Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: LMBww8U57nfXaHgtgrWRkFpkZqD7rCoS4SHWCVlO2Qc=
Subject key identifier: 01:2A:07:E6:5B:BD:6F:F6:7A:32:5C:08:C3:6E:42:C5:01:F8:B2:F2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 46AEE356325E115DC54F81DEB4659A60147BCBE2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Sun 17 May 2026 00:00:15 +0000
ROA not before: Sat 16 May 2026 23:55:15 +0000
ROA not after: Sun 16 May 2027 00:00:15 +0000
asID: 40676
IP address blocks: 181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ae:e3:56:32:5e:11:5d:c5:4f:81:de:b4:65:9a:60:14:7b:cb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 16 23:55:15 2026 GMT
Not After : May 16 00:00:15 2027 GMT
Subject: CN=012A07E65BBD6FF67A325C08C36E42C501F8B2F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:79:19:a3:26:98:7c:eb:d8:fa:d1:03:60:
80:fa:c6:00:ad:cb:e5:60:f8:5c:c8:28:45:ee:3b:
dd:37:e5:47:49:fe:0a:4d:b0:71:1d:f4:19:76:e5:
ba:42:db:c9:9e:fa:9b:fb:1b:77:cf:89:fb:64:50:
6b:f5:2e:ac:91:df:55:69:1f:0f:d1:31:be:37:e8:
d2:68:fc:8a:17:94:79:0e:18:3c:26:48:9b:df:5b:
32:b5:1d:0f:95:6a:00:84:0d:a0:24:96:6c:a0:8a:
28:36:8e:a8:9a:02:80:95:9d:06:2d:44:ea:f6:85:
a9:18:96:e7:bd:dd:08:33:63:13:bd:81:e2:1d:da:
52:28:77:5b:ac:81:5c:8d:d6:54:9c:e4:da:4c:5f:
e6:f8:8c:f1:30:d7:0f:06:1b:6d:66:f4:31:38:99:
18:44:d9:76:80:a0:61:e1:e7:1a:3f:cb:e5:56:e8:
0d:cc:60:30:44:ed:45:b3:47:13:89:b5:18:95:32:
66:74:f7:da:9b:1d:da:3f:5a:7c:2a:0d:ea:40:9a:
21:ef:99:60:14:d6:f8:b5:8b:97:a3:69:ff:c0:1f:
fd:76:a1:6c:ea:07:9f:32:21:c3:0a:e8:0e:ff:9c:
8c:cf:07:41:63:a3:ee:da:a7:35:6c:cd:23:11:e3:
a8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2A:07:E6:5B:BD:6F:F6:7A:32:5C:08:C3:6E:42:C5:01:F8:B2:F2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.101.7.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ec:8a:a6:e2:5f:ec:e0:b0:8a:d4:9f:c0:ab:eb:81:4f:7b:
b2:91:a1:b7:98:8e:16:cd:42:4e:2a:52:fa:67:d1:a7:42:a8:
75:e1:1c:ac:95:4f:a5:c4:b3:b2:2d:ad:20:ae:db:ba:3e:c6:
e6:e6:ce:c2:93:be:3b:24:1c:a6:e1:f1:4f:47:ce:85:1b:8c:
ae:86:29:99:62:ad:2b:dc:f8:87:5b:0e:6d:cb:5e:16:f7:27:
f6:8e:a8:70:fb:46:8d:a2:62:a4:c6:aa:28:e6:5f:50:29:07:
99:08:85:85:47:e9:cd:23:92:db:db:a4:53:39:b2:e6:b1:b6:
11:39:66:08:95:b9:77:9d:db:4d:33:7b:a0:13:f6:be:48:b2:
00:0d:94:fc:3f:ab:c1:87:3b:d1:d9:d4:01:c4:86:47:33:f7:
2c:c2:e2:b5:32:ce:dc:81:c6:30:ae:cc:18:97:28:0a:e4:33:
52:22:f0:c8:63:1c:8b:39:c5:c4:63:47:36:92:d2:4a:bb:8f:
f4:6a:9a:5e:84:f9:c3:66:ad:2c:b6:65:00:55:53:06:b8:7c:
80:32:4a:e6:28:82:19:99:65:cc:5a:f7:bd:35:db:d2:bf:1f:
e2:6a:2f:77:9e:5d:bb:48:71:7c:0c:6e:c7:1d:80:4c:45:e8:
e9:56:d6:3a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURq7jVjJeEV3FT4HetGWaYBR7y+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MTYyMzU1MTVaFw0yNzA1MTYwMDAwMTVaMDMxMTAvBgNV
BAMTKDAxMkEwN0U2NUJCRDZGRjY3QTMyNUMwOEMzNkU0MkM1MDFGOEIyRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUKnkZoyaYfOvY+tEDYID6xgCt
y+Vg+FzIKEXuO9035UdJ/gpNsHEd9Bl25bpC28me+pv7G3fPiftkUGv1LqyR31Vp
Hw/RMb436NJo/IoXlHkOGDwmSJvfWzK1HQ+VagCEDaAklmygiig2jqiaAoCVnQYt
ROr2hakYlue93QgzYxO9geId2lIod1usgVyN1lSc5NpMX+b4jPEw1w8GG21m9DE4
mRhE2XaAoGHh5xo/y+VW6A3MYDBE7UWzRxOJtRiVMmZ099qbHdo/WnwqDepAmiHv
mWAU1vi1i5ejaf/AH/12oWzqB58yIcMK6A7/nIzPB0Fjo+7apzVszSMR46jHAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUASoH5lu9b/Z6MlwIw25CxQH4svIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQwDAMEAbXX
SgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2UHAwQCv2UsAwQAv2VAAwQAv2VEMA0G
CSqGSIb3DQEBCwUAA4IBAQAy7Iqm4l/s4LCK1J/Aq+uBT3uykaG3mI4WzUJOKlL6
Z9GnQqh14RyslU+lxLOyLa0grtu6Psbm5s7Ck747JBym4fFPR86FG4yuhimZYq0r
3PiHWw5ty14W9yf2jqhw+0aNomKkxqoo5l9QKQeZCIWFR+nNI5Lb26RTObLmsbYR
OWYIlbl3ndtNM3ugE/a+SLIADZT8P6vBhzvR2dQBxIZHM/cswuK1Ms7cgcYwrswY
lygK5DNSIvDIYxyLOcXEY0c2ktJKu4/0appehPnDZq0stmUAVVMGuHyAMkrmKIIZ
mWXMWve9NdvSvx/iai93nl27SHF8DG7HHYBMRejpVtY6
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:22 2026 by rpki-client