Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: Mst54sH4nZQxhoMiPIogrxqvF1vyhL386nREe8ran0w=
Subject key identifier: 00:4F:F2:5E:DF:3C:26:4E:B6:BD:BD:54:23:F9:01:99:94:76:EB:B3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 719494322484D0D5F4EABC1EF455837F3699E4B9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Thu 17 Jul 2025 11:53:51 +0000
ROA not before: Thu 17 Jul 2025 11:48:51 +0000
ROA not after: Thu 16 Jul 2026 11:53:51 +0000
asID: 40676
IP address blocks: 96.62.103.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
150.241.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:94:94:32:24:84:d0:d5:f4:ea:bc:1e:f4:55:83:7f:36:99:e4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 17 11:48:51 2025 GMT
Not After : Jul 16 11:53:51 2026 GMT
Subject: CN=004FF25EDF3C264EB6BDBD5423F901999476EBB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:42:d6:5a:31:08:51:2a:a0:61:12:85:06:95:
5f:2b:fb:a5:27:df:93:74:c2:19:15:5b:96:22:79:
54:9a:d2:c1:f2:f6:a9:47:6c:b4:a9:e2:82:f5:d9:
e3:44:ed:af:5d:19:98:c2:eb:66:2d:9b:89:44:17:
45:7b:52:2d:8c:27:5a:31:5d:0b:da:24:b6:15:55:
03:fa:d7:50:af:e5:e2:83:c8:db:4f:a0:63:45:03:
d7:42:bd:9a:57:67:3a:86:b8:0d:39:02:ba:6f:6f:
08:03:13:f7:25:cd:dc:c4:05:94:d2:91:9f:29:93:
39:b6:94:6b:e4:8c:c5:0d:ad:25:f9:a9:7b:ee:9f:
aa:1a:31:c1:ed:46:8c:95:b2:17:ee:8a:2e:df:27:
cf:01:0c:15:f6:f3:0b:c7:92:2c:29:1f:c9:1a:5e:
2b:c1:5a:a6:10:33:0a:c3:86:a5:56:47:52:3e:1e:
6e:28:21:6f:9a:07:48:5e:3b:2e:33:0a:15:f4:d7:
1c:39:df:2d:1b:d0:c2:4d:92:13:da:1f:13:d3:31:
91:cb:b3:0c:77:b8:70:0d:1d:aa:d4:b1:e4:15:49:
36:7b:0a:04:0f:2a:a6:cb:f2:a4:d9:a6:2f:b6:a7:
5a:41:7b:47:b1:12:5f:99:f2:83:66:5a:54:75:2d:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4F:F2:5E:DF:3C:26:4E:B6:BD:BD:54:23:F9:01:99:94:76:EB:B3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.103.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
150.241.199.0/24
Signature Algorithm: sha256WithRSAEncryption
23:fb:47:59:85:1d:9a:0d:2b:ea:2e:96:82:58:e8:98:5c:dd:
5e:88:82:82:db:f3:10:75:de:e1:ab:4b:9e:1e:cd:d6:6f:2c:
a4:0c:6d:fa:72:dd:99:41:a0:fd:ab:d1:a5:07:0c:b1:64:91:
99:fa:54:d6:33:fd:9c:fd:fc:3a:74:45:ae:2d:b7:eb:05:5b:
00:3a:57:e5:5c:3a:b7:50:06:af:b3:c4:9f:7c:ac:fe:47:b3:
3a:f5:a0:7f:27:41:f7:0f:1b:66:6a:13:9a:0b:bf:a1:a5:37:
95:60:07:37:83:ac:17:54:24:71:d0:eb:9b:fb:a4:8f:e5:69:
ab:fd:9e:56:8c:f6:2f:47:73:49:ef:30:a9:4d:8d:f4:82:fb:
59:4c:70:a9:0f:99:ae:c8:cd:26:32:30:8e:14:08:b2:f7:a8:
35:a2:ba:6a:7f:f4:f8:43:d0:d7:e6:56:ee:28:dd:91:c2:dc:
20:31:59:08:4e:23:5a:0a:97:ed:ff:2d:16:56:b1:69:0b:61:
e9:8a:c8:b5:06:91:37:07:78:d1:5b:02:56:8b:fa:cd:b6:7e:
81:7e:e0:c2:ae:f3:77:f8:45:2d:0e:4b:92:59:c3:6f:a7:d9:
6e:6a:a5:2d:c7:17:9e:92:d7:87:85:c5:49:5d:c9:78:dd:80:
da:a5:cd:3b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUcZSUMiSE0NX06rwe9FWDfzaZ5LkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MTcxMTQ4NTFaFw0yNjA3MTYxMTUzNTFaMDMxMTAvBgNV
BAMTKDAwNEZGMjVFREYzQzI2NEVCNkJEQkQ1NDIzRjkwMTk5OTQ3NkVCQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbQtZaMQhRKqBhEoUGlV8r+6Un
35N0whkVW5YieVSa0sHy9qlHbLSp4oL12eNE7a9dGZjC62Ytm4lEF0V7Ui2MJ1ox
XQvaJLYVVQP611Cv5eKDyNtPoGNFA9dCvZpXZzqGuA05ArpvbwgDE/clzdzEBZTS
kZ8pkzm2lGvkjMUNrSX5qXvun6oaMcHtRoyVshfuii7fJ88BDBX28wvHkiwpH8ka
XivBWqYQMwrDhqVWR1I+Hm4oIW+aB0heOy4zChX01xw53y0b0MJNkhPaHxPTMZHL
swx3uHANHarUseQVSTZ7CgQPKqbL8qTZpi+2p1pBe0exEl+Z8oNmWlR1LZgDAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUAE/yXt88Jk62vb1UI/kBmZR267MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABgPmcD
BACR3zQDBACR3zgDBACSZywDBACSZzcDBACSZzsDBACW8ccwDQYJKoZIhvcNAQEL
BQADggEBACP7R1mFHZoNK+ouloJY6Jhc3V6IgoLb8xB13uGrS54ezdZvLKQMbfpy
3ZlBoP2r0aUHDLFkkZn6VNYz/Zz9/Dp0Ra4tt+sFWwA6V+VcOrdQBq+zxJ98rP5H
szr1oH8nQfcPG2ZqE5oLv6GlN5VgBzeDrBdUJHHQ65v7pI/laav9nlaM9i9Hc0nv
MKlNjfSC+1lMcKkPma7IzSYyMI4UCLL3qDWiump/9PhD0NfmVu4o3ZHC3CAxWQhO
I1oKl+3/LRZWsWkLYemKyLUGkTcHeNFbAlaL+s22foF+4MKu83f4RS0OS5JZw2+n
2W5qpS3HF56S14eFxUldyXjdgNqlzTs=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:00:38 2025 by rpki-client