Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: m9bz5fHrYvLGQ5AGJGUr7GKTJyfxSeoLjhTeInuEcCg=
Subject key identifier: 7A:28:01:36:77:97:B0:7B:D9:FE:B5:F6:ED:52:06:C6:B5:D9:5B:3F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 78D4BDB7CE5251607FB954146E8772F9685C3BD5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Wed 06 May 2026 05:33:55 +0000
ROA not before: Wed 06 May 2026 05:28:55 +0000
ROA not after: Wed 05 May 2027 05:33:55 +0000
asID: 40676
IP address blocks: 96.62.101.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
168.222.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:d4:bd:b7:ce:52:51:60:7f:b9:54:14:6e:87:72:f9:68:5c:3b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 6 05:28:55 2026 GMT
Not After : May 5 05:33:55 2027 GMT
Subject: CN=7A2801367797B07BD9FEB5F6ED5206C6B5D95B3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d2:bc:cd:41:d8:0f:80:6d:55:b5:5c:a2:4f:
5b:0d:4e:44:f7:44:97:78:fb:82:87:3d:df:35:a3:
67:01:46:14:7d:ef:3e:aa:c9:c0:4d:4c:bd:6c:8a:
6a:f0:9b:52:f1:36:5e:21:cb:93:af:e0:37:0d:92:
97:bf:7e:39:d6:85:b6:48:fc:9f:d6:96:47:63:97:
e2:d6:cc:f9:7d:3b:09:2a:0c:f4:75:c2:25:87:48:
aa:dd:be:e8:d9:e2:3c:07:45:de:1b:34:38:3c:76:
f6:cf:5f:06:f2:1a:d6:88:05:c0:8f:27:79:cf:e8:
37:40:bd:53:da:cd:35:bf:c4:98:85:f4:de:c6:0f:
64:d5:d6:f4:5f:ab:ce:8b:ff:3d:bd:05:66:78:26:
a4:72:70:ca:81:b7:00:ac:48:41:83:37:11:73:68:
72:3c:b8:dd:c8:2a:a8:af:7b:0b:9f:0f:23:1f:9e:
c7:ff:02:ed:18:08:e7:04:53:26:41:ec:aa:2c:6d:
96:df:dc:8e:2d:a6:71:53:36:97:08:a5:86:05:c9:
c9:fb:88:d2:c1:83:1c:fd:a7:a8:81:af:92:3d:9e:
88:bd:e9:9d:91:71:07:5d:0a:db:3f:5f:46:22:90:
46:db:16:ca:f0:26:76:54:e5:0e:75:ce:33:cc:69:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:28:01:36:77:97:B0:7B:D9:FE:B5:F6:ED:52:06:C6:B5:D9:5B:3F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.101.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
168.222.66.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:3c:58:6d:27:76:1b:02:7d:b2:ae:f1:b3:4c:ce:f0:83:78:
52:e8:5a:12:6e:3c:20:3e:41:0f:0f:63:87:5b:db:09:23:0d:
18:99:8e:38:55:5b:09:e1:a7:98:7e:f5:0e:0e:47:ad:15:0a:
7f:13:ab:2e:aa:e8:58:80:5c:64:e3:09:86:ce:18:2b:70:78:
16:b3:bd:53:2c:c5:d4:eb:3d:09:29:0c:40:9a:b4:e9:69:f7:
46:07:e4:4e:57:23:87:0f:84:37:b7:5a:ca:10:8c:cb:f3:b1:
c7:0e:cf:d1:38:35:6f:af:80:95:f2:56:af:40:ff:3b:e6:02:
a5:c0:a6:f6:e4:76:53:0b:37:b5:f2:b4:4b:f4:5d:90:52:47:
95:15:9d:91:d4:66:db:65:00:74:de:d0:a2:a5:49:df:56:a7:
5b:aa:f7:9b:c0:73:62:ee:ab:9b:65:31:95:df:87:c0:30:71:
6c:67:de:ff:38:10:f4:fe:4d:9d:f1:4e:27:3d:bf:f4:d0:6e:
4b:bc:9b:6a:26:28:b1:bc:68:e2:be:6a:17:ad:0d:75:02:f8:
2c:f4:09:c5:e3:87:62:d6:5e:67:4d:90:23:85:97:fb:ef:ce:
e1:36:cc:84:4a:7e:27:3b:27:ed:49:fa:20:1d:44:ad:ee:24:
7d:6f:b3:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUeNS9t85SUWB/uVQUbody+WhcO9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDYwNTI4NTVaFw0yNzA1MDUwNTMzNTVaMDMxMTAvBgNV
BAMTKDdBMjgwMTM2Nzc5N0IwN0JEOUZFQjVGNkVENTIwNkM2QjVEOTVCM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20rzNQdgPgG1VtVyiT1sNTkT3
RJd4+4KHPd81o2cBRhR97z6qycBNTL1simrwm1LxNl4hy5Ov4DcNkpe/fjnWhbZI
/J/Wlkdjl+LWzPl9OwkqDPR1wiWHSKrdvujZ4jwHRd4bNDg8dvbPXwbyGtaIBcCP
J3nP6DdAvVPazTW/xJiF9N7GD2TV1vRfq86L/z29BWZ4JqRycMqBtwCsSEGDNxFz
aHI8uN3IKqivewufDyMfnsf/Au0YCOcEUyZB7KosbZbf3I4tpnFTNpcIpYYFycn7
iNLBgxz9p6iBr5I9noi96Z2RcQddCts/X0YikEbbFsrwJnZU5Q51zjPMaQSTAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUeigBNneXsHvZ/rX27VIGxrXZWz8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABgPmUD
BACR3zQDBACR3zgDBACSZywDBACSZzcDBACo3kIwDQYJKoZIhvcNAQELBQADggEB
AGo8WG0ndhsCfbKu8bNMzvCDeFLoWhJuPCA+QQ8PY4db2wkjDRiZjjhVWwnhp5h+
9Q4OR60VCn8Tqy6q6FiAXGTjCYbOGCtweBazvVMsxdTrPQkpDECatOlp90YH5E5X
I4cPhDe3WsoQjMvzsccOz9E4NW+vgJXyVq9A/zvmAqXApvbkdlMLN7XytEv0XZBS
R5UVnZHUZttlAHTe0KKlSd9Wp1uq95vAc2Luq5tlMZXfh8AwcWxn3v84EPT+TZ3x
Tic9v/TQbku8m2omKLG8aOK+ahetDXUC+Cz0CcXjh2LWXmdNkCOFl/vvzuE2zIRK
fic7J+1J+iAdRK3uJH1vs+U=
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:56 2026 by rpki-client