
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: Xalj7sfmFuV7DVooY5AoJrcu6H9Q4hzPX8z8wAC4muA=
Subject key identifier: A4:5D:F0:6C:49:F7:50:C7:DF:1B:2C:06:00:A2:7A:79:C7:01:60:04
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1449C75398E60DF135A8E8E834FAEE10DBD3BA21
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Thu 18 Sep 2025 00:01:16 +0000
ROA not before: Wed 17 Sep 2025 23:56:16 +0000
ROA not after: Thu 17 Sep 2026 00:01:16 +0000
asID: 40676
IP address blocks: 145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
150.241.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:49:c7:53:98:e6:0d:f1:35:a8:e8:e8:34:fa:ee:10:db:d3:ba:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 17 23:56:16 2025 GMT
Not After : Sep 17 00:01:16 2026 GMT
Subject: CN=A45DF06C49F750C7DF1B2C0600A27A79C7016004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:da:c8:4f:21:fb:30:55:96:89:5e:2f:ca:2c:
99:e2:b9:97:04:a5:83:ee:26:47:f1:e4:32:0b:89:
9c:bf:f3:ad:f5:f6:3b:f5:f3:dc:0e:cf:6e:23:4f:
02:5c:02:71:ee:ae:5d:47:c3:b6:07:0c:87:8b:cb:
4a:a8:2b:72:52:de:90:4b:f3:ed:a0:e4:40:89:1c:
4e:f1:eb:82:c3:b5:0a:27:bf:a1:75:d6:57:0e:5b:
02:7b:22:c7:81:50:65:2b:83:49:68:f5:26:ea:7c:
fa:66:df:41:28:dc:51:b3:1d:3c:43:7d:6f:b9:5d:
11:2d:43:87:f6:02:9d:6f:2c:98:c3:e4:29:6f:23:
37:6a:1f:55:1b:00:92:75:c3:d9:7a:72:bd:bc:85:
99:76:19:7e:4a:72:b9:4b:b2:21:12:12:5d:f4:5d:
e4:92:ae:05:70:3e:dc:b5:66:e1:4f:ee:8f:c5:76:
d3:55:da:3b:02:33:68:8a:47:6e:6e:ed:1f:42:b6:
f0:3d:86:6b:66:69:6c:ea:b7:fa:6d:e7:3d:74:d6:
47:49:5b:86:ad:88:b4:c6:bf:87:0e:11:25:be:9a:
d1:9c:3e:7e:b1:6e:72:52:ed:96:48:e4:89:ef:69:
81:8d:52:c6:cf:12:c9:1e:a1:61:2c:00:3f:41:3f:
93:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5D:F0:6C:49:F7:50:C7:DF:1B:2C:06:00:A2:7A:79:C7:01:60:04
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
150.241.199.0/24
Signature Algorithm: sha256WithRSAEncryption
91:25:ac:de:ef:65:39:27:9b:00:fe:0a:45:ee:39:af:b7:e3:
48:6d:85:35:c9:18:1c:c8:ef:5d:84:e2:a4:05:6c:55:ce:c9:
df:ed:d2:2b:64:77:63:78:d6:f3:9a:d4:54:ca:c3:c9:a8:bf:
43:0a:2d:67:36:c1:2e:11:c8:7a:d2:36:68:ce:07:c7:f8:98:
68:b2:fe:04:e2:a0:d3:e7:9e:8c:9a:84:dc:ef:fc:cd:cf:7f:
48:ac:01:1d:53:1a:06:d8:b1:37:f2:d3:05:20:cb:b5:ee:de:
37:bd:c1:82:1e:65:75:ab:21:49:03:04:72:48:6a:dc:58:1b:
ae:38:e4:d0:6f:50:70:4a:24:1b:e1:98:96:de:fe:67:6a:09:
08:eb:3e:1c:ef:01:18:b8:1e:1a:6f:24:90:be:9d:9b:be:9c:
93:86:91:2e:8f:80:3d:9f:4e:5c:e7:d1:41:74:60:cf:cc:4a:
4d:8c:4c:53:c0:7c:83:18:85:83:f3:e7:9f:d0:8b:e3:28:3e:
ca:71:7a:43:59:48:3a:2a:29:dc:7c:d8:d9:0d:92:d7:7f:ed:
1c:3f:00:4d:1e:fa:3f:c3:76:97:b2:9d:e5:e5:67:b1:88:0b:
ae:88:e4:07:74:80:75:fd:73:d0:a3:04:4a:b7:78:7e:f2:ce:
83:e9:9c:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUFEnHU5jmDfE1qOjoNPruENvTuiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MTcyMzU2MTZaFw0yNjA5MTcwMDAxMTZaMDMxMTAvBgNV
BAMTKEE0NURGMDZDNDlGNzUwQzdERjFCMkMwNjAwQTI3QTc5QzcwMTYwMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ2shPIfswVZaJXi/KLJniuZcE
pYPuJkfx5DILiZy/86319jv189wOz24jTwJcAnHurl1Hw7YHDIeLy0qoK3JS3pBL
8+2g5ECJHE7x64LDtQonv6F11lcOWwJ7IseBUGUrg0lo9SbqfPpm30Eo3FGzHTxD
fW+5XREtQ4f2Ap1vLJjD5ClvIzdqH1UbAJJ1w9l6cr28hZl2GX5KcrlLsiESEl30
XeSSrgVwPty1ZuFP7o/FdtNV2jsCM2iKR25u7R9CtvA9hmtmaWzqt/pt5z101kdJ
W4atiLTGv4cOESW+mtGcPn6xbnJS7ZZI5InvaYGNUsbPEskeoWEsAD9BP5P5AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUpF3wbEn3UMffGywGAKJ6eccBYAQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACR3zQD
BACR3zgDBACSZywDBACSZzcDBACSZzsDBACW8ccwDQYJKoZIhvcNAQELBQADggEB
AJElrN7vZTknmwD+CkXuOa+340hthTXJGBzI712E4qQFbFXOyd/t0itkd2N41vOa
1FTKw8mov0MKLWc2wS4RyHrSNmjOB8f4mGiy/gTioNPnnoyahNzv/M3Pf0isAR1T
GgbYsTfy0wUgy7Xu3je9wYIeZXWrIUkDBHJIatxYG6445NBvUHBKJBvhmJbe/mdq
CQjrPhzvARi4HhpvJJC+nZu+nJOGkS6PgD2fTlzn0UF0YM/MSk2MTFPAfIMYhYPz
55/Qi+MoPspxekNZSDoqKdx82NkNktd/7Rw/AE0e+j/DdpeyneXlZ7GIC66I5Ad0
gHX9c9CjBEq3eH7yzoPpnCE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:42:35 2025 by rpki-client