Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: Upu4XHliQVELcJGs0c2AcVr3lNCv1hiEYMLuvXUz72A=
Subject key identifier: 94:8B:01:CE:71:66:AF:DD:89:6F:94:E7:31:17:0C:19:4F:7A:10:6B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 188DBE83280CB0F71B5E293E5FB313F5B4BEAD81
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Sat 02 May 2026 23:04:41 +0000
ROA not before: Sat 02 May 2026 22:59:41 +0000
ROA not after: Sat 01 May 2027 23:04:41 +0000
asID: 40676
IP address blocks: 46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
92.112.56.0/24 maxlen: 24
92.112.144.0/24 maxlen: 24
95.134.120.0/24 maxlen: 24
178.93.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:8d:be:83:28:0c:b0:f7:1b:5e:29:3e:5f:b3:13:f5:b4:be:ad:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 2 22:59:41 2026 GMT
Not After : May 1 23:04:41 2027 GMT
Subject: CN=948B01CE7166AFDD896F94E731170C194F7A106B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:46:b4:f1:77:a6:76:d0:64:d6:88:82:94:9b:
52:ee:6c:dd:90:71:a2:71:6b:ee:e6:ce:17:90:f8:
47:b5:0b:c2:d5:b5:ae:0f:17:d1:c2:75:e8:6e:27:
2f:a6:df:bd:36:e1:d9:da:66:d2:e7:66:41:ae:8e:
0a:44:c2:a0:fe:5c:64:e6:65:a4:f9:5e:33:1a:35:
3d:7a:7a:62:eb:4e:61:1c:a0:2c:83:53:3b:30:c1:
67:e2:49:8a:78:84:46:5e:a9:a6:97:41:fb:bc:0f:
be:17:45:1d:8e:01:41:23:ba:77:5e:cc:8b:32:8b:
39:48:30:9f:dd:e1:c1:70:be:0d:1e:e6:ae:36:e3:
e0:b4:5b:05:3a:12:d6:c2:89:6e:2b:1c:72:70:d2:
23:fc:6c:38:1f:ad:52:61:77:77:4f:4a:de:f8:53:
5a:db:6e:d0:03:8c:4e:92:a3:d7:8d:40:45:9e:fa:
e1:fc:91:b9:18:87:4c:90:02:0f:f9:90:67:4e:24:
65:5c:80:0b:a6:f7:d1:77:94:f0:c2:44:04:ab:fe:
a2:4b:b7:69:eb:86:6c:ab:63:26:f4:ab:64:61:19:
ef:f6:9d:0a:fd:28:a8:cd:66:66:91:94:a6:6f:56:
b6:e2:e6:02:59:2e:e4:30:5c:68:ee:59:2d:45:3d:
41:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8B:01:CE:71:66:AF:DD:89:6F:94:E7:31:17:0C:19:4F:7A:10:6B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.224.0/24
91.124.135.0/24
92.112.56.0/24
92.112.144.0/24
95.134.120.0/24
178.93.23.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f2:e9:3b:ea:ff:63:f0:a6:a5:52:6f:a5:63:62:0d:27:47:
72:a6:c1:48:c1:d5:b6:06:84:1f:9e:68:01:2c:23:34:89:c5:
f8:44:b9:dd:f1:ec:38:bc:a2:dc:51:83:a3:79:b9:c6:4f:24:
7b:a4:71:e7:89:8d:4b:b6:ad:67:c1:62:8e:17:e9:d7:6a:d0:
d1:c5:76:32:8f:ce:b2:c4:24:f9:33:9a:45:0b:31:41:f2:1e:
89:99:9d:96:4f:08:ed:2d:51:36:81:89:f7:62:93:bd:48:e3:
4c:9a:80:41:f5:48:96:4a:60:f3:04:10:dd:58:b6:78:cd:fc:
6a:9e:22:8f:04:7e:dc:59:7a:d8:84:ef:c6:91:2c:63:2e:69:
57:01:8a:8c:95:4c:d9:b8:31:06:2b:0b:17:27:90:db:7c:98:
0b:a1:10:ca:15:2c:6f:97:ec:29:16:e2:eb:18:88:0b:17:94:
d6:bf:ff:ab:de:81:e9:a5:e3:97:da:12:e5:23:7e:87:92:fd:
0b:4b:7b:88:27:90:7d:c3:ff:7d:4a:c8:8c:df:9d:53:b0:91:
4f:0e:8f:28:f8:d6:21:87:e2:e5:98:27:4a:13:72:a8:99:08:
19:e4:20:4f:6b:1e:d7:22:5a:d3:59:61:82:5f:27:6d:4d:64:
0b:75:13:09
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUGI2+gygMsPcbXik+X7MT9bS+rYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDIyMjU5NDFaFw0yNzA1MDEyMzA0NDFaMDMxMTAvBgNV
BAMTKDk0OEIwMUNFNzE2NkFGREQ4OTZGOTRFNzMxMTcwQzE5NEY3QTEwNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDORrTxd6Z20GTWiIKUm1LubN2Q
caJxa+7mzheQ+Ee1C8LVta4PF9HCdehuJy+m37024dnaZtLnZkGujgpEwqD+XGTm
ZaT5XjMaNT16emLrTmEcoCyDUzswwWfiSYp4hEZeqaaXQfu8D74XRR2OAUEjunde
zIsyizlIMJ/d4cFwvg0e5q424+C0WwU6EtbCiW4rHHJw0iP8bDgfrVJhd3dPSt74
U1rbbtADjE6So9eNQEWe+uH8kbkYh0yQAg/5kGdOJGVcgAum99F3lPDCRASr/qJL
t2nrhmyrYyb0q2RhGe/2nQr9KKjNZmaRlKZvVrbi5gJZLuQwXGjuWS1FPUGrAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUlIsBznFmr92Jb5TnMRcMGU96EGswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAAuyuAD
BABbfIcDBABccDgDBABccJADBABfhngDBACyXRcwDQYJKoZIhvcNAQELBQADggEB
AFXy6Tvq/2PwpqVSb6VjYg0nR3KmwUjB1bYGhB+eaAEsIzSJxfhEud3x7Di8otxR
g6N5ucZPJHukceeJjUu2rWfBYo4X6ddq0NHFdjKPzrLEJPkzmkULMUHyHomZnZZP
CO0tUTaBifdik71I40yagEH1SJZKYPMEEN1YtnjN/GqeIo8EftxZetiE78aRLGMu
aVcBioyVTNm4MQYrCxcnkNt8mAuhEMoVLG+X7CkW4usYiAsXlNa//6vegeml45fa
EuUjfoeS/QtLe4gnkH3D/31KyIzfnVOwkU8Ojyj41iGH4uWYJ0oTcqiZCBnkIE9r
HtciWtNZYYJfJ21NZAt1Ewk=
-----END CERTIFICATE-----
Generated at Wed May 13 01:28:15 2026 by rpki-client