Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: qxueaxogJpq34STbav0IC15aGNaYs8IWGFRdOCWMwuQ=
Subject key identifier: D8:0B:EC:B9:9D:0F:C5:C2:7C:A7:5E:AC:3F:DC:36:A6:F7:65:44:9A
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 1B38E5F2199E79D5F15445599017A3F7694E1754
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40676.roa
Signing time: Tue 04 Mar 2025 20:22:56 +0000
ROA not before: Tue 04 Mar 2025 20:17:56 +0000
ROA not after: Tue 03 Mar 2026 20:22:56 +0000
asID: 40676
IP address blocks: 141.11.97.0/24 maxlen: 24
141.11.245.0/24 maxlen: 24
141.11.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:38:e5:f2:19:9e:79:d5:f1:54:45:59:90:17:a3:f7:69:4e:17:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 4 20:17:56 2025 GMT
Not After : Mar 3 20:22:56 2026 GMT
Subject: CN=D80BECB99D0FC5C27CA75EAC3FDC36A6F765449A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:ed:da:fa:0a:9c:e5:83:53:5d:f6:82:6d:
bb:ea:3f:72:a0:52:ba:82:83:57:98:09:8c:12:82:
38:43:32:9a:94:26:05:49:42:5f:bc:77:e1:40:a8:
17:0a:1a:99:83:cc:63:be:7b:98:59:48:cf:54:81:
cc:36:52:6d:3d:82:98:eb:ab:d3:af:05:84:58:0e:
3f:d2:e0:59:8d:62:43:ec:a9:b7:39:a5:c2:9f:3b:
e8:33:7b:37:07:55:74:e3:2b:d3:20:29:93:ae:d9:
99:97:21:ef:de:b1:b8:fb:c8:58:96:fe:11:8d:6d:
4e:02:e7:48:9c:27:35:4e:6c:2e:b2:bc:19:7d:a3:
59:0b:97:9e:0f:8a:59:ef:c9:6e:27:e0:22:ce:c4:
98:e5:87:5c:6d:44:49:aa:54:73:34:cc:f7:8b:6b:
c5:86:92:b1:6f:8c:3c:80:6f:02:2f:1e:ef:fb:bb:
76:c2:5e:cd:f1:06:a5:c5:e6:8a:98:2f:39:3f:27:
d5:94:1d:1f:32:f2:05:cb:14:3f:9e:72:88:4a:f8:
4e:a5:d2:66:50:90:d2:33:93:39:83:d5:03:0d:c9:
11:f0:a4:27:7e:4b:eb:53:15:1b:17:a2:83:9a:67:
4f:50:ac:52:ff:49:78:ee:59:91:15:49:78:5e:df:
1f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0B:EC:B9:9D:0F:C5:C2:7C:A7:5E:AC:3F:DC:36:A6:F7:65:44:9A
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.97.0/24
141.11.245.0/24
141.11.251.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:5c:76:9b:31:98:9d:f0:45:91:97:c4:3f:60:c9:09:e6:62:
5c:b4:d5:5f:6d:76:76:8d:82:ac:f8:e1:2b:71:da:0c:71:61:
bd:3e:13:32:16:d8:0b:20:ef:f1:c7:cc:d3:69:b3:70:51:31:
ee:40:da:6b:a4:cd:46:51:42:df:5c:85:09:9a:2b:6b:6d:7c:
9f:3d:8c:d5:78:bd:7d:ea:bb:a6:54:37:21:ac:e5:92:c1:af:
7c:36:05:16:5c:40:ee:fe:be:d3:a2:0e:d1:14:df:e5:d1:13:
86:13:8f:fa:e7:d2:d4:3e:d0:1e:3c:bb:3e:55:2f:39:f8:18:
76:40:59:61:bf:ac:1a:7d:0e:d0:cf:bb:33:ea:6c:b8:f2:e5:
f2:8f:53:9b:1b:2f:bb:0e:b1:64:ef:14:7a:f6:49:0b:cc:6b:
b2:d7:d5:47:d0:c2:d4:4f:85:f2:5d:77:45:38:0d:1f:84:e7:
30:da:1f:0d:b6:63:a0:c1:be:9e:83:22:17:e6:7a:24:29:d2:
16:b9:9d:d5:48:06:50:fe:db:46:4c:b0:90:7b:07:dc:d1:66:
50:0d:92:5c:13:2c:13:92:5c:49:4c:e5:4f:c6:c2:e1:56:8a:
26:7c:91:74:a9:58:15:70:fb:2e:69:64:af:2f:c2:6f:32:71:
39:9f:86:00
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUGzjl8hmeedXxVEVZkBej92lOF1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAzMDQyMDE3NTZaFw0yNjAzMDMyMDIyNTZaMDMxMTAvBgNV
BAMTKEQ4MEJFQ0I5OUQwRkM1QzI3Q0E3NUVBQzNGREMzNkE2Rjc2NTQ0OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNe3a+gqc5YNTXfaCbbvqP3Kg
UrqCg1eYCYwSgjhDMpqUJgVJQl+8d+FAqBcKGpmDzGO+e5hZSM9Ugcw2Um09gpjr
q9OvBYRYDj/S4FmNYkPsqbc5pcKfO+gzezcHVXTjK9MgKZOu2ZmXIe/esbj7yFiW
/hGNbU4C50icJzVObC6yvBl9o1kLl54PilnvyW4n4CLOxJjlh1xtREmqVHM0zPeL
a8WGkrFvjDyAbwIvHu/7u3bCXs3xBqXF5oqYLzk/J9WUHR8y8gXLFD+ecohK+E6l
0mZQkNIzkzmD1QMNyRHwpCd+S+tTFRsXooOaZ09QrFL/SXjuWZEVSXhe3x8tAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU2AvsuZ0PxcJ8p16sP9w2pvdlRJowHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACNC2ED
BACNC/UDBACNC/swDQYJKoZIhvcNAQELBQADggEBAA9cdpsxmJ3wRZGXxD9gyQnm
Yly01V9tdnaNgqz44Stx2gxxYb0+EzIW2Asg7/HHzNNps3BRMe5A2mukzUZRQt9c
hQmaK2ttfJ89jNV4vX3qu6ZUNyGs5ZLBr3w2BRZcQO7+vtOiDtEU3+XRE4YTj/rn
0tQ+0B48uz5VLzn4GHZAWWG/rBp9DtDPuzPqbLjy5fKPU5sbL7sOsWTvFHr2SQvM
a7LX1UfQwtRPhfJdd0U4DR+E5zDaHw22Y6DBvp6DIhfmeiQp0ha5ndVIBlD+20ZM
sJB7B9zRZlANklwTLBOSXElM5U/GwuFWiiZ8kXSpWBVw+y5pZK8vwm8ycTmfhgA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:06 2025 by rpki-client