Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: ybKI6CcIviRo7vgWjUvvhoI1AcxnNfKEgTy39T6iiP0=
Subject key identifier: 24:43:89:F8:DE:98:8D:85:A5:CE:23:9F:2F:C1:0D:B7:0C:F5:89:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 62D8677961ADF6F7EE720EF5A930AB7B6B0CD2C4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Tue 08 Apr 2025 04:24:14 +0000
ROA not before: Tue 08 Apr 2025 04:19:14 +0000
ROA not after: Tue 07 Apr 2026 04:24:14 +0000
asID: 40676
IP address blocks: 145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
150.241.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:d8:67:79:61:ad:f6:f7:ee:72:0e:f5:a9:30:ab:7b:6b:0c:d2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 8 04:19:14 2025 GMT
Not After : Apr 7 04:24:14 2026 GMT
Subject: CN=244389F8DE988D85A5CE239F2FC10DB70CF5895D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:1e:9a:d6:f7:cf:1b:14:05:07:38:ef:4c:
57:82:fc:95:d9:6e:bb:49:5f:bf:2b:90:eb:3c:86:
77:8a:5c:ab:5e:ff:d1:6a:51:9a:a7:f2:49:42:01:
b2:08:5e:21:60:fe:27:52:1d:7b:53:bc:6d:8e:f9:
f8:12:b0:00:77:89:2c:da:7f:03:64:b3:ad:d4:e9:
fc:c0:fe:17:18:05:48:fc:8e:b2:1a:a8:1c:b8:86:
eb:39:1a:7c:3d:e7:89:e1:ad:71:5a:02:41:e0:d0:
04:9a:df:20:6b:7b:b1:68:d0:b1:4b:5f:f0:93:4a:
38:73:ab:b2:66:8c:81:a4:ca:55:13:d1:24:2d:8a:
2f:bc:84:7d:28:1b:a7:1d:b6:b6:40:e7:b4:a5:c2:
09:a3:0f:b4:45:3b:b6:fd:94:ab:c9:b6:4e:42:22:
94:48:70:5c:d3:c4:b0:d1:43:3c:cf:24:9c:76:5d:
61:b1:ce:2f:c1:ab:04:25:58:98:c2:9b:63:12:04:
3d:a6:f4:b8:e0:1f:e7:69:6f:6e:7a:ff:8e:cb:c9:
c1:32:1b:1e:82:8c:e4:11:fd:c6:71:1b:d7:10:41:
53:9b:73:ad:88:59:b7:10:0c:4d:45:01:77:57:86:
3d:57:31:42:39:a1:4e:7d:9a:1c:ad:36:66:ee:83:
9b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:43:89:F8:DE:98:8D:85:A5:CE:23:9F:2F:C1:0D:B7:0C:F5:89:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
150.241.199.0/24
Signature Algorithm: sha256WithRSAEncryption
74:9f:52:37:24:91:69:b4:77:6f:c4:a0:c5:14:f3:60:c2:e3:
10:54:c7:a6:2b:01:63:b1:d4:ff:30:37:73:56:34:4b:ee:10:
e6:fc:6c:7d:6a:f9:ba:8b:ee:07:8c:0e:6d:7b:a2:fc:1d:89:
eb:fd:ab:8e:64:e4:46:cb:ac:53:5c:f2:86:9f:dc:de:9f:68:
ab:3f:bc:c6:58:cb:9c:d1:8b:91:07:47:52:bb:85:b4:9a:08:
ff:d5:5a:5d:80:97:5c:1b:97:29:3e:78:ce:f6:9f:79:28:ef:
65:11:5e:48:f4:7d:4e:6c:65:04:ef:cc:d0:db:7c:fa:79:20:
86:74:73:71:33:fe:4b:a1:f2:0b:41:3f:6d:de:06:63:e6:fa:
8b:a4:71:70:7c:eb:e4:2e:c1:37:80:72:9f:08:75:87:31:52:
fc:7a:7e:f7:da:71:c3:06:b2:7f:3b:b0:0a:7f:4c:af:d2:7b:
23:64:e8:6a:1e:8a:3f:0d:b0:dc:b7:0e:18:f5:21:59:fe:f1:
67:9c:c5:08:9b:ee:f5:84:10:a4:1b:f8:6b:8d:18:41:d6:68:
da:52:bd:ca:60:e9:d9:2d:6c:41:13:7b:fc:62:1d:f5:21:b0:
f4:a5:e1:59:44:bb:47:bc:fc:e5:fb:db:e2:cd:c9:e2:f3:2c:
aa:88:cd:a3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUYthneWGt9vfucg71qTCre2sM0sQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MDgwNDE5MTRaFw0yNjA0MDcwNDI0MTRaMDMxMTAvBgNV
BAMTKDI0NDM4OUY4REU5ODhEODVBNUNFMjM5RjJGQzEwREI3MENGNTg5NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt9x6a1vfPGxQFBzjvTFeC/JXZ
brtJX78rkOs8hneKXKte/9FqUZqn8klCAbIIXiFg/idSHXtTvG2O+fgSsAB3iSza
fwNks63U6fzA/hcYBUj8jrIaqBy4hus5Gnw954nhrXFaAkHg0ASa3yBre7Fo0LFL
X/CTSjhzq7JmjIGkylUT0SQtii+8hH0oG6cdtrZA57SlwgmjD7RFO7b9lKvJtk5C
IpRIcFzTxLDRQzzPJJx2XWGxzi/BqwQlWJjCm2MSBD2m9LjgH+dpb256/47LycEy
Gx6CjOQR/cZxG9cQQVObc62IWbcQDE1FAXdXhj1XMUI5oU59mhytNmbug5tdAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUJEOJ+N6YjYWlziOfL8ENtwz1iV0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACR3zQD
BACR3zgDBACSZywDBACSZzcDBACSZzsDBACW8ccwDQYJKoZIhvcNAQELBQADggEB
AHSfUjckkWm0d2/EoMUU82DC4xBUx6YrAWOx1P8wN3NWNEvuEOb8bH1q+bqL7geM
Dm17ovwdiev9q45k5EbLrFNc8oaf3N6faKs/vMZYy5zRi5EHR1K7hbSaCP/VWl2A
l1wblyk+eM72n3ko72URXkj0fU5sZQTvzNDbfPp5IIZ0c3Ez/kuh8gtBP23eBmPm
+oukcXB86+QuwTeAcp8IdYcxUvx6fvfaccMGsn87sAp/TK/SeyNk6Goeij8NsNy3
Dhj1IVn+8WecxQib7vWEEKQb+GuNGEHWaNpSvcpg6dktbEETe/xiHfUhsPSl4VlE
u0e8/OX72+LNyeLzLKqIzaM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:54:42 2025 by rpki-client