Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
File: AS40352.roa (raw, json)
Hash identifier: +7hOq0fgfhldevT1z7HESZYzCHyQk4xz4EBOQiXeorU=
Subject key identifier: B8:11:0A:FC:2B:04:2D:50:AA:40:FD:70:D0:DC:BC:1B:A5:3C:38:90
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1F82A7839761EAF085E90CBCC0EECB98389AFE21
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
Signing time: Tue 02 Jun 2026 12:00:54 +0000
ROA not before: Tue 02 Jun 2026 11:55:54 +0000
ROA not after: Tue 01 Jun 2027 12:00:54 +0000
asID: 40352
IP address blocks: 82.22.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:82:a7:83:97:61:ea:f0:85:e9:0c:bc:c0:ee:cb:98:38:9a:fe:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 11:55:54 2026 GMT
Not After : Jun 1 12:00:54 2027 GMT
Subject: CN=B8110AFC2B042D50AA40FD70D0DCBC1BA53C3890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:96:94:45:47:48:65:4d:63:aa:39:49:85:
6e:ee:b0:1b:eb:8d:93:a8:79:db:d2:d2:bc:8d:a7:
01:f2:13:eb:17:83:18:3f:48:3c:55:46:c8:0b:cc:
fc:da:16:c6:20:13:bc:b1:7e:45:bc:4f:a7:eb:e6:
da:da:2a:e7:2a:f9:8a:c7:a4:3a:7c:37:cc:87:01:
9e:26:6b:5c:8c:91:05:07:46:b4:01:c2:e2:83:01:
7d:0a:2f:b5:90:60:57:62:10:c1:44:80:c7:65:f6:
8e:8a:1c:5d:75:58:0c:22:c8:ee:9e:de:4e:66:fb:
d0:a4:48:aa:9b:bd:8b:1d:b6:19:5a:dc:a4:45:54:
b6:61:ae:84:e4:e4:2d:02:45:07:35:c2:f2:1d:94:
18:f1:15:39:1b:9a:22:e4:4b:4e:dd:54:67:03:90:
3e:9f:07:62:90:15:a4:ba:48:63:ee:6e:b5:d3:70:
27:11:f4:67:af:5f:78:74:cb:de:c4:e5:2a:fa:23:
14:da:37:29:30:a1:41:cf:62:1b:40:8a:03:4b:a1:
c3:4a:50:3e:02:73:1f:9f:c8:06:de:b6:9f:6e:78:
12:f2:17:ec:1e:09:a1:22:82:7c:a5:08:f6:53:f5:
66:7d:05:09:17:18:22:91:b0:86:4a:b9:e6:e2:f4:
bd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:11:0A:FC:2B:04:2D:50:AA:40:FD:70:D0:DC:BC:1B:A5:3C:38:90
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:81:18:7e:bf:bb:82:08:58:1f:cc:1d:15:6c:1a:e3:08:a2:
3c:60:4f:77:44:1e:ed:ae:ef:06:62:34:32:93:40:46:55:c1:
e3:2e:66:79:f6:35:5b:1e:7d:00:a7:eb:b2:47:7f:ce:e0:25:
b5:d1:4f:11:24:7f:bc:b4:7f:6a:4f:42:3f:43:cc:37:0f:46:
ea:70:62:47:c8:f3:4f:16:74:4b:75:40:7f:60:08:3c:0d:f7:
d5:1d:ed:8e:fb:aa:3f:d7:38:d1:ff:9b:49:58:2a:1a:33:ae:
75:1a:29:71:1c:4e:6d:2a:3c:8b:5b:df:55:cc:35:dc:0d:4a:
31:31:38:d2:93:cb:e1:5c:15:33:4a:0a:03:f3:c6:37:93:8c:
a4:d4:00:cc:ff:bc:51:a0:2e:a1:9c:7a:74:97:df:b8:f2:54:
4d:cd:87:d9:8a:7e:2f:63:74:7f:1c:0d:06:44:4a:00:fb:fd:
04:96:a9:17:a5:89:57:5b:47:c3:f5:4e:55:66:96:a8:c0:ce:
81:1e:c4:6d:9c:1b:be:e5:ef:de:95:7f:31:7a:ff:7f:be:76:
ae:7c:b5:2b:6e:27:a2:01:72:ff:76:d7:8b:c6:c3:0a:6a:9f:
5c:b7:02:fc:f0:96:a8:52:d8:a5:64:92:90:cb:77:e9:35:ef:
6c:e7:a1:01
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUH4Kng5dh6vCF6Qy8wO7LmDia/iEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMTU1NTRaFw0yNzA2MDExMjAwNTRaMDMxMTAvBgNV
BAMTKEI4MTEwQUZDMkIwNDJENTBBQTQwRkQ3MEQwRENCQzFCQTUzQzM4OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ApaURUdIZU1jqjlJhW7usBvr
jZOoedvS0ryNpwHyE+sXgxg/SDxVRsgLzPzaFsYgE7yxfkW8T6fr5traKucq+YrH
pDp8N8yHAZ4ma1yMkQUHRrQBwuKDAX0KL7WQYFdiEMFEgMdl9o6KHF11WAwiyO6e
3k5m+9CkSKqbvYsdthla3KRFVLZhroTk5C0CRQc1wvIdlBjxFTkbmiLkS07dVGcD
kD6fB2KQFaS6SGPubrXTcCcR9GevX3h0y97E5Sr6IxTaNykwoUHPYhtAigNLocNK
UD4Ccx+fyAbetp9ueBLyF+weCaEignylCPZT9WZ9BQkXGCKRsIZKuebi9L35AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUuBEK/CsELVCqQP1w0Ny8G6U8OJAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAzNTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFn0w
DQYJKoZIhvcNAQELBQADggEBAA2BGH6/u4IIWB/MHRVsGuMIojxgT3dEHu2u7wZi
NDKTQEZVweMuZnn2NVsefQCn67JHf87gJbXRTxEkf7y0f2pPQj9DzDcPRupwYkfI
808WdEt1QH9gCDwN99Ud7Y77qj/XONH/m0lYKhozrnUaKXEcTm0qPItb31XMNdwN
SjExONKTy+FcFTNKCgPzxjeTjKTUAMz/vFGgLqGcenSX37jyVE3Nh9mKfi9jdH8c
DQZESgD7/QSWqReliVdbR8P1TlVmlqjAzoEexG2cG77l796VfzF6/3++dq58tStu
J6IBcv9214vGwwpqn1y3AvzwlqhS2KVkkpDLd+k172znoQE=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:43 2026 by rpki-client