Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: KZ81jkUqdNNx0BsixC5AfHcA6dc1294gNBSJbR0dbtU=
Subject key identifier: 98:65:AA:FA:31:0B:26:5A:A2:99:89:BE:75:A9:9A:90:A3:F8:02:F7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2229C0F974981A61C3F1372D8508F27600098838
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
Signing time: Tue 14 Apr 2026 11:15:31 +0000
ROA not before: Tue 14 Apr 2026 11:10:31 +0000
ROA not after: Tue 13 Apr 2027 11:15:31 +0000
asID: 40676
IP address blocks: 82.38.24.0/22 maxlen: 24
82.38.52.0/22 maxlen: 24
82.38.72.0/22 maxlen: 24
82.38.88.0/22 maxlen: 24
82.41.136.0/24 maxlen: 24
82.47.17.0/24 maxlen: 24
84.75.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:29:c0:f9:74:98:1a:61:c3:f1:37:2d:85:08:f2:76:00:09:88:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 14 11:10:31 2026 GMT
Not After : Apr 13 11:15:31 2027 GMT
Subject: CN=9865AAFA310B265AA29989BE75A99A90A3F802F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:cd:62:31:a8:5d:87:4f:b8:55:90:5f:2a:
eb:88:14:6e:2b:b5:99:9b:23:ef:e2:54:42:ea:ec:
33:dc:aa:0c:09:74:02:6d:5a:69:67:bd:e5:c7:80:
e2:d0:60:94:fa:e9:3c:5e:30:30:d9:26:b0:0c:79:
b2:56:78:16:db:21:a2:a2:9c:4b:71:9c:d8:14:5e:
1b:d8:4a:b7:3c:58:0e:69:db:0d:ce:59:7b:ea:a6:
9e:31:e8:7e:ec:2f:32:df:93:17:4e:09:a0:35:af:
61:94:43:c3:2b:60:94:ea:68:d4:67:98:05:bb:a6:
76:eb:09:c4:55:df:0d:95:b0:0d:38:f6:d0:a7:37:
c1:e2:42:b6:ec:3f:2f:50:11:9d:37:55:89:e5:a6:
e4:9d:6b:59:c0:2e:76:ad:9e:cd:b7:29:b1:b6:03:
f3:2a:16:2c:cc:02:0a:7e:ed:fe:87:f3:92:83:b1:
00:1d:69:99:aa:8a:45:86:06:ae:23:0b:22:67:cb:
ed:a0:0f:2b:16:f4:24:21:82:38:52:05:14:b5:8e:
16:83:78:4d:38:8f:0b:27:a9:bf:b0:fa:b9:48:0e:
b9:ea:80:73:6f:e5:cb:68:89:79:99:95:2b:6c:b8:
1e:01:81:09:48:84:56:40:99:3a:f4:90:96:0e:0c:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:65:AA:FA:31:0B:26:5A:A2:99:89:BE:75:A9:9A:90:A3:F8:02:F7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.38.24.0/22
82.38.52.0/22
82.38.72.0/22
82.38.88.0/22
82.41.136.0/24
82.47.17.0/24
84.75.156.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e8:44:fa:82:b4:54:71:69:e8:cd:53:46:ee:3b:91:2c:a0:
8c:d4:4b:25:3e:6d:9b:9b:57:e1:af:47:23:4a:3f:51:98:30:
b4:b1:0f:66:f4:aa:2e:00:9a:c3:81:92:d3:21:5d:f2:fa:03:
75:31:10:ba:63:f5:85:42:14:4e:c6:e9:d1:a2:62:18:9d:cc:
b4:39:a4:c3:51:ed:f7:f6:43:a3:3f:f9:c0:9b:a8:fb:7d:1b:
4e:3c:fd:a1:ef:da:cb:7d:d0:21:73:b7:58:63:c0:ab:1c:bd:
0f:94:45:d7:de:8c:e7:89:5a:76:53:f7:f0:6e:d1:b4:16:f0:
e0:1a:50:75:8e:6e:23:f7:36:8b:37:ff:a8:42:9b:cc:6f:51:
b7:06:a2:2e:4e:ea:5d:10:61:e9:23:a6:96:4d:35:a5:9f:f2:
07:dc:66:04:c0:8e:41:bb:a9:da:fc:c8:a1:26:bc:60:95:9f:
e3:17:cd:3f:66:37:2c:f6:ce:0f:95:34:47:21:94:03:fc:58:
96:bc:90:1c:e2:c9:1c:25:32:16:2d:d5:93:cc:e2:79:c8:58:
e0:c4:fc:e7:84:dd:0a:c2:14:5f:f3:ce:64:d3:9f:c0:9e:89:
00:bd:cf:ac:86:56:4c:5f:3c:20:1b:0e:d6:6e:a5:74:9a:28:
e5:d9:d7:f6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUIinA+XSYGmHD8TcthQjydgAJiDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTQxMTEwMzFaFw0yNzA0MTMxMTE1MzFaMDMxMTAvBgNV
BAMTKDk4NjVBQUZBMzEwQjI2NUFBMjk5ODlCRTc1QTk5QTkwQTNGODAyRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC60M1iMahdh0+4VZBfKuuIFG4r
tZmbI+/iVELq7DPcqgwJdAJtWmlnveXHgOLQYJT66TxeMDDZJrAMebJWeBbbIaKi
nEtxnNgUXhvYSrc8WA5p2w3OWXvqpp4x6H7sLzLfkxdOCaA1r2GUQ8MrYJTqaNRn
mAW7pnbrCcRV3w2VsA049tCnN8HiQrbsPy9QEZ03VYnlpuSda1nALnatns23KbG2
A/MqFizMAgp+7f6H85KDsQAdaZmqikWGBq4jCyJny+2gDysW9CQhgjhSBRS1jhaD
eE04jwsnqb+w+rlIDrnqgHNv5ctoiXmZlStsuB4BgQlIhFZAmTr0kJYODDrXAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUmGWq+jELJlqimYm+damakKP4AvcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAJSJhgD
BAJSJjQDBAJSJkgDBAJSJlgDBABSKYgDBABSLxEDBABUS5wwDQYJKoZIhvcNAQEL
BQADggEBAAfoRPqCtFRxaejNU0buO5EsoIzUSyU+bZubV+GvRyNKP1GYMLSxD2b0
qi4AmsOBktMhXfL6A3UxELpj9YVCFE7G6dGiYhidzLQ5pMNR7ff2Q6M/+cCbqPt9
G048/aHv2st90CFzt1hjwKscvQ+URdfejOeJWnZT9/Bu0bQW8OAaUHWObiP3Nos3
/6hCm8xvUbcGoi5O6l0QYekjppZNNaWf8gfcZgTAjkG7qdr8yKEmvGCVn+MXzT9m
Nyz2zg+VNEchlAP8WJa8kBziyRwlMhYt1ZPM4nnIWODE/OeE3QrCFF/zzmTTn8Ce
iQC9z6yGVkxfPCAbDtZupXSaKOXZ1/Y=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:07:02 2026 by rpki-client