Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: swPTpIe21RkGGpFSyuATZVljjuaBRcDT/8720LT7ykQ=
Subject key identifier: E0:02:FD:4A:9E:42:75:77:A7:E9:4D:65:8C:FA:F5:02:C4:E2:48:67
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3AF97A0909AF24D7CD12DC8E9DB425C49A118B34
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Wed 28 May 2025 00:00:09 +0000
ROA not before: Tue 27 May 2025 23:55:09 +0000
ROA not after: Wed 27 May 2026 00:00:09 +0000
asID: 40676
IP address blocks: 46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
91.124.178.0/24 maxlen: 24
91.124.179.0/24 maxlen: 24
91.124.216.0/24 maxlen: 24
91.124.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f9:7a:09:09:af:24:d7:cd:12:dc:8e:9d:b4:25:c4:9a:11:8b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 27 23:55:09 2025 GMT
Not After : May 27 00:00:09 2026 GMT
Subject: CN=E002FD4A9E427577A7E94D658CFAF502C4E24867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cc:29:e4:15:7f:11:d3:35:8d:16:f4:f2:18:
a4:68:e4:9e:e3:87:4f:84:59:62:1c:d4:02:45:53:
e0:2b:66:7f:ec:f8:02:6f:96:22:f2:09:3d:c5:e0:
49:cc:b9:db:44:80:65:fa:74:21:54:f3:8a:4c:98:
78:3c:59:e1:ed:ee:f2:c8:f7:c6:92:dc:30:1d:cf:
ed:69:30:55:77:87:0f:2f:ad:5d:81:ef:22:1f:b6:
d3:c6:6b:c4:d4:94:aa:ac:15:15:1d:3f:b9:93:ff:
8f:d6:0e:99:f3:d7:ce:0c:df:d4:93:1a:1e:7b:51:
b6:21:17:2f:57:cf:63:29:9f:b7:e7:41:9c:be:03:
a1:20:ba:c4:f5:33:fe:dd:9b:fb:cf:f7:49:86:7c:
b5:a9:65:b6:94:82:88:59:41:9e:d6:03:df:14:67:
2d:ae:c5:24:9d:f3:38:33:07:bb:34:5c:20:3e:74:
f2:d8:0a:82:b7:c1:c2:2f:91:cc:8a:55:b5:56:ce:
f6:61:ac:86:83:bd:3c:d5:10:66:70:04:03:5f:de:
a9:60:98:85:74:84:0f:ec:d6:9b:70:a7:ac:ce:0b:
fa:08:46:dc:52:64:ad:f5:b4:39:65:bd:b1:3c:39:
c1:b7:56:96:46:33:b2:cd:74:fa:d8:e3:84:61:f9:
88:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:02:FD:4A:9E:42:75:77:A7:E9:4D:65:8C:FA:F5:02:C4:E2:48:67
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.224.0/24
91.124.135.0/24
91.124.178.0/23
91.124.216.0/24
91.124.219.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:28:ec:83:63:b2:4c:23:bc:36:70:b0:80:b3:92:ae:0d:a0:
f9:06:a3:af:e7:3a:c3:89:6d:3a:f3:9c:f2:aa:24:fa:71:7b:
dc:cf:76:bb:ef:35:c8:9c:38:b2:11:1c:b4:97:72:39:e1:44:
35:5e:03:0e:ba:01:5c:3d:c0:ff:57:20:54:dd:14:74:d2:72:
f3:3a:56:92:85:36:c6:00:95:7f:92:52:77:13:fa:94:af:23:
a3:67:81:c5:1b:9d:31:dd:0d:f9:95:8c:a6:96:78:4f:bd:ab:
9e:04:9a:8a:7b:b0:68:ab:e2:28:ed:2e:af:d3:f5:ee:48:aa:
c1:3c:67:9e:64:ce:61:78:ef:ee:75:4d:f2:a8:78:c0:94:85:
2d:e6:1e:db:bd:15:da:f6:e6:57:af:b9:bb:bb:2e:ab:83:31:
e5:c5:4a:49:40:77:97:e9:80:b1:b8:76:b2:79:11:5b:a1:6b:
94:77:d0:71:83:77:5b:77:32:7f:4b:f3:b6:06:a3:a3:58:fd:
ec:f5:69:52:6a:00:a3:8a:93:66:71:a7:42:69:99:e7:fb:55:
9f:d7:b4:9b:a0:87:cc:8f:37:ee:bc:64:f7:12:8c:99:e8:4f:
af:43:29:f1:f1:13:fa:ce:d0:b9:7a:a4:36:61:48:09:a3:b8:
7d:bb:a2:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUOvl6CQmvJNfNEtyOnbQlxJoRizQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjcyMzU1MDlaFw0yNjA1MjcwMDAwMDlaMDMxMTAvBgNV
BAMTKEUwMDJGRDRBOUU0Mjc1NzdBN0U5NEQ2NThDRkFGNTAyQzRFMjQ4NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVzCnkFX8R0zWNFvTyGKRo5J7j
h0+EWWIc1AJFU+ArZn/s+AJvliLyCT3F4EnMudtEgGX6dCFU84pMmHg8WeHt7vLI
98aS3DAdz+1pMFV3hw8vrV2B7yIfttPGa8TUlKqsFRUdP7mT/4/WDpnz184M39ST
Gh57UbYhFy9Xz2Mpn7fnQZy+A6EgusT1M/7dm/vP90mGfLWpZbaUgohZQZ7WA98U
Zy2uxSSd8zgzB7s0XCA+dPLYCoK3wcIvkcyKVbVWzvZhrIaDvTzVEGZwBANf3qlg
mIV0hA/s1ptwp6zOC/oIRtxSZK31tDllvbE8OcG3VpZGM7LNdPrY44Rh+YgxAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU4AL9Sp5CdXen6U1ljPr1AsTiSGcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAuyuAD
BABbfIcDBAFbfLIDBABbfNgDBABbfNswDQYJKoZIhvcNAQELBQADggEBABso7INj
skwjvDZwsICzkq4NoPkGo6/nOsOJbTrznPKqJPpxe9zPdrvvNcicOLIRHLSXcjnh
RDVeAw66AVw9wP9XIFTdFHTScvM6VpKFNsYAlX+SUncT+pSvI6NngcUbnTHdDfmV
jKaWeE+9q54Emop7sGir4ijtLq/T9e5IqsE8Z55kzmF47+51TfKoeMCUhS3mHtu9
Fdr25levubu7LquDMeXFSklAd5fpgLG4drJ5EVuha5R30HGDd1t3Mn9L87YGo6NY
/ez1aVJqAKOKk2Zxp0Jpmef7VZ/XtJugh8yPN+68ZPcSjJnoT69DKfHxE/rO0Ll6
pDZhSAmjuH27osY=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:04 2025 by rpki-client