Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: or9UxQf5pliRWo7ApSp7p+nVHjI2/8tA43OY+WDjTPo=
Subject key identifier: 4F:A3:E6:2F:51:FF:AD:33:62:40:4C:12:FE:4A:36:01:07:14:3C:68
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2222238986D27D6E276A2DDAA3F02FFB144C4748
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Thu 14 Aug 2025 14:09:18 +0000
ROA not before: Thu 14 Aug 2025 14:04:18 +0000
ROA not after: Thu 13 Aug 2026 14:09:18 +0000
asID: 40676
IP address blocks: 46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
91.124.178.0/24 maxlen: 24
95.134.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:22:23:89:86:d2:7d:6e:27:6a:2d:da:a3:f0:2f:fb:14:4c:47:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 14 14:04:18 2025 GMT
Not After : Aug 13 14:09:18 2026 GMT
Subject: CN=4FA3E62F51FFAD3362404C12FE4A360107143C68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:f1:d2:d6:65:b2:a3:5d:9c:2f:8e:3d:14:
ea:79:cc:40:26:cf:0d:ea:47:30:3b:81:29:0f:dc:
9a:00:a5:d2:8d:00:bf:54:b7:5a:51:aa:17:ca:aa:
d3:e0:ef:00:78:7a:49:e0:15:42:6f:f4:c8:19:d1:
31:43:40:7a:9c:80:f0:54:b3:73:24:d2:2d:52:9c:
07:46:5f:fa:4b:0a:17:05:83:95:ea:c4:5a:4f:16:
b5:19:b7:53:80:bc:a9:57:ee:3f:18:c2:e7:4d:21:
20:f2:b1:ed:01:93:3f:97:ef:22:6e:4a:1b:db:a5:
01:49:77:de:e4:b6:b7:89:18:18:91:c2:11:e4:5f:
4a:a2:d4:52:01:28:ad:b2:ac:6d:55:70:ec:fe:c4:
18:49:b0:eb:8c:2d:36:d4:ee:4b:8c:8b:ad:56:5f:
2b:2b:7a:5b:e1:62:16:05:6f:c2:23:1b:9c:98:87:
6b:71:c3:65:a5:91:ce:b8:07:4e:07:ed:49:69:9b:
e2:23:16:f4:e5:61:0f:52:89:21:08:29:7a:cf:cd:
19:fa:a9:1b:83:75:49:2d:98:42:6f:7d:e5:d6:ee:
8d:bb:20:29:32:40:13:bc:2e:3a:03:fe:bd:7a:da:
a1:ca:fd:1a:92:92:e6:b9:d0:3e:a8:b6:eb:23:67:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A3:E6:2F:51:FF:AD:33:62:40:4C:12:FE:4A:36:01:07:14:3C:68
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.224.0/24
91.124.135.0/24
91.124.178.0/24
95.134.69.0/24
Signature Algorithm: sha256WithRSAEncryption
92:66:29:2c:b2:ca:48:03:67:81:67:2a:71:cc:68:4b:25:e3:
be:01:11:92:de:98:58:2b:28:8b:3c:3e:c6:49:2b:31:ff:1f:
4e:8c:60:b0:17:d3:63:c0:44:b2:ef:b1:12:34:1d:b3:eb:e3:
5b:61:19:38:40:fd:c0:ef:6a:35:b0:dd:ae:9d:c7:c7:55:04:
50:a8:cd:79:ed:81:20:0c:41:88:ca:19:3d:80:d7:67:4d:ca:
c4:3b:5d:64:fa:41:17:c4:8f:09:99:6f:86:58:a7:cc:7b:a6:
19:a5:b8:e5:c5:39:a6:fd:73:44:25:69:ca:d2:d5:41:c0:f3:
22:5b:2c:22:ea:6a:34:30:19:47:ab:f4:dd:e1:7e:59:75:15:
e7:82:03:b7:d1:5d:1b:64:48:36:e8:a7:0d:f2:38:ec:e7:a8:
b2:3a:9c:16:c1:a9:f7:18:b1:75:f1:e2:fc:91:2f:db:ae:06:
5f:94:b4:72:6e:b6:0e:12:48:27:40:25:66:c1:27:d7:e2:b9:
f7:6a:21:63:b2:12:84:e9:9b:e0:f3:bc:d8:7e:8f:be:76:02:
be:c4:28:e6:59:d7:38:3d:57:5c:9d:f8:fb:b4:2f:a9:92:2c:
25:3c:05:71:38:7f:94:dc:10:be:94:de:00:ee:6c:c0:a9:54:
83:85:2c:1e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUIiIjiYbSfW4nai3ao/Av+xRMR0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTQxNDA0MThaFw0yNjA4MTMxNDA5MThaMDMxMTAvBgNV
BAMTKDRGQTNFNjJGNTFGRkFEMzM2MjQwNEMxMkZFNEEzNjAxMDcxNDNDNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7mvHS1mWyo12cL449FOp5zEAm
zw3qRzA7gSkP3JoApdKNAL9Ut1pRqhfKqtPg7wB4ekngFUJv9MgZ0TFDQHqcgPBU
s3Mk0i1SnAdGX/pLChcFg5XqxFpPFrUZt1OAvKlX7j8YwudNISDyse0Bkz+X7yJu
ShvbpQFJd97ktreJGBiRwhHkX0qi1FIBKK2yrG1VcOz+xBhJsOuMLTbU7kuMi61W
XysrelvhYhYFb8IjG5yYh2txw2Wlkc64B04H7Ulpm+IjFvTlYQ9SiSEIKXrPzRn6
qRuDdUktmEJvfeXW7o27ICkyQBO8LjoD/r162qHK/RqSkua50D6otusjZzf/AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUT6PmL1H/rTNiQEwS/ko2AQcUPGgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAuyuAD
BABbfIcDBABbfLIDBABfhkUwDQYJKoZIhvcNAQELBQADggEBAJJmKSyyykgDZ4Fn
KnHMaEsl474BEZLemFgrKIs8PsZJKzH/H06MYLAX02PARLLvsRI0HbPr41thGThA
/cDvajWw3a6dx8dVBFCozXntgSAMQYjKGT2A12dNysQ7XWT6QRfEjwmZb4ZYp8x7
phmluOXFOab9c0QlacrS1UHA8yJbLCLqajQwGUer9N3hfll1FeeCA7fRXRtkSDbo
pw3yOOznqLI6nBbBqfcYsXXx4vyRL9uuBl+UtHJutg4SSCdAJWbBJ9fiufdqIWOy
EoTpm+DzvNh+j752Ar7EKOZZ1zg9V1yd+Pu0L6mSLCU8BXE4f5TcEL6U3gDubMCp
VIOFLB4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:18:58 2025 by rpki-client