Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 4Xnvg6dU9m9N41zwm1o2i9KLj/rYrNZ9b02JuXsbdqA=
Subject key identifier: FE:3A:FD:91:E7:A3:0E:4C:C5:21:F2:11:01:24:92:1D:C8:BD:B7:36
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 65AE96C756A662CCB3D9E47627ECEC0C6C8893E8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Wed 03 Jun 2026 11:38:50 +0000
ROA not before: Wed 03 Jun 2026 11:33:50 +0000
ROA not after: Wed 02 Jun 2027 11:38:50 +0000
asID: 40676
IP address blocks: 96.62.73.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ae:96:c7:56:a6:62:cc:b3:d9:e4:76:27:ec:ec:0c:6c:88:93:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 3 11:33:50 2026 GMT
Not After : Jun 2 11:38:50 2027 GMT
Subject: CN=FE3AFD91E7A30E4CC521F2110124921DC8BDB736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:17:ad:1d:be:4f:c1:3b:97:01:75:dc:f9:
98:2e:02:3f:0f:95:d0:a0:82:c0:0c:7d:1e:a4:5c:
c4:33:5e:92:cc:5d:9e:78:8b:34:2d:39:4b:d3:23:
42:94:bd:67:9d:fd:e9:61:52:8e:2e:23:db:c3:a3:
ef:06:69:61:53:10:05:c2:80:16:e5:9e:36:8c:5b:
27:26:38:94:36:63:4c:4a:87:42:fc:dc:2c:d6:e8:
c6:0e:c5:b4:d8:80:81:f0:23:c2:00:a7:3f:e3:56:
da:ea:0d:c7:e2:54:cf:ee:ec:28:2a:cc:18:16:8d:
9d:4e:e6:53:25:82:95:5b:e0:0d:05:9c:39:d4:b8:
6b:c2:e8:6e:21:8d:9b:5a:1b:a8:b7:d0:0f:3b:81:
4f:1f:af:f7:99:63:dd:c5:88:ff:df:98:e4:ac:ff:
90:53:1e:4a:81:47:36:47:44:3c:58:ff:84:17:db:
2b:fc:36:21:ba:75:f4:33:22:35:cb:0a:19:a5:4e:
a6:57:a9:37:9c:92:6b:bf:14:36:3c:b9:bd:41:bb:
07:45:28:0b:f8:a1:8a:e6:06:79:4e:7f:57:55:bf:
dd:6e:91:64:81:9f:e3:84:94:70:09:81:08:fe:ca:
e2:5f:5b:7b:46:c8:62:70:d2:3b:1a:ff:1d:04:ee:
93:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:3A:FD:91:E7:A3:0E:4C:C5:21:F2:11:01:24:92:1D:C8:BD:B7:36
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0/24
96.62.101.0/24
140.233.173.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a0:43:76:4c:30:c2:7c:35:6f:50:eb:bc:a1:69:b9:c4:68:
6e:3f:fc:c1:32:9a:c2:f6:cf:c4:b6:01:13:4b:cd:76:77:2a:
4a:a2:3f:d5:2f:f3:d1:c3:ef:16:a1:03:84:27:aa:42:00:e9:
67:05:95:69:14:af:ae:dc:22:10:b6:b1:86:1d:e3:1f:88:ab:
ce:17:54:df:67:6a:84:10:f1:5d:0c:66:de:52:08:7f:85:9c:
5b:e4:d8:d2:7a:86:cb:ed:98:67:2d:a8:ed:55:f3:bf:ff:8c:
40:41:96:a4:32:7c:53:6a:45:ee:2c:d2:85:b1:a5:62:cd:69:
6d:08:8d:c0:9a:33:a9:3c:4c:06:dc:52:46:d7:2e:cf:1b:b3:
86:52:7c:2d:26:5a:25:42:92:e7:4c:ab:3c:af:e5:27:c4:69:
e9:0e:40:5d:af:0e:1d:95:c6:9b:ab:94:cd:af:15:6f:7b:11:
bf:fd:27:01:8e:4c:1c:d5:ad:e8:dc:fc:db:5e:42:4a:0e:fb:
90:77:c4:02:54:22:79:4d:8d:d0:d4:f3:bf:14:00:8a:fd:e1:
c0:12:ac:7e:2d:df:0b:f6:95:f9:e7:77:39:f8:b0:e6:aa:6a:
bb:9c:33:a3:1d:c2:36:6a:a7:eb:b5:b2:f0:37:9e:b5:a2:96:
8f:7d:4b:f7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUZa6Wx1amYsyz2eR2J+zsDGyIk+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDMxMTMzNTBaFw0yNzA2MDIxMTM4NTBaMDMxMTAvBgNV
BAMTKEZFM0FGRDkxRTdBMzBFNENDNTIxRjIxMTAxMjQ5MjFEQzhCREI3MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpMxetHb5PwTuXAXXc+ZguAj8P
ldCggsAMfR6kXMQzXpLMXZ54izQtOUvTI0KUvWed/elhUo4uI9vDo+8GaWFTEAXC
gBblnjaMWycmOJQ2Y0xKh0L83CzW6MYOxbTYgIHwI8IApz/jVtrqDcfiVM/u7Cgq
zBgWjZ1O5lMlgpVb4A0FnDnUuGvC6G4hjZtaG6i30A87gU8fr/eZY93FiP/fmOSs
/5BTHkqBRzZHRDxY/4QX2yv8NiG6dfQzIjXLChmlTqZXqTeckmu/FDY8ub1BuwdF
KAv4oYrmBnlOf1dVv91ukWSBn+OElHAJgQj+yuJfW3tGyGJw0jsa/x0E7pPRAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU/jr9keejDkzFIfIRASSSHci9tzYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABgPkkD
BABgPmUDBACM6a0DBACR3zQDBACR3zgDBACSZywDBACSZzcwDQYJKoZIhvcNAQEL
BQADggEBAF6gQ3ZMMMJ8NW9Q67yhabnEaG4//MEymsL2z8S2ARNLzXZ3KkqiP9Uv
89HD7xahA4QnqkIA6WcFlWkUr67cIhC2sYYd4x+Iq84XVN9naoQQ8V0MZt5SCH+F
nFvk2NJ6hsvtmGctqO1V87//jEBBlqQyfFNqRe4s0oWxpWLNaW0IjcCaM6k8TAbc
UkbXLs8bs4ZSfC0mWiVCkudMqzyv5SfEaekOQF2vDh2VxpurlM2vFW97Eb/9JwGO
TBzVrejc/NteQkoO+5B3xAJUInlNjdDU878UAIr94cASrH4t3wv2lfnndzn4sOaq
arucM6MdwjZqp+u1svA3nrWilo99S/c=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:05 2026 by rpki-client