Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: PvkP4DJQhHDZRgPvq+LZ8tJ8fOKDd8HdUuVUCHVcax0=
Subject key identifier: DC:9C:51:94:74:70:25:26:87:F8:D2:F1:E7:53:D7:67:9B:BC:8D:DB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1ABE1DF62CFEE4423043BCEC815D3E3BDD82E96F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Sun 14 Sep 2025 00:06:58 +0000
ROA not before: Sun 14 Sep 2025 00:01:58 +0000
ROA not after: Sun 13 Sep 2026 00:06:58 +0000
asID: 40676
IP address blocks: 143.14.223.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
150.241.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 10:39:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:be:1d:f6:2c:fe:e4:42:30:43:bc:ec:81:5d:3e:3b:dd:82:e9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 14 00:01:58 2025 GMT
Not After : Sep 13 00:06:58 2026 GMT
Subject: CN=DC9C51947470252687F8D2F1E753D7679BBC8DDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:1b:07:0b:75:c4:41:6c:d5:c8:ca:bd:e9:
c1:f2:12:05:51:82:8a:89:87:67:e7:15:db:58:f9:
4c:75:bc:06:fb:a4:85:ff:3a:f8:65:ef:27:c9:49:
fb:8d:39:8f:54:ed:f6:5a:d4:aa:fe:b6:57:72:bc:
0c:c5:25:6f:21:12:02:2e:41:71:66:59:96:59:bd:
5b:5e:20:f3:28:39:f9:b5:93:69:7d:cf:b8:f1:b2:
3f:6b:53:59:cc:ba:a5:6c:ac:d3:1d:19:87:ab:c3:
ac:90:0f:ae:a4:68:8b:5b:40:72:2b:ad:ce:36:83:
ae:09:e3:a9:20:a5:2a:0d:c8:4f:54:e2:5f:e1:ea:
52:7c:01:e2:b0:6e:85:9e:58:5c:9d:2b:76:50:33:
4c:7c:10:49:c3:78:68:da:32:ae:60:ac:3b:2c:41:
06:a8:35:ff:9c:f6:77:a2:1a:86:3b:40:de:25:b6:
f1:b3:a3:e2:90:b0:8d:ea:c3:27:0b:58:3f:99:9b:
1b:4b:cd:43:df:1c:51:69:e8:36:b9:df:f6:03:4c:
7c:81:14:e8:14:42:05:95:5a:43:1d:95:d7:a4:17:
40:9b:a2:a9:3f:bd:b4:4b:8a:c6:81:91:df:b4:18:
db:30:ab:3d:02:a9:40:75:41:37:d9:03:5c:d7:4c:
b2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9C:51:94:74:70:25:26:87:F8:D2:F1:E7:53:D7:67:9B:BC:8D:DB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.223.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
150.241.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:19:66:ed:a6:43:f6:66:cc:43:14:4b:b6:29:2a:ce:b0:48:
0c:fa:0a:73:c2:2f:71:30:66:2e:ed:93:c6:08:89:0f:77:90:
14:41:d8:d6:6f:0b:c5:1d:1f:94:d4:ff:4d:bb:5e:87:00:b7:
7b:9d:6a:3b:f1:73:b2:1f:eb:87:29:6e:16:bb:97:d6:1e:9f:
5f:ef:e5:a3:67:90:3d:f2:5c:8f:ab:08:66:1e:1d:40:13:48:
16:d2:2a:55:55:d7:71:94:20:ef:81:77:31:98:b1:eb:df:9d:
c0:1d:f1:d8:e3:f5:76:a2:e4:cf:59:bc:16:69:95:20:a1:f0:
50:19:1b:cc:1d:02:e0:54:5f:a1:ec:99:e9:f5:ba:ba:d8:2d:
97:a5:24:16:29:b2:e5:5b:25:3f:62:a7:2e:7a:88:36:90:b6:
02:47:2e:b3:f0:7c:9d:a9:44:af:a6:7a:87:3c:c6:e9:8f:f7:
95:f8:f1:dc:12:7c:b8:b4:5f:6b:ec:70:69:10:f6:cf:bd:2a:
1e:90:25:d0:4f:99:ca:e4:ff:85:8b:5a:e4:60:24:88:db:d7:
4e:68:00:d1:00:d2:f5:ba:bd:71:3e:c9:f8:f8:c0:8a:87:90:
bb:3f:7a:dd:d0:35:58:35:39:e7:a3:de:7d:20:90:9c:03:63:
e7:f7:14:f7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUGr4d9iz+5EIwQ7zsgV0+O92C6W8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MTQwMDAxNThaFw0yNjA5MTMwMDA2NThaMDMxMTAvBgNV
BAMTKERDOUM1MTk0NzQ3MDI1MjY4N0Y4RDJGMUU3NTNENzY3OUJCQzhEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWxRsHC3XEQWzVyMq96cHyEgVR
goqJh2fnFdtY+Ux1vAb7pIX/Ovhl7yfJSfuNOY9U7fZa1Kr+tldyvAzFJW8hEgIu
QXFmWZZZvVteIPMoOfm1k2l9z7jxsj9rU1nMuqVsrNMdGYerw6yQD66kaItbQHIr
rc42g64J46kgpSoNyE9U4l/h6lJ8AeKwboWeWFydK3ZQM0x8EEnDeGjaMq5grDss
QQaoNf+c9neiGoY7QN4ltvGzo+KQsI3qwycLWD+ZmxtLzUPfHFFp6Da53/YDTHyB
FOgUQgWVWkMdldekF0Cboqk/vbRLisaBkd+0GNswqz0CqUB1QTfZA1zXTLKnAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU3JxRlHRwJSaH+NLx51PXZ5u8jdswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPDt8D
BACR3zQDBACR3zgDBACSZywDBACSZzcDBACSZzsDBACW8ccwDQYJKoZIhvcNAQEL
BQADggEBAFsZZu2mQ/ZmzEMUS7YpKs6wSAz6CnPCL3EwZi7tk8YIiQ93kBRB2NZv
C8UdH5TU/027XocAt3udajvxc7If64cpbha7l9Yen1/v5aNnkD3yXI+rCGYeHUAT
SBbSKlVV13GUIO+BdzGYsevfncAd8djj9Xai5M9ZvBZplSCh8FAZG8wdAuBUX6Hs
men1urrYLZelJBYpsuVbJT9ipy56iDaQtgJHLrPwfJ2pRK+meoc8xumP95X48dwS
fLi0X2vscGkQ9s+9Kh6QJdBPmcrk/4WLWuRgJIjb105oANEA0vW6vXE+yfj4wIqH
kLs/et3QNVg1Oeej3n0gkJwDY+f3FPc=
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:29:52 2025 by rpki-client