Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: 8YweoCO/RjGq2ZBBqLJRBPF9JqGH2ujb+a7QpDS8+Bw=
Subject key identifier: 66:27:E7:38:8B:93:15:17:E7:42:A2:15:7A:46:35:75:68:6A:B8:24
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 28057D3BB6B3A68C3C92DAB6CCC60024EA33EA80
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Sat 18 Apr 2026 00:57:51 +0000
ROA not before: Sat 18 Apr 2026 00:52:51 +0000
ROA not after: Sat 17 Apr 2027 00:57:51 +0000
asID: 40676
IP address blocks: 145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
162.141.105.0/24 maxlen: 24
168.222.81.0/24 maxlen: 24
168.222.85.0/24 maxlen: 24
168.222.86.0/24 maxlen: 24
168.222.87.0/24 maxlen: 24
168.222.88.0/24 maxlen: 24
168.222.90.0/24 maxlen: 24
168.222.92.0/24 maxlen: 24
168.222.93.0/24 maxlen: 24
168.222.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 12:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:05:7d:3b:b6:b3:a6:8c:3c:92:da:b6:cc:c6:00:24:ea:33:ea:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 18 00:52:51 2026 GMT
Not After : Apr 17 00:57:51 2027 GMT
Subject: CN=6627E7388B931517E742A2157A463575686AB824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2b:cc:3e:fe:23:27:6c:b4:12:fe:50:90:75:
63:a1:87:29:7b:4d:d7:6e:e4:b7:17:ad:bd:64:88:
06:90:61:87:60:94:ce:ea:ac:bc:1e:01:72:1a:b6:
bb:8d:cb:c3:7e:77:54:4e:d9:a4:dd:5c:28:96:cf:
58:99:7b:28:8c:74:f9:c1:6d:e1:63:1d:b0:5e:01:
9f:7c:00:42:08:ac:ec:2f:45:39:a2:2a:64:2b:c4:
a0:60:d7:de:5a:31:47:12:33:d4:cf:ee:b9:35:16:
40:54:60:1f:8d:e2:51:cf:66:72:64:62:d1:01:72:
4c:b3:04:d0:59:c9:03:28:87:c1:f4:98:ce:c2:d4:
5b:83:c0:fd:aa:8c:e5:dc:a4:c6:59:65:2c:56:7c:
41:52:9e:32:23:8d:df:71:48:9a:b9:ac:05:77:0b:
d7:dd:1a:89:00:26:1a:cb:99:cf:f2:c8:6a:80:89:
81:09:a1:f9:2c:34:15:41:d3:fe:62:a7:a0:e9:e9:
a2:63:51:c8:cb:0d:88:f8:ce:ca:4e:58:61:92:24:
61:9c:f4:d9:29:df:23:6f:09:93:46:c6:6c:c7:7e:
ee:85:e9:5f:38:ae:e4:8f:cf:e2:c4:55:84:fb:77:
a9:61:26:37:06:2f:0b:61:7b:c0:b2:58:8b:17:7a:
bb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:27:E7:38:8B:93:15:17:E7:42:A2:15:7A:46:35:75:68:6A:B8:24
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
162.141.105.0/24
168.222.81.0/24
168.222.85.0-168.222.88.255
168.222.90.0/24
168.222.92.0-168.222.94.255
Signature Algorithm: sha256WithRSAEncryption
15:f1:e0:bb:af:fa:fe:c2:a6:19:a0:86:e2:7a:8c:6e:ef:29:
ff:ae:50:8e:cb:e2:4f:06:5f:9f:84:5c:13:35:5f:5a:3c:36:
79:5f:35:2b:09:04:32:fb:60:5b:ec:e3:c4:93:5c:b0:7e:93:
82:12:7e:7e:5b:73:03:2a:11:23:c4:83:34:db:4a:65:3f:a1:
60:4c:fa:0c:e0:26:fc:2c:97:81:80:d2:1c:d2:70:38:83:83:
7a:87:e6:52:70:b6:40:72:44:2a:1f:aa:21:26:c2:49:a2:10:
85:3f:5c:a4:bc:5a:2e:5a:00:0d:80:55:48:f2:00:30:17:bd:
41:42:a3:0d:2a:65:48:ee:8b:b7:66:bb:0b:d8:4c:93:06:ba:
d6:d2:c3:6e:0a:10:f8:70:74:8b:5a:04:ec:0d:4f:ec:78:0e:
ac:99:70:2e:09:0b:df:fd:2c:66:e0:90:fc:ca:c8:40:94:5c:
3b:e4:27:70:3b:2b:4b:4d:b9:be:62:68:0d:1c:cf:67:19:ac:
b1:5e:ee:a5:30:1f:2d:cc:a8:8d:32:e8:3e:6e:16:89:eb:f8:
3c:b4:69:9f:f7:97:66:4d:c1:d0:33:6f:d8:a3:a6:8e:70:80:
35:96:c9:0c:d3:aa:cd:9e:0b:23:25:63:7d:b4:b5:8a:1a:96:
a4:a5:fa:c3
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUKAV9O7azpow8ktq2zMYAJOoz6oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTgwMDUyNTFaFw0yNzA0MTcwMDU3NTFaMDMxMTAvBgNV
BAMTKDY2MjdFNzM4OEI5MzE1MTdFNzQyQTIxNTdBNDYzNTc1Njg2QUI4MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOK8w+/iMnbLQS/lCQdWOhhyl7
Tddu5LcXrb1kiAaQYYdglM7qrLweAXIatruNy8N+d1RO2aTdXCiWz1iZeyiMdPnB
beFjHbBeAZ98AEIIrOwvRTmiKmQrxKBg195aMUcSM9TP7rk1FkBUYB+N4lHPZnJk
YtEBckyzBNBZyQMoh8H0mM7C1FuDwP2qjOXcpMZZZSxWfEFSnjIjjd9xSJq5rAV3
C9fdGokAJhrLmc/yyGqAiYEJofksNBVB0/5ip6Dp6aJjUcjLDYj4zspOWGGSJGGc
9Nkp3yNvCZNGxmzHfu6F6V84ruSPz+LEVYT7d6lhJjcGLwthe8CyWIsXertjAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUZifnOIuTFRfnQqIVekY1dWhquCQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXwYIKwYBBQUHAQcBAf8EUDBOMEwEAgABMEYDBACR3zQD
BACR3zgDBACSZywDBACSZzcDBACijWkDBACo3lEwDAMEAKjeVQMEAKjeWAMEAKje
WjAMAwQCqN5cAwQAqN5eMA0GCSqGSIb3DQEBCwUAA4IBAQAV8eC7r/r+wqYZoIbi
eoxu7yn/rlCOy+JPBl+fhFwTNV9aPDZ5XzUrCQQy+2Bb7OPEk1ywfpOCEn5+W3MD
KhEjxIM020plP6FgTPoM4Cb8LJeBgNIc0nA4g4N6h+ZScLZAckQqH6ohJsJJohCF
P1ykvFouWgANgFVI8gAwF71BQqMNKmVI7ou3ZrsL2EyTBrrW0sNuChD4cHSLWgTs
DU/seA6smXAuCQvf/Sxm4JD8yshAlFw75CdwOytLTbm+YmgNHM9nGayxXu6lMB8t
zKiNMug+bhaJ6/g8tGmf95dmTcHQM2/Yo6aOcIA1lskM06rNngsjJWN9tLWKGpak
pfrD
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:01:40 2026 by rpki-client