Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: JwTVHv26VPWQ1DqxkUcFg5pqJkVzJRoNTJ6GcOhPoVY=
Subject key identifier: 8B:65:44:F7:93:C3:67:D1:3E:51:4C:00:05:63:77:71:9F:EA:0D:52
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 15B982C84A1E235E05B62473EB5485027857115F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Thu 14 Aug 2025 14:09:19 +0000
ROA not before: Thu 14 Aug 2025 14:04:19 +0000
ROA not after: Thu 13 Aug 2026 14:09:19 +0000
asID: 40676
IP address blocks: 96.62.103.0/24 maxlen: 24
143.14.223.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
150.241.199.0/24 maxlen: 24
155.117.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:b9:82:c8:4a:1e:23:5e:05:b6:24:73:eb:54:85:02:78:57:11:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 14 14:04:19 2025 GMT
Not After : Aug 13 14:09:19 2026 GMT
Subject: CN=8B6544F793C367D13E514C00056377719FEA0D52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:59:80:fb:52:fe:4d:c4:f6:9d:64:8f:9c:
8c:61:56:f5:b0:ca:d0:51:21:ca:7f:65:39:01:dc:
67:18:6e:56:2a:45:6b:5e:47:15:75:2f:a6:34:55:
6b:da:7b:ef:5d:c6:de:02:7a:eb:1a:f8:be:50:6c:
99:61:e1:40:b5:23:c9:da:c5:a9:52:50:c9:a6:f6:
f5:b7:e2:8a:21:3d:24:9a:0d:e6:fc:5c:40:0a:0a:
53:0d:be:86:74:ac:4e:0c:22:e2:1e:b0:db:cf:0a:
c3:25:31:b1:c4:cd:5f:69:85:9d:b0:af:6a:bd:cc:
b4:d1:d5:d3:2f:de:2f:5a:88:5d:8d:f6:e7:c6:33:
41:b8:4c:79:9e:73:7d:95:c0:55:d2:31:7b:94:58:
e4:9e:33:94:86:0f:a7:40:82:31:a3:03:4f:7e:9a:
9f:fe:71:2a:74:c4:0b:ed:47:5f:33:31:ee:e7:f1:
82:5f:f6:eb:b8:f2:57:f8:3a:47:9d:44:4f:74:6c:
fd:63:36:8c:8e:91:cb:17:93:08:5b:a9:9e:df:3e:
ff:59:1a:68:ce:49:9d:86:64:c3:1c:90:2c:b0:36:
91:4c:87:df:69:2f:5f:55:06:d5:a5:c7:15:da:d0:
35:d7:ab:da:8a:7f:f9:39:2a:06:02:6f:e8:79:2f:
6c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:65:44:F7:93:C3:67:D1:3E:51:4C:00:05:63:77:71:9F:EA:0D:52
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.103.0/24
143.14.223.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
150.241.199.0/24
155.117.112.0/24
Signature Algorithm: sha256WithRSAEncryption
50:85:55:cf:98:74:d4:a2:1c:06:dd:8b:8e:3f:53:61:62:fb:
00:6e:92:63:c0:68:c4:e2:97:1d:4b:5c:25:bf:6e:f9:8c:59:
55:b2:06:bc:3f:86:be:27:ee:65:7e:b7:97:2a:ad:48:27:71:
c6:86:63:45:2c:54:95:ca:2c:58:fe:62:fe:fa:09:43:76:6a:
fd:06:1f:5b:44:4a:29:4e:f0:f4:2d:89:de:26:a0:ac:7d:fe:
91:36:92:7a:b3:19:bb:a7:99:6b:6e:9e:b3:c3:5b:ba:e5:fb:
70:22:e1:61:2b:cb:d9:b2:e7:c2:c8:70:d5:3b:45:14:6c:b2:
82:6b:f3:b2:1d:c9:90:17:5e:0d:29:90:41:89:0c:c4:a1:4d:
3e:ee:97:20:0e:44:35:9f:ca:ab:1a:af:03:ca:45:c3:ca:71:
03:59:2c:98:08:01:d1:dc:65:6d:10:29:8c:84:15:9a:b2:44:
65:3a:41:56:d2:f3:37:2b:d3:67:7c:96:43:c5:ef:86:24:ef:
2b:66:25:49:b2:3a:ce:ca:36:65:23:de:50:12:88:24:87:1a:
95:12:57:39:72:2a:2b:6a:7b:c8:e6:c5:b1:32:17:89:99:3d:
2f:69:38:57:33:bf:c5:4a:ea:ad:1f:4b:ee:c8:e3:ca:5a:e9:
fb:45:8b:7b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFbmCyEoeI14FtiRz61SFAnhXEV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTQxNDA0MTlaFw0yNjA4MTMxNDA5MTlaMDMxMTAvBgNV
BAMTKDhCNjU0NEY3OTNDMzY3RDEzRTUxNEMwMDA1NjM3NzcxOUZFQTBENTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQAVmA+1L+TcT2nWSPnIxhVvWw
ytBRIcp/ZTkB3GcYblYqRWteRxV1L6Y0VWvae+9dxt4Ceusa+L5QbJlh4UC1I8na
xalSUMmm9vW34oohPSSaDeb8XEAKClMNvoZ0rE4MIuIesNvPCsMlMbHEzV9phZ2w
r2q9zLTR1dMv3i9aiF2N9ufGM0G4THmec32VwFXSMXuUWOSeM5SGD6dAgjGjA09+
mp/+cSp0xAvtR18zMe7n8YJf9uu48lf4OkedRE90bP1jNoyOkcsXkwhbqZ7fPv9Z
GmjOSZ2GZMMckCywNpFMh99pL19VBtWlxxXa0DXXq9qKf/k5KgYCb+h5L2w3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUi2VE95PDZ9E+UUwABWN3cZ/qDVIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABgPmcD
BACPDt8DBACR3zQDBACR3zgDBACSZywDBACSZzcDBACSZzsDBACW8ccDBACbdXAw
DQYJKoZIhvcNAQELBQADggEBAFCFVc+YdNSiHAbdi44/U2Fi+wBukmPAaMTilx1L
XCW/bvmMWVWyBrw/hr4n7mV+t5cqrUgnccaGY0UsVJXKLFj+Yv76CUN2av0GH1tE
SilO8PQtid4moKx9/pE2knqzGbunmWtunrPDW7rl+3Ai4WEry9my58LIcNU7RRRs
soJr87IdyZAXXg0pkEGJDMShTT7ulyAORDWfyqsarwPKRcPKcQNZLJgIAdHcZW0Q
KYyEFZqyRGU6QVbS8zcr02d8lkPF74Yk7ytmJUmyOs7KNmUj3lASiCSHGpUSVzly
Kitqe8jmxbEyF4mZPS9pOFczv8VK6q0fS+7I48pa6ftFi3s=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:21:44 2025 by rpki-client