Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
File:                     AS40676.roa (raw, json)
Hash identifier:          RDYf9lHui06j3YkfCrc8nPMJ/Xk67R5ZEz9AwLg6pzU=
Subject key identifier:   4F:20:60:32:5C:F8:63:99:2D:E8:26:CC:BB:C8:EE:8F:EC:97:BA:02
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4570268B967619E2A6FDB59462A98B567136A8D3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
Signing time:             Fri 10 Jul 2026 01:47:44 +0000
ROA not before:           Fri 10 Jul 2026 01:42:44 +0000
ROA not after:            Fri 09 Jul 2027 01:47:44 +0000
asID:                     40676
IP address blocks:        82.26.147.0/24 maxlen: 24
                          82.29.51.0/24 maxlen: 24
                          82.29.73.0/24 maxlen: 24
                          82.38.24.0/22 maxlen: 24
                          82.38.52.0/22 maxlen: 24
                          82.38.72.0/22 maxlen: 24
                          82.38.88.0/22 maxlen: 24
                          84.75.187.0/24 maxlen: 24
                          178.83.145.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:70:26:8b:96:76:19:e2:a6:fd:b5:94:62:a9:8b:56:71:36:a8:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 10 01:42:44 2026 GMT
            Not After : Jul  9 01:47:44 2027 GMT
        Subject: CN=4F2060325CF863992DE826CCBBC8EE8FEC97BA02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b7:c9:d9:92:0c:b5:0c:0d:33:39:ef:42:b6:
                    54:c9:93:80:18:b5:6b:d7:32:91:50:87:1e:ec:0d:
                    69:b3:ee:5d:66:21:3d:c9:7f:c0:8f:03:c7:33:d0:
                    d0:68:d8:83:5f:cb:fe:ed:b4:dc:d3:a8:fb:a7:33:
                    ea:f5:50:11:40:fa:fb:ff:f0:36:53:a0:0a:83:d3:
                    c6:b8:78:51:7a:48:b4:fe:e6:62:3b:2e:96:d3:c1:
                    69:2e:c9:ac:88:f2:a4:6b:db:06:e2:b9:0b:e4:94:
                    1e:54:55:6e:42:aa:51:d5:d7:6a:f2:68:55:03:15:
                    13:f9:f5:4f:80:29:a2:71:82:19:ad:79:b5:70:12:
                    d0:32:0d:df:9d:d5:5f:2f:ad:bd:38:95:56:9d:dc:
                    dd:d6:26:86:d4:10:c9:e8:02:dc:a3:f1:66:f6:bc:
                    7b:3f:f3:33:4f:a2:a2:1f:55:ca:e0:f8:ca:91:cb:
                    c9:20:9b:02:99:e9:dc:41:a1:f1:ea:9c:1e:1b:03:
                    b0:c2:91:c5:5b:c5:53:3c:fc:de:c5:27:14:6b:74:
                    c8:1a:1a:d4:d6:d0:43:eb:17:1b:aa:06:c8:d7:a4:
                    6b:76:a2:09:4c:c8:b8:c8:1a:19:5b:67:a9:99:d5:
                    7f:ef:50:18:96:e5:74:0d:c8:45:c7:d2:8a:35:dc:
                    d6:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:20:60:32:5C:F8:63:99:2D:E8:26:CC:BB:C8:EE:8F:EC:97:BA:02
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.26.147.0/24
                  82.29.51.0/24
                  82.29.73.0/24
                  82.38.24.0/22
                  82.38.52.0/22
                  82.38.72.0/22
                  82.38.88.0/22
                  84.75.187.0/24
                  178.83.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:85:71:39:06:30:a8:55:10:a6:dd:3d:6c:75:53:27:ed:e0:
         aa:56:5c:8f:b1:dc:e0:54:b6:28:ec:4c:4f:92:54:05:26:ba:
         b6:63:61:7b:7b:6d:ab:7a:d9:b1:21:8c:f0:e9:e3:cb:13:98:
         f6:11:9b:31:9c:4b:a5:9f:1d:63:ea:c2:12:98:7a:ae:d5:a8:
         f9:88:af:35:05:63:af:6d:d9:d8:93:8a:a9:0b:03:5c:a5:1b:
         1b:a0:b0:c1:18:86:8f:07:07:73:14:1a:cc:ad:f6:49:cb:54:
         b0:0d:f9:9b:54:46:00:68:8f:f4:8f:3e:22:85:2a:a3:9e:59:
         69:88:6a:99:7b:70:60:d7:05:fc:fd:b6:aa:df:07:d9:90:7a:
         6c:09:18:b5:02:87:df:9b:22:f2:f2:1f:b6:90:a7:9f:df:b2:
         22:b7:95:3f:f0:89:90:ad:5b:3d:90:62:60:f1:78:40:f1:ee:
         37:61:43:a8:76:0c:48:11:f9:16:4a:a5:80:72:86:73:a8:99:
         cf:f4:0d:98:6b:de:1b:b6:49:cc:ff:aa:17:96:4c:fd:03:21:
         04:6c:df:ca:04:8f:a1:61:e7:91:83:70:6c:18:12:06:20:4a:
         0d:59:d3:67:3f:c6:51:90:fc:ec:c1:89:47:4b:da:64:f6:a7:
         0e:57:8a:69
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIURXAmi5Z2GeKm/bWUYqmLVnE2qNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MTAwMTQyNDRaFw0yNzA3MDkwMTQ3NDRaMDMxMTAvBgNV
BAMTKDRGMjA2MDMyNUNGODYzOTkyREU4MjZDQ0JCQzhFRThGRUM5N0JBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqt8nZkgy1DA0zOe9CtlTJk4AY
tWvXMpFQhx7sDWmz7l1mIT3Jf8CPA8cz0NBo2INfy/7ttNzTqPunM+r1UBFA+vv/
8DZToAqD08a4eFF6SLT+5mI7LpbTwWkuyayI8qRr2wbiuQvklB5UVW5CqlHV12ry
aFUDFRP59U+AKaJxghmtebVwEtAyDd+d1V8vrb04lVad3N3WJobUEMnoAtyj8Wb2
vHs/8zNPoqIfVcrg+MqRy8kgmwKZ6dxBofHqnB4bA7DCkcVbxVM8/N7FJxRrdMga
GtTW0EPrFxuqBsjXpGt2oglMyLjIGhlbZ6mZ1X/vUBiW5XQNyEXH0oo13NZ7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUTyBgMlz4Y5kt6CbMu8juj+yXugIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABSGpMD
BABSHTMDBABSHUkDBAJSJhgDBAJSJjQDBAJSJkgDBAJSJlgDBABUS7sDBACyU5Ew
DQYJKoZIhvcNAQELBQADggEBAAuFcTkGMKhVEKbdPWx1Uyft4KpWXI+x3OBUtijs
TE+SVAUmurZjYXt7bat62bEhjPDp48sTmPYRmzGcS6WfHWPqwhKYeq7VqPmIrzUF
Y69t2diTiqkLA1ylGxugsMEYho8HB3MUGsyt9knLVLAN+ZtURgBoj/SPPiKFKqOe
WWmIapl7cGDXBfz9tqrfB9mQemwJGLUCh9+bIvLyH7aQp5/fsiK3lT/wiZCtWz2Q
YmDxeEDx7jdhQ6h2DEgR+RZKpYByhnOomc/0DZhr3hu2Scz/qheWTP0DIQRs38oE
j6Fh55GDcGwYEgYgSg1Z02c/xlGQ/OzBiUdL2mT2pw5Ximk=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:06:54 2026 by rpki-client