Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 6L/vXPZAzGOER4il8FywZVYH7sB6W8xoX478b7pDQE8=
Subject key identifier: C1:33:6E:8B:E4:F6:EA:7F:EE:C9:B6:06:5F:B1:FC:F0:9E:16:48:AC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 041A00A3E1CFC0F51DBAC8A8F94B08622F59863D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
Signing time: Fri 17 Oct 2025 00:55:08 +0000
ROA not before: Fri 17 Oct 2025 00:50:08 +0000
ROA not after: Fri 16 Oct 2026 00:55:08 +0000
asID: 40676
IP address blocks: 179.61.238.0/24 maxlen: 24
181.215.74.0/24 maxlen: 24
181.215.75.0/24 maxlen: 24
181.215.76.0/24 maxlen: 24
181.215.77.0/24 maxlen: 24
181.215.121.0/24 maxlen: 24
181.215.122.0/24 maxlen: 24
181.215.123.0/24 maxlen: 24
191.101.7.0/24 maxlen: 24
191.101.44.0/22 maxlen: 24
191.101.64.0/24 maxlen: 24
191.101.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:1a:00:a3:e1:cf:c0:f5:1d:ba:c8:a8:f9:4b:08:62:2f:59:86:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 17 00:50:08 2025 GMT
Not After : Oct 16 00:55:08 2026 GMT
Subject: CN=C1336E8BE4F6EA7FEEC9B6065FB1FCF09E1648AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:cb:af:9a:a9:af:26:41:5f:57:1b:0b:f2:
eb:64:34:42:14:26:67:9e:78:fe:ee:09:8a:57:f9:
4f:86:36:af:1d:14:08:28:0f:5a:75:3b:b0:ce:d4:
70:a1:42:10:13:c8:a7:75:81:1f:04:18:b5:07:a7:
b8:69:8a:e0:b2:b2:bf:f5:e6:64:e4:88:9d:7a:8b:
f4:48:c0:1c:b4:8e:34:a0:d2:ea:48:21:f3:6c:21:
d6:ec:4d:92:a3:d2:7a:d1:4f:06:90:9b:b0:4c:c1:
16:ea:97:56:d1:ff:ac:26:f4:27:fd:97:b2:eb:3b:
ee:63:eb:52:2e:05:66:33:61:bd:96:81:42:df:5b:
d6:52:01:ef:11:7e:55:b2:24:9e:ce:14:c6:a8:5a:
75:76:f4:4e:9a:26:01:21:6a:b7:47:8f:ff:3e:e0:
35:7c:1e:23:00:30:81:e6:c6:f3:23:25:90:1e:0e:
61:01:a9:90:a1:1d:12:33:64:8c:0d:05:c5:55:72:
7e:dc:71:07:ec:a1:c2:95:f9:ff:bc:21:e1:09:aa:
c4:90:7f:e0:f9:9f:1f:a2:bd:f3:58:22:b0:a6:5a:
83:f4:ed:0b:9e:c7:3e:8c:62:bb:5f:d3:19:19:46:
c4:91:89:a8:41:5a:20:cf:86:2e:14:13:e3:6c:8e:
e8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:33:6E:8B:E4:F6:EA:7F:EE:C9:B6:06:5F:B1:FC:F0:9E:16:48:AC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.238.0/24
181.215.74.0-181.215.77.255
181.215.121.0-181.215.123.255
191.101.7.0/24
191.101.44.0/22
191.101.64.0/24
191.101.68.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:eb:ef:f0:ea:88:fe:62:66:e8:0d:30:15:f3:5f:50:68:da:
94:4c:57:3f:a8:ad:8d:bc:b4:07:df:1e:0d:cc:12:d5:f7:f3:
74:a1:9b:fa:c5:53:9f:03:aa:17:fe:8f:01:52:35:bd:42:99:
8d:4f:01:5d:60:85:8e:ca:a4:a0:a1:76:f1:38:8b:a8:66:d7:
75:9f:c7:73:86:8a:a9:84:53:c7:ef:35:5d:21:f7:57:a9:cd:
4f:16:28:19:f1:b2:c5:26:2d:7a:98:92:d8:36:6b:bd:ac:d4:
ce:59:c1:ad:1c:8f:a7:0c:dd:14:2b:5e:40:41:5e:42:43:71:
81:76:fc:03:fc:1d:f1:10:42:39:3e:c7:73:b8:1e:ee:b7:22:
26:ab:c8:a7:43:0c:87:2e:66:41:31:61:ad:a0:12:39:92:3f:
e4:bb:fc:11:ae:a2:7a:76:98:4b:92:dc:5f:29:af:71:3b:8d:
c8:a3:54:f1:1d:51:ba:3b:7a:74:9f:85:c4:c2:87:3e:f8:99:
d1:15:d9:f9:bd:a1:2c:76:83:e3:96:d8:fa:3c:67:fb:29:49:
bd:71:48:2b:fb:53:f7:d7:77:1a:37:b6:d5:e7:b1:b2:65:c4:
4a:d3:8c:43:40:d3:3d:9c:2f:9e:9d:d2:bb:0d:06:8e:9e:3d:
d9:24:9f:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBBoAo+HPwPUdusio+UsIYi9Zhj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTcwMDUwMDhaFw0yNjEwMTYwMDU1MDhaMDMxMTAvBgNV
BAMTKEMxMzM2RThCRTRGNkVBN0ZFRUM5QjYwNjVGQjFGQ0YwOUUxNjQ4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC99suvmqmvJkFfVxsL8utkNEIU
JmeeeP7uCYpX+U+GNq8dFAgoD1p1O7DO1HChQhATyKd1gR8EGLUHp7hpiuCysr/1
5mTkiJ16i/RIwBy0jjSg0upIIfNsIdbsTZKj0nrRTwaQm7BMwRbql1bR/6wm9Cf9
l7LrO+5j61IuBWYzYb2WgULfW9ZSAe8RflWyJJ7OFMaoWnV29E6aJgEhardHj/8+
4DV8HiMAMIHmxvMjJZAeDmEBqZChHRIzZIwNBcVVcn7ccQfsocKV+f+8IeEJqsSQ
f+D5nx+ivfNYIrCmWoP07Quexz6MYrtf0xkZRsSRiahBWiDPhi4UE+NsjuhPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwTNui+T26n/uybYGX7H88J4WSKwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUwYIKwYBBQUHAQcBAf8ERDBCMEAEAgABMDoDBACzPe4w
DAMEAbXXSgMEAbXXTDAMAwQAtdd5AwQCtdd4AwQAv2UHAwQCv2UsAwQAv2VAAwQA
v2VEMA0GCSqGSIb3DQEBCwUAA4IBAQBc6+/w6oj+YmboDTAV819QaNqUTFc/qK2N
vLQH3x4NzBLV9/N0oZv6xVOfA6oX/o8BUjW9QpmNTwFdYIWOyqSgoXbxOIuoZtd1
n8dzhoqphFPH7zVdIfdXqc1PFigZ8bLFJi16mJLYNmu9rNTOWcGtHI+nDN0UK15A
QV5CQ3GBdvwD/B3xEEI5PsdzuB7utyImq8inQwyHLmZBMWGtoBI5kj/ku/wRrqJ6
dphLktxfKa9xO43Io1TxHVG6O3p0n4XEwoc++JnRFdn5vaEsdoPjltj6PGf7KUm9
cUgr+1P313caN7bV57GyZcRK04xDQNM9nC+endK7DQaOnj3ZJJ8J
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:04:29 2025 by rpki-client