Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: x7zIL23wyCwqvZu48xKeprhzN3FmTnmEoVcLY0ekPZ0=
Subject key identifier: F5:EC:B9:5F:9A:24:05:0D:5F:35:2E:B2:E6:AC:76:62:AF:25:62:DF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 071369D6CADA31B4FDC59089FC68C20C03F6630E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
Signing time: Thu 14 May 2026 07:30:48 +0000
ROA not before: Thu 14 May 2026 07:25:48 +0000
ROA not after: Thu 13 May 2027 07:30:48 +0000
asID: 40676
IP address blocks: 82.26.147.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.38.24.0/22 maxlen: 24
82.38.52.0/22 maxlen: 24
82.38.72.0/22 maxlen: 24
82.38.88.0/22 maxlen: 24
178.83.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:13:69:d6:ca:da:31:b4:fd:c5:90:89:fc:68:c2:0c:03:f6:63:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 14 07:25:48 2026 GMT
Not After : May 13 07:30:48 2027 GMT
Subject: CN=F5ECB95F9A24050D5F352EB2E6AC7662AF2562DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9c:c1:b5:b7:bf:1d:5c:66:12:61:1b:f5:8a:
5e:3f:12:24:28:ed:82:19:27:1a:e8:be:19:18:6e:
15:ca:9f:bd:d7:66:66:23:98:e4:e4:e9:c9:ce:c9:
3d:2a:c9:4b:2a:06:b1:db:64:48:1d:93:44:02:27:
32:c8:9b:4d:d9:94:9c:6f:3a:3f:c7:26:ae:19:3d:
f6:0c:d8:bd:28:ed:80:b8:41:be:a0:1e:45:c4:90:
3f:71:9e:c5:a1:7a:36:4d:34:e3:a6:a2:97:ee:46:
a0:a8:9f:1d:8a:ab:47:fd:c2:2b:07:1d:f7:d3:8e:
93:76:a9:eb:0f:84:2b:f7:22:cc:c1:b9:86:7d:60:
23:7c:5c:4b:61:2e:b9:b6:e7:c9:0c:8f:de:15:dc:
66:6e:47:69:7e:f2:4c:a1:ad:a7:18:93:6e:e1:45:
be:72:2f:93:12:f3:8e:90:f0:20:e5:db:98:38:c6:
15:13:d4:d4:01:ca:cd:86:d6:20:63:63:39:ef:ad:
4b:1a:a2:ed:d6:58:23:12:d9:c5:cc:65:93:6d:52:
44:4b:7c:5b:6e:c8:95:f5:8b:37:fe:5e:85:0a:c6:
2f:08:ce:a5:70:57:94:6f:aa:dd:d9:e4:89:b6:b1:
5d:e2:c7:81:2c:63:2c:12:ca:57:23:04:5b:86:fd:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:B9:5F:9A:24:05:0D:5F:35:2E:B2:E6:AC:76:62:AF:25:62:DF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.147.0/24
82.29.36.0/24
82.29.39.0/24
82.29.49.0/24
82.29.51.0/24
82.29.70.0/24
82.29.73.0/24
82.29.79.0/24
82.38.24.0/22
82.38.52.0/22
82.38.72.0/22
82.38.88.0/22
178.83.86.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:f3:61:62:fa:fd:7f:ce:9e:0a:3c:80:92:f5:a6:49:8d:c6:
4c:9c:d6:8b:a1:af:72:e3:b0:2d:78:8e:c9:83:8e:bd:dd:f5:
16:d6:02:81:6b:95:a2:ea:d4:4b:45:38:71:ed:f5:09:0a:f7:
0c:37:49:fc:88:e8:8a:9d:44:1d:6a:d4:c9:30:5c:cb:a2:7f:
dc:dc:b4:2f:ea:75:c9:39:d0:63:77:b7:2a:8b:0a:61:ec:9b:
de:33:ea:51:f4:63:54:88:63:e9:1f:f4:6c:fc:7b:e5:9f:f4:
27:ff:dd:e1:21:6e:01:68:89:88:64:f8:b4:ca:cd:30:f8:0a:
5f:c2:ed:3a:b7:d8:5c:2a:e8:96:42:ff:72:0e:9a:83:22:20:
cf:11:e3:f9:29:8c:c9:8f:b2:fa:dc:7a:1b:9b:ae:8a:1c:69:
68:f3:bf:9c:11:57:85:a4:51:f4:ff:8a:9e:40:76:06:4f:37:
dc:38:bd:56:92:30:66:a5:e4:ba:42:cc:4c:51:18:82:93:f9:
d3:a5:a0:77:f3:4e:39:e1:14:29:4d:e9:a3:2f:ae:ac:39:42:
e3:11:48:68:21:71:cf:8f:5d:7c:99:09:b6:11:5a:eb:53:fc:
35:da:da:3c:de:c3:42:de:82:1c:06:1b:f8:3a:a9:34:6b:6f:
cf:7f:dc:c8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUBxNp1sraMbT9xZCJ/GjCDAP2Yw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTQwNzI1NDhaFw0yNzA1MTMwNzMwNDhaMDMxMTAvBgNV
BAMTKEY1RUNCOTVGOUEyNDA1MEQ1RjM1MkVCMkU2QUM3NjYyQUYyNTYyREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgnMG1t78dXGYSYRv1il4/EiQo
7YIZJxrovhkYbhXKn73XZmYjmOTk6cnOyT0qyUsqBrHbZEgdk0QCJzLIm03ZlJxv
Oj/HJq4ZPfYM2L0o7YC4Qb6gHkXEkD9xnsWhejZNNOOmopfuRqConx2Kq0f9wisH
HffTjpN2qesPhCv3IszBuYZ9YCN8XEthLrm258kMj94V3GZuR2l+8kyhracYk27h
Rb5yL5MS846Q8CDl25g4xhUT1NQBys2G1iBjYznvrUsaou3WWCMS2cXMZZNtUkRL
fFtuyJX1izf+XoUKxi8IzqVwV5Rvqt3Z5Im2sV3ix4EsYywSylcjBFuG/SBNAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU9ey5X5okBQ1fNS6y5qx2Yq8lYt8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBABSGpMD
BABSHSQDBABSHScDBABSHTEDBABSHTMDBABSHUYDBABSHUkDBABSHU8DBAJSJhgD
BAJSJjQDBAJSJkgDBAJSJlgDBAGyU1YwDQYJKoZIhvcNAQELBQADggEBAIrzYWL6
/X/Ongo8gJL1pkmNxkyc1ouhr3LjsC14jsmDjr3d9RbWAoFrlaLq1EtFOHHt9QkK
9ww3SfyI6IqdRB1q1MkwXMuif9zctC/qdck50GN3tyqLCmHsm94z6lH0Y1SIY+kf
9Gz8e+Wf9Cf/3eEhbgFoiYhk+LTKzTD4Cl/C7Tq32Fwq6JZC/3IOmoMiIM8R4/kp
jMmPsvrcehubroocaWjzv5wRV4WkUfT/ip5AdgZPN9w4vVaSMGal5LpCzExRGIKT
+dOloHfzTjnhFClN6aMvrqw5QuMRSGghcc+PXXyZCbYRWutT/DXa2jzew0LeghwG
G/g6qTRrb89/3Mg=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:18:13 2026 by rpki-client