Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: ZsA6CEtL/Ev2q51TLYD9mfoUz7/ou68f/5JkRFF94aw=
Subject key identifier: 89:C1:9B:44:82:F9:CF:4B:AA:F0:EB:FC:F4:DE:5E:1E:74:CB:B3:86
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 33C4265FB7AA4A8869F52067EF587C876646C9C8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Sat 26 Apr 2025 10:20:04 +0000
ROA not before: Sat 26 Apr 2025 10:15:04 +0000
ROA not after: Sat 25 Apr 2026 10:20:04 +0000
asID: 40676
IP address blocks: 46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
91.124.145.0/24 maxlen: 24
91.124.178.0/24 maxlen: 24
91.124.179.0/24 maxlen: 24
91.124.216.0/24 maxlen: 24
91.124.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:c4:26:5f:b7:aa:4a:88:69:f5:20:67:ef:58:7c:87:66:46:c9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 26 10:15:04 2025 GMT
Not After : Apr 25 10:20:04 2026 GMT
Subject: CN=89C19B4482F9CF4BAAF0EBFCF4DE5E1E74CBB386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:43:86:17:5f:25:2d:c5:8a:2c:b6:cc:69:9c:
2b:cb:4d:00:33:29:11:55:27:00:e7:e2:bb:4b:a8:
72:f5:ef:2d:d1:c9:26:d2:76:9e:5e:b1:3c:31:83:
26:d5:fc:17:3b:a1:61:d8:8a:db:11:da:fe:14:62:
9c:27:43:34:37:69:56:bb:44:3c:1d:b7:4f:bb:6e:
d1:0b:d4:ad:a9:58:6f:b2:85:6b:46:8b:9e:46:e4:
c7:2d:b3:85:62:11:2f:4f:bc:fa:92:cd:00:3a:99:
36:17:93:42:11:aa:a0:d1:8f:3d:d3:d6:de:42:bb:
84:20:2d:bf:d5:8b:9e:93:68:a7:76:83:a9:18:b0:
51:4e:88:39:44:80:e2:03:bb:a3:03:5d:a1:e3:af:
c6:a2:d7:84:46:f5:58:2d:4d:7d:e3:e3:ab:a4:9a:
16:0c:27:d0:6d:1c:e1:be:06:b1:fb:39:a2:f7:cf:
81:c0:ed:88:1b:5e:04:1c:5e:37:15:5f:a8:df:6e:
15:91:0e:80:6e:c7:4f:0c:06:89:3e:25:e1:5d:6f:
a9:af:d0:b9:5a:0a:fb:5f:35:98:7d:dd:d8:39:d3:
84:14:ee:c2:92:f7:54:e6:95:e3:93:f1:fc:ff:0f:
6e:68:26:ab:60:a9:68:36:64:fd:e6:b2:e7:07:ba:
c9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C1:9B:44:82:F9:CF:4B:AA:F0:EB:FC:F4:DE:5E:1E:74:CB:B3:86
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.224.0/24
91.124.135.0/24
91.124.145.0/24
91.124.178.0/23
91.124.216.0/24
91.124.219.0/24
Signature Algorithm: sha256WithRSAEncryption
26:0a:d6:e9:b6:d7:c8:b9:fe:d1:8f:b1:ce:6b:4d:fa:d9:47:
2d:e5:57:17:6a:f4:66:fb:6a:20:b4:d8:2e:cc:69:d2:0b:41:
de:e1:5d:cc:6e:71:ab:bd:fd:e0:21:a7:ed:7e:f1:81:3c:65:
ff:42:62:d8:e6:c7:71:1b:08:83:00:04:ae:a4:bc:cf:be:00:
63:a2:e8:c0:64:c7:42:47:b0:98:63:de:d9:f6:a7:74:df:7b:
7b:91:fc:93:04:5b:d0:37:76:bc:0a:dd:7c:d4:f5:7a:f1:c1:
38:51:c4:db:db:5d:77:a1:1a:64:df:30:a7:33:d4:d8:43:ac:
50:c2:8f:2a:31:76:65:c4:3b:e5:24:ae:ba:4a:b0:0f:56:17:
44:19:11:05:d2:14:c0:18:ab:8a:d2:ac:17:22:d0:5b:6f:ab:
10:3b:93:ba:0b:4c:3e:c5:e8:aa:aa:a5:94:4c:46:3f:57:05:
da:31:19:9f:6b:02:36:79:fb:79:3c:03:b6:23:25:b0:3c:f3:
45:60:3e:53:77:7f:49:ad:77:50:49:80:fe:62:c6:70:ef:04:
1d:54:e5:97:d2:e1:9a:82:cd:c0:f3:89:44:59:d8:db:a7:31:
ce:bd:65:f8:24:89:2d:71:90:0f:34:ef:e3:fb:93:72:ad:bb:
fe:0b:b5:28
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUM8QmX7eqSohp9SBn71h8h2ZGycgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjYxMDE1MDRaFw0yNjA0MjUxMDIwMDRaMDMxMTAvBgNV
BAMTKDg5QzE5QjQ0ODJGOUNGNEJBQUYwRUJGQ0Y0REU1RTFFNzRDQkIzODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVQ4YXXyUtxYostsxpnCvLTQAz
KRFVJwDn4rtLqHL17y3RySbSdp5esTwxgybV/Bc7oWHYitsR2v4UYpwnQzQ3aVa7
RDwdt0+7btEL1K2pWG+yhWtGi55G5Mcts4ViES9PvPqSzQA6mTYXk0IRqqDRjz3T
1t5Cu4QgLb/Vi56TaKd2g6kYsFFOiDlEgOIDu6MDXaHjr8ai14RG9VgtTX3j46uk
mhYMJ9BtHOG+BrH7OaL3z4HA7YgbXgQcXjcVX6jfbhWRDoBux08MBok+JeFdb6mv
0LlaCvtfNZh93dg504QU7sKS91TmleOT8fz/D25oJqtgqWg2ZP3msucHusnjAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUicGbRIL5z0uq8Ov89N5eHnTLs4YwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAAuyuAD
BABbfIcDBABbfJEDBAFbfLIDBABbfNgDBABbfNswDQYJKoZIhvcNAQELBQADggEB
ACYK1um218i5/tGPsc5rTfrZRy3lVxdq9Gb7aiC02C7MadILQd7hXcxucau9/eAh
p+1+8YE8Zf9CYtjmx3EbCIMABK6kvM++AGOi6MBkx0JHsJhj3tn2p3Tfe3uR/JME
W9A3drwK3XzU9XrxwThRxNvbXXehGmTfMKcz1NhDrFDCjyoxdmXEO+UkrrpKsA9W
F0QZEQXSFMAYq4rSrBci0FtvqxA7k7oLTD7F6KqqpZRMRj9XBdoxGZ9rAjZ5+3k8
A7YjJbA880VgPlN3f0mtd1BJgP5ixnDvBB1U5ZfS4ZqCzcDziURZ2NunMc69Zfgk
iS1xkA807+P7k3Ktu/4LtSg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:30 2025 by rpki-client