Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
File: AS40352.roa (raw, json)
Hash identifier: EbVaM/77vsMz7hy+Cxgrl26BGSgdGP2yf6UcyG1W1Dc=
Subject key identifier: 90:F6:88:AC:92:89:82:A3:D1:74:1A:96:68:BA:28:07:45:CD:C1:97
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 76306B3C84EEF4C1DF9E12ADF299DE62ADBF9B1D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
Signing time: Wed 08 Apr 2026 11:07:31 +0000
ROA not before: Wed 08 Apr 2026 11:02:31 +0000
ROA not after: Wed 07 Apr 2027 11:07:31 +0000
asID: 40352
IP address blocks: 82.22.17.0/24 maxlen: 24
84.75.16.0/24 maxlen: 24
178.83.5.0/24 maxlen: 24
178.83.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 17:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:30:6b:3c:84:ee:f4:c1:df:9e:12:ad:f2:99:de:62:ad:bf:9b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 8 11:02:31 2026 GMT
Not After : Apr 7 11:07:31 2027 GMT
Subject: CN=90F688AC928982A3D1741A9668BA280745CDC197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a1:c3:43:52:d4:1b:02:d6:b9:4b:da:d2:fa:
a1:36:32:0d:05:e4:1b:f3:36:31:c0:55:5a:01:5d:
ad:c3:46:16:44:c2:c7:46:ba:9a:b0:b4:82:f8:31:
27:20:9b:45:53:d3:37:fb:b3:62:26:0b:b4:2b:b8:
d5:ac:32:e3:c8:7d:38:3d:fe:b1:74:51:ae:99:cb:
64:f6:9e:6f:83:dc:03:a5:0c:c3:13:ad:6d:0d:04:
fe:6f:cd:cd:76:db:9b:52:00:7d:e5:30:2d:d5:51:
c0:1d:fa:55:bf:0b:c9:a4:a2:a1:b1:72:2d:80:f7:
d8:8a:ba:7b:5b:bb:1a:6f:9f:38:c3:42:83:af:28:
fe:f6:d3:63:72:73:58:ef:79:b2:48:17:63:e4:e8:
6a:28:c0:4e:98:cc:5f:5b:7c:ad:9a:bf:4f:f8:f8:
86:38:7e:a5:ab:84:47:22:c8:ed:08:20:91:d5:f3:
97:bb:0e:d6:e3:7c:53:55:80:f0:01:88:ba:14:44:
ae:4e:d7:90:ae:70:29:e8:31:47:1c:a9:c9:da:ff:
f1:0c:f3:3c:d9:ea:1c:a5:fa:32:ff:22:5a:dd:4d:
92:bc:00:40:b1:c4:48:d2:cd:84:75:83:01:08:5b:
c8:33:35:5a:59:e3:6b:10:79:03:e2:15:dd:31:a8:
9b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F6:88:AC:92:89:82:A3:D1:74:1A:96:68:BA:28:07:45:CD:C1:97
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40352.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.17.0/24
84.75.16.0/24
178.83.5.0/24
178.83.170.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:80:df:a1:3b:c0:03:ff:b7:d8:95:c7:c2:c3:73:2a:92:b6:
c5:f7:25:c1:00:21:f1:97:3b:2f:2d:24:6e:62:22:73:7a:40:
d9:79:23:f6:ad:36:00:8f:91:4b:da:37:ac:65:35:74:d1:39:
5b:17:41:5f:cc:ca:d7:c5:b8:5c:86:ce:51:12:53:83:03:7f:
f0:b3:70:f9:1d:2c:fc:98:b0:d2:ce:14:60:91:72:75:84:c2:
63:08:83:5e:de:de:d2:ad:5e:13:1a:6d:71:58:17:9f:1e:f9:
98:9d:fd:8c:cb:86:92:0a:14:68:1b:fe:1b:06:87:2d:ac:ed:
f6:e1:d8:40:63:fc:88:57:aa:ac:99:71:ff:42:96:34:d5:3c:
42:1e:84:01:74:be:16:e2:8b:34:87:07:3d:d0:cb:da:4d:48:
c6:cc:96:60:20:83:1e:99:9d:24:6e:3e:7f:e5:9a:fc:98:28:
be:e4:6d:51:e1:e7:2a:c2:1c:6e:c4:14:65:2c:20:60:6a:cc:
bc:d5:dc:77:f4:e2:0e:6e:84:f4:36:20:8e:b9:fa:f5:f2:98:
f0:5f:36:10:a3:e1:47:e6:24:41:81:99:47:87:75:60:49:ae:
5d:a4:a5:89:16:f1:6c:8f:ca:51:b1:49:c4:c3:3d:76:e9:8b:
66:b8:4f:6c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUdjBrPITu9MHfnhKt8pneYq2/mx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDgxMTAyMzFaFw0yNzA0MDcxMTA3MzFaMDMxMTAvBgNV
BAMTKDkwRjY4OEFDOTI4OTgyQTNEMTc0MUE5NjY4QkEyODA3NDVDREMxOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYocNDUtQbAta5S9rS+qE2Mg0F
5BvzNjHAVVoBXa3DRhZEwsdGupqwtIL4MScgm0VT0zf7s2ImC7QruNWsMuPIfTg9
/rF0Ua6Zy2T2nm+D3AOlDMMTrW0NBP5vzc1225tSAH3lMC3VUcAd+lW/C8mkoqGx
ci2A99iKuntbuxpvnzjDQoOvKP7202Nyc1jvebJIF2Pk6GoowE6YzF9bfK2av0/4
+IY4fqWrhEciyO0IIJHV85e7DtbjfFNVgPABiLoURK5O15CucCnoMUccqcna//EM
8zzZ6hyl+jL/IlrdTZK8AECxxEjSzYR1gwEIW8gzNVpZ42sQeQPiFd0xqJuRAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUkPaIrJKJgqPRdBqWaLooB0XNwZcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAzNTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABSFhED
BABUSxADBACyUwUDBACyU6owDQYJKoZIhvcNAQELBQADggEBAGyA36E7wAP/t9iV
x8LDcyqStsX3JcEAIfGXOy8tJG5iInN6QNl5I/atNgCPkUvaN6xlNXTROVsXQV/M
ytfFuFyGzlESU4MDf/CzcPkdLPyYsNLOFGCRcnWEwmMIg17e3tKtXhMabXFYF58e
+Zid/YzLhpIKFGgb/hsGhy2s7fbh2EBj/IhXqqyZcf9CljTVPEIehAF0vhbiizSH
Bz3Qy9pNSMbMlmAggx6ZnSRuPn/lmvyYKL7kbVHh5yrCHG7EFGUsIGBqzLzV3Hf0
4g5uhPQ2II65+vXymPBfNhCj4UfmJEGBmUeHdWBJrl2kpYkW8WyPylGxScTDPXbp
i2a4T2w=
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:35 2026 by rpki-client