Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: CltSFQh1jN5EVUPZmf5K1yMtBJQkq961fV5tUGdT/l8=
Subject key identifier: C2:83:2F:16:4C:76:54:BC:01:C5:31:B2:62:E9:1E:72:2D:CA:55:AC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2685706DEA3F5F9D4A747AB285A5A187566AB466
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Thu 30 Apr 2026 04:35:17 +0000
ROA not before: Thu 30 Apr 2026 04:30:17 +0000
ROA not after: Thu 29 Apr 2027 04:35:17 +0000
asID: 40676
IP address blocks: 179.61.238.0/24 maxlen: 24
181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:85:70:6d:ea:3f:5f:9d:4a:74:7a:b2:85:a5:a1:87:56:6a:b4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 30 04:30:17 2026 GMT
Not After : Apr 29 04:35:17 2027 GMT
Subject: CN=C2832F164C7654BC01C531B262E91E722DCA55AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:3a:2a:ac:b0:7e:2e:3b:6f:23:d7:25:e2:
76:1a:83:e4:2a:40:83:3b:a0:93:f3:91:b0:de:d5:
82:1d:3e:5b:68:80:bb:43:78:08:0f:13:ac:50:94:
75:31:3a:ee:61:7e:7a:b9:11:9b:7d:5e:f7:8c:30:
c3:8b:22:78:25:b4:74:1a:ec:c9:44:f6:cd:5e:28:
15:68:60:d8:2f:38:7a:de:cf:8c:1f:1e:1f:9c:28:
b2:f7:c9:c1:d7:3f:2f:55:95:cd:61:79:65:e4:14:
d8:ad:d1:27:6f:29:68:e3:8d:cf:b2:84:67:71:66:
99:45:84:6e:40:db:ed:78:a8:a3:c2:b8:b5:b3:ac:
bd:f4:89:08:40:7f:66:59:0f:f0:1f:79:2c:bb:37:
3f:80:f5:af:ce:a0:7e:53:2f:b7:95:a5:54:54:79:
92:fb:20:8b:2e:ae:0e:88:ca:4c:2a:92:e2:1f:1f:
46:af:5c:6e:af:b2:99:8d:3c:68:4f:f2:03:a2:90:
c9:4f:5e:4e:0b:d8:a0:d8:05:ea:19:0b:a2:f6:2c:
bf:42:3b:aa:c3:fd:95:38:a7:af:00:09:48:0f:48:
04:0e:be:48:41:22:52:71:0d:65:ef:c0:28:04:92:
af:f4:f6:bb:97:f5:70:27:57:d1:b8:27:97:a6:6e:
6f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:83:2F:16:4C:76:54:BC:01:C5:31:B2:62:E9:1E:72:2D:CA:55:AC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.238.0/24
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.101.7.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
12:73:59:fb:c5:95:ab:b6:b1:a9:d1:1e:d5:4c:15:ea:60:8e:
dc:1c:e5:26:bb:f3:3c:77:bd:6b:99:0e:5a:c1:97:9a:c6:6b:
93:bd:5b:6b:28:76:30:f6:75:a4:57:bc:cd:09:e3:8e:13:9e:
ba:d5:d3:de:80:59:41:ee:91:5e:7b:ab:6c:d3:ea:fa:99:f1:
f1:68:b4:d7:18:d2:51:5e:85:ed:ba:24:c2:35:e9:82:96:b8:
48:12:87:7e:13:f3:cb:cf:cd:7d:4d:aa:c1:f3:c5:3c:1e:e4:
cc:aa:3c:8a:b6:98:0d:21:70:4f:f7:f9:1a:a3:9f:ca:50:6e:
3c:7c:da:e7:99:31:84:08:1c:18:88:24:35:92:74:1a:30:95:
4f:59:52:8d:f2:96:9a:6a:27:25:a2:72:c9:59:99:a6:8b:6d:
6a:8d:92:c2:14:29:15:b3:54:b4:8b:30:43:42:e0:c3:10:73:
d3:f4:93:03:2b:4b:b4:c5:2f:0c:05:e9:ce:0d:5d:e0:62:7b:
96:96:d0:a9:1f:8c:e2:42:8b:dd:de:94:e7:fc:fe:f0:bd:dd:
0b:86:c3:ac:9a:02:2b:6f:cf:5c:32:f0:e0:b4:c3:63:b3:ef:
2b:27:72:52:46:12:bd:51:24:26:dc:b6:e8:95:81:fe:1e:e3:
38:26:4c:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJoVwbeo/X51KdHqyhaWhh1ZqtGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MzAwNDMwMTdaFw0yNzA0MjkwNDM1MTdaMDMxMTAvBgNV
BAMTKEMyODMyRjE2NEM3NjU0QkMwMUM1MzFCMjYyRTkxRTcyMkRDQTU1QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOcjoqrLB+LjtvI9cl4nYag+Qq
QIM7oJPzkbDe1YIdPltogLtDeAgPE6xQlHUxOu5hfnq5EZt9XveMMMOLIngltHQa
7MlE9s1eKBVoYNgvOHrez4wfHh+cKLL3ycHXPy9Vlc1heWXkFNit0SdvKWjjjc+y
hGdxZplFhG5A2+14qKPCuLWzrL30iQhAf2ZZD/AfeSy7Nz+A9a/OoH5TL7eVpVRU
eZL7IIsurg6IykwqkuIfH0avXG6vspmNPGhP8gOikMlPXk4L2KDYBeoZC6L2LL9C
O6rD/ZU4p68ACUgPSAQOvkhBIlJxDWXvwCgEkq/09ruX9XAnV9G4J5embm8HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwoMvFkx2VLwBxTGyYukeci3KVawwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUwYIKwYBBQUHAQcBAf8ERDBCMEAEAgABMDoDBACzPe4w
DAMEAbXXSgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2UHAwQCv2UsAwQAv2VAAwQA
v2VEMA0GCSqGSIb3DQEBCwUAA4IBAQASc1n7xZWrtrGp0R7VTBXqYI7cHOUmu/M8
d71rmQ5awZeaxmuTvVtrKHYw9nWkV7zNCeOOE5661dPegFlB7pFee6ts0+r6mfHx
aLTXGNJRXoXtuiTCNemClrhIEod+E/PLz819TarB88U8HuTMqjyKtpgNIXBP9/ka
o5/KUG48fNrnmTGECBwYiCQ1knQaMJVPWVKN8paaaiclonLJWZmmi21qjZLCFCkV
s1S0izBDQuDDEHPT9JMDK0u0xS8MBenODV3gYnuWltCpH4ziQovd3pTn/P7wvd0L
hsOsmgIrb89cMvDgtMNjs+8rJ3JSRhK9USQm3LbolYH+HuM4Jkx1
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:33 2026 by rpki-client