Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: ED2PeKLcp0SaaP9a9keaDvJbHgJIpCwzHFNYDbiLUzY=
Subject key identifier: D6:AD:EC:6B:C7:C5:DE:D8:2D:1B:43:BB:C0:04:2A:97:66:D9:0E:4C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 36D167335697687ABDA10175CBBAC07D505B0E95
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Thu 26 Mar 2026 02:04:44 +0000
ROA not before: Thu 26 Mar 2026 01:59:44 +0000
ROA not after: Thu 25 Mar 2027 02:04:44 +0000
asID: 40676
IP address blocks: 46.202.116.0/24 maxlen: 24
46.202.117.0/24 maxlen: 24
46.202.118.0/24 maxlen: 24
46.202.119.0/24 maxlen: 24
46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
91.124.197.0/24 maxlen: 24
92.113.14.0/24 maxlen: 24
92.113.46.0/24 maxlen: 24
95.134.123.0/24 maxlen: 24
95.134.125.0/24 maxlen: 24
95.134.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d1:67:33:56:97:68:7a:bd:a1:01:75:cb:ba:c0:7d:50:5b:0e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 26 01:59:44 2026 GMT
Not After : Mar 25 02:04:44 2027 GMT
Subject: CN=D6ADEC6BC7C5DED82D1B43BBC0042A9766D90E4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:16:20:99:2a:03:bf:fe:02:33:48:7d:7c:bf:
d1:a5:ae:06:08:ea:3a:0e:0a:45:ef:ac:44:bf:60:
91:11:69:14:85:8a:65:bf:8d:fe:eb:6c:e9:18:a6:
6c:34:15:58:4b:fe:2c:db:4d:9f:59:c3:39:88:7f:
a8:f6:58:0a:b0:53:84:de:4e:6e:ae:60:e1:62:58:
d4:69:25:68:c9:5c:f4:94:8e:3d:4a:9a:13:91:25:
99:e8:15:e2:04:55:a9:83:5b:57:b6:0f:b8:8e:f2:
8d:ff:1c:58:b0:01:75:57:89:8a:8d:cc:bb:32:08:
c3:db:cd:83:3e:13:f1:9f:99:d7:29:6c:07:87:f4:
d0:0d:16:f9:c2:0f:d6:a6:31:f7:94:4e:ee:74:78:
c8:89:ab:71:37:f9:c5:d1:53:d7:73:6f:77:c0:6c:
b2:11:13:92:84:b9:63:3a:a1:9d:b5:53:88:b0:db:
ba:e7:d0:d3:31:65:ff:20:14:5c:b9:a3:b2:70:35:
ce:4c:3c:38:f5:fb:ca:fa:3e:aa:89:3d:40:7c:95:
b9:2d:fd:ab:8e:03:a3:72:06:a1:fd:94:15:b6:37:
45:9e:ca:fb:3b:62:e0:ad:67:5d:4a:ee:c7:85:81:
8d:4d:8b:3e:8a:3a:99:fb:af:9e:94:6a:ab:7e:25:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AD:EC:6B:C7:C5:DE:D8:2D:1B:43:BB:C0:04:2A:97:66:D9:0E:4C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.116.0/22
46.202.224.0/24
91.124.135.0/24
91.124.197.0/24
92.113.14.0/24
92.113.46.0/24
95.134.123.0/24
95.134.125.0/24
95.134.177.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7d:14:6e:91:77:54:59:35:f9:b0:ea:82:f2:af:ba:b7:3c:
09:ee:2d:c8:2e:2a:5c:4e:8d:c7:71:fd:36:ea:ed:9c:20:16:
0e:d8:a3:3d:c6:f5:0a:8d:14:11:03:8a:b2:1f:0c:0c:65:45:
30:c8:1d:eb:85:52:90:77:fc:01:67:b2:66:09:b9:92:94:7f:
36:99:0a:8d:7e:b8:0b:ff:9c:70:3e:d4:3f:8a:12:ae:5d:c8:
67:de:bf:f3:c5:c0:67:02:d7:e2:3b:31:a3:d0:d1:5f:78:3c:
1c:c3:12:88:56:a7:59:08:ae:88:35:e7:36:b5:ac:79:84:85:
01:20:ba:af:0c:1a:41:3e:61:da:66:4a:1a:ab:80:6b:4f:11:
79:9e:cd:2d:4c:5d:e7:6d:df:cd:bf:00:c6:61:dd:a8:55:36:
64:d9:08:c2:3b:b0:c2:6c:45:7d:01:42:0d:ae:eb:d6:2d:c7:
f3:51:2c:49:a8:60:13:6a:c8:bf:57:3c:5b:f2:25:94:6f:4e:
28:a2:77:58:a0:4e:f5:e4:a0:90:ff:cd:87:b3:d8:92:fe:64:
09:88:35:f3:61:c3:13:87:ba:89:d9:4a:78:6a:9c:69:f9:ff:
b9:e4:9c:25:c3:b0:c5:38:37:ce:42:48:26:a3:a2:a3:aa:c0:
3f:8b:4d:f7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNtFnM1aXaHq9oQF1y7rAfVBbDpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMjYwMTU5NDRaFw0yNzAzMjUwMjA0NDRaMDMxMTAvBgNV
BAMTKEQ2QURFQzZCQzdDNURFRDgyRDFCNDNCQkMwMDQyQTk3NjZEOTBFNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9FiCZKgO//gIzSH18v9GlrgYI
6joOCkXvrES/YJERaRSFimW/jf7rbOkYpmw0FVhL/izbTZ9ZwzmIf6j2WAqwU4Te
Tm6uYOFiWNRpJWjJXPSUjj1KmhORJZnoFeIEVamDW1e2D7iO8o3/HFiwAXVXiYqN
zLsyCMPbzYM+E/GfmdcpbAeH9NANFvnCD9amMfeUTu50eMiJq3E3+cXRU9dzb3fA
bLIRE5KEuWM6oZ21U4iw27rn0NMxZf8gFFy5o7JwNc5MPDj1+8r6PqqJPUB8lbkt
/auOA6NyBqH9lBW2N0Weyvs7YuCtZ11K7seFgY1Niz6KOpn7r56Uaqt+Jd+1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1q3sa8fF3tgtG0O7wAQql2bZDkwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAIuynQD
BAAuyuADBABbfIcDBABbfMUDBABccQ4DBABccS4DBABfhnsDBABfhn0DBABfhrEw
DQYJKoZIhvcNAQELBQADggEBAFd9FG6Rd1RZNfmw6oLyr7q3PAnuLcguKlxOjcdx
/Tbq7ZwgFg7Yoz3G9QqNFBEDirIfDAxlRTDIHeuFUpB3/AFnsmYJuZKUfzaZCo1+
uAv/nHA+1D+KEq5dyGfev/PFwGcC1+I7MaPQ0V94PBzDEohWp1kIrog15za1rHmE
hQEguq8MGkE+YdpmShqrgGtPEXmezS1MXedt382/AMZh3ahVNmTZCMI7sMJsRX0B
Qg2u69Ytx/NRLEmoYBNqyL9XPFvyJZRvTiiid1igTvXkoJD/zYez2JL+ZAmINfNh
wxOHuonZSnhqnGn5/7nknCXDsMU4N85CSCajoqOqwD+LTfc=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:31:14 2026 by rpki-client