:ee:82:f9:ed:b0:07:2b:b6:31:cf:70:57:9f:f3:e5:52:
3b:3b:f5:be
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIULtBIUg9fcyFcOMANnim4HxZt5ggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMzAwNDM0MDRaFw0yNzAzMjkwNDM5MDRaMDMxMTAvBgNV
BAMTKERFODFGNEI1OEZCQjk4QUZDMTI1NkM3MUIxRjIyQzU0ODA4NUY1NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLGCr8+JnmHvuBuiPvEIkS62k/
GxFmaKMXb5Lm48QkT3qcR4pNs5TQVNACeTthL0b4iu/w/sLctvpHf3nC56ys+Cmp
h1kTAzRAGliZCSJf2WZ6TPbQ2Nd0/M6Cs9GGa6VmL27OOF55ohaMxKCHABxVs1wm
fHU8vI09HEx1OX/UPT5R9kXyoWJ3wv/sBo17hxdHhSw2ZXkQJySGEfDN5C188ToV
XFxX8+Todjl1t0q5VposHE+Pob2+5Lr8Iz9V/ZbrcMsFyMm9PQNiu9Nu6Kf4gARe
NzNspSKb5I9jqIw2W85mwof0qBt52WMMtiUINOUK45lleMDlkrAy/IfpvVdZAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU3oH0tY+7mK/BJWxxsfIsVICF9WYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXwYIKwYBBQUHAQcBAf8EUDBOMEwEAgABMEYDBACzPe4w
DAMEAbXXSgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2UHAwQAv2UJAwQAv2UnAwQC
v2UsAwQAv2VAAwQAv2VEMA0GCSqGSIb3DQEBCwUAA4IBAQAa4Fmdwr7OHEeUSgl1
PQDa3Bsys9+kPoZg6Xp9oDjfONKkyvr+oEvOOyZPUT95590AbyBWcZhQtFCeuHlH
bAfoKoBMocyC/0uvd/qAU3O/IGFpBirPwQYbsyTWUALWC3+M8u4VCSP8TCnIAMK5
VcexFWKRa27nT5YDbQ0TYZOKEsmGJ7lfdiin/P17fTT4ND3HwBCcvltsMcfCDYX1
1CiZ5xiLkyxMT1K4AD5MkqB/3djxcuxJYByvuxGJgo9cKWYjX0veRvqfXEI9myFn
Y6UN0eZhvBMhhFtDCflRfnTWNpgTu9cn1Wc2yo1qe+6C+e2wByu2Mc9wV5/z5VI7
O/W+
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:08:03 2026 by rpki-client