Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: xZvWJkak68Up60hoZbv4BX+A/J81jJiFw2WDQah3hE8=
Subject key identifier: D2:80:0C:63:68:04:34:E1:64:E6:6A:F3:D0:5E:50:42:BD:EF:CD:44
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 41F5CAA8CB6F41AB25FFFBA94A9C2B5D88FF36AE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Sat 14 Mar 2026 01:00:09 +0000
ROA not before: Sat 14 Mar 2026 00:55:09 +0000
ROA not after: Sat 13 Mar 2027 01:00:09 +0000
asID: 40676
IP address blocks: 46.202.116.0/24 maxlen: 24
46.202.117.0/24 maxlen: 24
46.202.118.0/24 maxlen: 24
46.202.119.0/24 maxlen: 24
46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
92.113.14.0/24 maxlen: 24
92.113.46.0/24 maxlen: 24
95.134.123.0/24 maxlen: 24
95.134.125.0/24 maxlen: 24
95.134.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f5:ca:a8:cb:6f:41:ab:25:ff:fb:a9:4a:9c:2b:5d:88:ff:36:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 14 00:55:09 2026 GMT
Not After : Mar 13 01:00:09 2027 GMT
Subject: CN=D2800C63680434E164E66AF3D05E5042BDEFCD44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:47:26:39:cb:d3:be:d5:77:5e:2e:34:ff:
45:96:a6:f4:73:b6:f1:95:3d:f0:06:1a:78:ac:2b:
ab:29:23:d9:33:70:f0:5c:0a:42:d1:91:d0:e6:4d:
2b:3c:c0:e3:51:5c:bf:a4:c6:08:77:b9:fe:72:18:
d9:da:4f:3d:c1:af:e0:04:86:6d:58:e2:e6:1f:87:
15:28:cd:9e:2d:d7:0d:a9:ee:3a:4f:85:8c:71:05:
d6:a0:ef:7c:0b:19:52:18:c8:52:52:43:3f:9e:07:
fb:b6:43:c3:b3:49:c7:2b:ae:f9:85:88:1d:01:a3:
95:14:43:ff:1c:2e:c6:4b:0a:6a:7b:7d:f0:87:96:
ef:0b:0f:52:cf:fd:8e:18:6c:d1:79:91:cb:d9:5b:
cf:1a:88:de:c9:ab:e7:9a:e8:89:3c:9e:14:a1:3f:
0e:4a:04:5e:10:6a:fa:af:a4:cf:55:63:4e:94:21:
12:de:6c:41:db:d9:e7:3a:ef:2f:c9:7d:a6:bd:4a:
36:09:67:85:de:52:06:8d:a6:a3:48:27:be:ca:00:
46:2b:e1:7d:89:fd:1f:fe:b1:9e:7a:ab:ac:ab:e9:
c3:85:2b:87:0b:61:66:c4:73:64:4c:f4:7d:f3:82:
ef:27:c6:66:71:73:80:bb:04:b9:f9:06:8b:75:52:
ff:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:80:0C:63:68:04:34:E1:64:E6:6A:F3:D0:5E:50:42:BD:EF:CD:44
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.116.0/22
46.202.224.0/24
91.124.135.0/24
92.113.14.0/24
92.113.46.0/24
95.134.123.0/24
95.134.125.0/24
95.134.177.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:e6:8e:4f:5e:c5:ff:e9:c3:03:44:dc:4b:25:6e:b5:5d:60:
d3:76:99:6c:22:8e:85:49:19:ff:2f:7d:04:0d:2d:20:ac:74:
d9:4e:48:29:77:ea:c1:41:6e:21:84:a2:9d:29:58:7b:44:8d:
70:9b:84:a0:6d:cb:a6:ca:19:50:3b:d0:81:04:93:f6:49:19:
d5:c3:8f:70:26:70:dc:7d:48:14:8a:c0:f1:d1:f5:ac:32:6d:
ad:87:c3:19:9a:9f:07:67:7d:34:70:d0:4c:b6:e5:f8:5f:8d:
0c:52:ba:a3:94:ed:d1:91:60:72:ad:58:a7:19:21:20:14:08:
44:d9:32:c1:ef:db:c6:20:57:93:ae:fc:e5:7f:25:be:c9:bf:
07:f8:61:20:6d:04:75:9b:6c:09:82:b9:dd:24:d2:e5:a6:c7:
1e:df:a4:ee:46:28:83:68:1b:a3:cd:3d:c9:0e:2b:00:1c:55:
ec:ec:c1:0e:17:a3:e6:95:bb:04:10:86:e9:56:70:87:72:84:
5b:78:12:c2:aa:f4:2a:70:90:09:52:ae:2d:07:1e:bd:63:c4:
05:28:9d:6b:bc:0a:69:40:c9:96:2a:17:35:88:62:df:28:b4:
41:d6:2f:ba:89:ba:ef:d7:a8:46:89:d3:da:cc:bc:45:43:44:
86:3d:8e:2c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUQfXKqMtvQasl//upSpwrXYj/Nq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMTQwMDU1MDlaFw0yNzAzMTMwMTAwMDlaMDMxMTAvBgNV
BAMTKEQyODAwQzYzNjgwNDM0RTE2NEU2NkFGM0QwNUU1MDQyQkRFRkNENDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcBEcmOcvTvtV3Xi40/0WWpvRz
tvGVPfAGGnisK6spI9kzcPBcCkLRkdDmTSs8wONRXL+kxgh3uf5yGNnaTz3Br+AE
hm1Y4uYfhxUozZ4t1w2p7jpPhYxxBdag73wLGVIYyFJSQz+eB/u2Q8OzSccrrvmF
iB0Bo5UUQ/8cLsZLCmp7ffCHlu8LD1LP/Y4YbNF5kcvZW88aiN7Jq+ea6Ik8nhSh
Pw5KBF4QavqvpM9VY06UIRLebEHb2ec67y/Jfaa9SjYJZ4XeUgaNpqNIJ77KAEYr
4X2J/R/+sZ56q6yr6cOFK4cLYWbEc2RM9H3zgu8nxmZxc4C7BLn5Bot1Uv9ZAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU0oAMY2gENOFk5mrz0F5QQr3vzUQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAIuynQD
BAAuyuADBABbfIcDBABccQ4DBABccS4DBABfhnsDBABfhn0DBABfhrEwDQYJKoZI
hvcNAQELBQADggEBAG3mjk9exf/pwwNE3EslbrVdYNN2mWwijoVJGf8vfQQNLSCs
dNlOSCl36sFBbiGEop0pWHtEjXCbhKBty6bKGVA70IEEk/ZJGdXDj3AmcNx9SBSK
wPHR9awyba2HwxmanwdnfTRw0Ey25fhfjQxSuqOU7dGRYHKtWKcZISAUCETZMsHv
28YgV5Ou/OV/Jb7Jvwf4YSBtBHWbbAmCud0k0uWmxx7fpO5GKINoG6PNPckOKwAc
VezswQ4Xo+aVuwQQhulWcIdyhFt4EsKq9CpwkAlSri0HHr1jxAUonWu8CmlAyZYq
FzWIYt8otEHWL7qJuu/XqEaJ09rMvEVDRIY9jiw=
-----END CERTIFICATE-----
Generated at Sat Mar 14 21:44:45 2026 by rpki-client