Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File:                     AS40676.roa (raw, json)
Hash identifier:          iFLLIObceUE1YGnSPOirQcer56sblIXbELA554A24Z8=
Subject key identifier:   F3:0F:14:00:F1:48:58:D3:FE:E9:5E:EF:AE:01:D9:B4:0E:CF:92:58
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       2EABF137E53F1274A9D0CBEE304BB9D9EE3C6016
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time:             Sun 15 Feb 2026 16:35:59 +0000
ROA not before:           Sun 15 Feb 2026 16:30:59 +0000
ROA not after:            Sun 14 Feb 2027 16:35:59 +0000
asID:                     40676
IP address blocks:        46.202.224.0/24 maxlen: 24
                          91.124.135.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 08:09:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:ab:f1:37:e5:3f:12:74:a9:d0:cb:ee:30:4b:b9:d9:ee:3c:60:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Feb 15 16:30:59 2026 GMT
            Not After : Feb 14 16:35:59 2027 GMT
        Subject: CN=F30F1400F14858D3FEE95EEFAE01D9B40ECF9258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:82:fb:91:72:19:6a:7b:76:80:89:7a:ce:a8:
                    ff:47:4b:e3:b7:34:b3:92:50:ce:cf:21:31:fc:10:
                    3b:c0:17:20:84:42:23:8c:0b:e7:6e:ea:7e:97:c0:
                    02:0d:5a:08:0f:1a:25:cf:5d:5a:b0:03:0d:94:9d:
                    84:3a:36:d2:c8:be:c8:92:2f:9a:b3:cf:c5:a2:03:
                    e8:b8:02:f1:8a:6d:d7:e7:e7:5c:05:54:40:22:53:
                    87:53:50:f1:30:fb:68:35:fc:15:e9:af:d1:5a:47:
                    7f:bb:17:22:87:76:86:10:fd:b6:7c:29:3f:91:fd:
                    af:70:9f:29:1d:c5:39:4c:65:2b:b5:7e:66:83:2f:
                    14:37:df:cd:17:b8:29:e4:ee:fc:7e:1f:8e:72:af:
                    17:04:7d:17:57:28:ec:b9:37:e5:0d:f3:2f:2e:1f:
                    81:3c:ee:ea:87:f9:6f:b2:ee:2e:f6:57:0a:5c:29:
                    4a:5c:8c:f0:48:95:b0:d7:b3:50:e4:b6:36:a8:94:
                    bd:60:ae:c5:9d:a9:c0:b2:60:70:f5:cf:41:1e:37:
                    26:f3:e5:70:73:0a:7d:17:96:e3:c3:3e:cb:40:e1:
                    97:ac:f3:bb:68:8a:cf:6c:25:13:d0:fa:22:21:2d:
                    a0:08:a6:b0:49:24:ab:1c:ef:4c:6f:0a:e1:a9:38:
                    16:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:0F:14:00:F1:48:58:D3:FE:E9:5E:EF:AE:01:D9:B4:0E:CF:92:58
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.202.224.0/24
                  91.124.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:e0:86:42:fa:51:d8:44:d2:00:a2:c0:46:73:43:4f:7e:44:
         0f:7e:11:6f:2e:ae:07:c6:82:6b:d5:b2:7a:dc:13:0f:d3:de:
         49:4a:2e:65:93:49:eb:65:c1:dd:bb:91:d7:d2:c3:19:61:d1:
         5d:13:83:8a:55:56:43:e9:a2:83:3a:b1:33:4f:21:00:81:5e:
         a7:0d:2b:4a:0d:5f:d3:88:e9:8e:c2:00:21:45:de:b2:7e:b1:
         93:77:55:97:47:70:bb:aa:3b:ae:72:67:c5:2d:e6:5f:dd:b9:
         36:bf:d6:7c:45:22:ff:5b:b7:3f:06:9b:e1:41:04:8a:b2:f9:
         65:4f:0c:d8:9a:74:7b:18:c0:e6:dd:6b:c7:c4:99:f1:04:5a:
         e7:ca:5d:fb:90:ea:69:8a:1a:34:cf:24:ca:5e:3b:59:f5:12:
         a3:d9:88:dd:ff:92:21:1b:09:42:c4:eb:d1:4f:39:51:1e:f3:
         19:51:f2:55:5f:23:b9:19:bc:bf:fa:75:9f:dd:c3:30:26:61:
         68:88:1e:34:fb:ad:f8:16:77:2b:34:f6:79:a3:68:2c:96:a8:
         41:d0:89:f9:2e:1a:5d:39:38:29:cc:d5:64:29:e6:a4:dd:b0:
         ac:84:40:9f:98:3f:a5:8a:76:39:15:45:f9:76:0c:c4:0c:82:
         a3:27:0b:ef
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIULqvxN+U/EnSp0MvuMEu52e48YBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMTUxNjMwNTlaFw0yNzAyMTQxNjM1NTlaMDMxMTAvBgNV
BAMTKEYzMEYxNDAwRjE0ODU4RDNGRUU5NUVFRkFFMDFEOUI0MEVDRjkyNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCogvuRchlqe3aAiXrOqP9HS+O3
NLOSUM7PITH8EDvAFyCEQiOMC+du6n6XwAINWggPGiXPXVqwAw2UnYQ6NtLIvsiS
L5qzz8WiA+i4AvGKbdfn51wFVEAiU4dTUPEw+2g1/BXpr9FaR3+7FyKHdoYQ/bZ8
KT+R/a9wnykdxTlMZSu1fmaDLxQ3380XuCnk7vx+H45yrxcEfRdXKOy5N+UN8y8u
H4E87uqH+W+y7i72VwpcKUpcjPBIlbDXs1DktjaolL1grsWdqcCyYHD1z0EeNybz
5XBzCn0XluPDPstA4Zes87tois9sJRPQ+iIhLaAIprBJJKsc70xvCuGpOBYbAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU8w8UAPFIWNP+6V7vrgHZtA7PklgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAuyuAD
BABbfIcwDQYJKoZIhvcNAQELBQADggEBAA3ghkL6UdhE0gCiwEZzQ09+RA9+EW8u
rgfGgmvVsnrcEw/T3klKLmWTSetlwd27kdfSwxlh0V0Tg4pVVkPpooM6sTNPIQCB
XqcNK0oNX9OI6Y7CACFF3rJ+sZN3VZdHcLuqO65yZ8Ut5l/duTa/1nxFIv9btz8G
m+FBBIqy+WVPDNiadHsYwObda8fEmfEEWufKXfuQ6mmKGjTPJMpeO1n1EqPZiN3/
kiEbCULE69FPOVEe8xlR8lVfI7kZvL/6dZ/dwzAmYWiIHjT7rfgWdys09nmjaCyW
qEHQifkuGl05OCnM1WQp5qTdsKyEQJ+YP6WKdjkVRfl2DMQMgqMnC+8=
-----END CERTIFICATE-----