Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: z6BR5HrxVgIYdVbVGoqk3/KVjKehC8DjjOFI+8NP/XE=
Subject key identifier: EA:B0:03:3C:8B:60:D6:3F:35:F9:D9:49:D2:B3:EA:0D:0E:4D:07:24
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 61B7FB4709A06E8ABEDE984D8D1D78F4B523BBB5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Thu 24 Jul 2025 09:33:06 +0000
ROA not before: Thu 24 Jul 2025 09:28:06 +0000
ROA not after: Thu 23 Jul 2026 09:33:06 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.49.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
162.141.104.0/23 maxlen: 24
167.148.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 22:13:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:b7:fb:47:09:a0:6e:8a:be:de:98:4d:8d:1d:78:f4:b5:23:bb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 24 09:28:06 2025 GMT
Not After : Jul 23 09:33:06 2026 GMT
Subject: CN=EAB0033C8B60D63F35F9D949D2B3EA0D0E4D0724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:10:a8:0c:e7:68:24:6a:9c:38:af:2e:e4:
13:0b:26:a2:b8:c8:25:2d:fd:1f:9a:e0:97:b3:2a:
16:f1:00:08:ec:13:17:ea:24:3c:cd:ee:29:5a:2e:
7e:59:f6:fe:e9:c2:ad:b1:7b:d0:67:fd:f1:24:77:
4e:9a:0c:ed:85:10:05:e0:83:43:f3:24:67:1f:7b:
60:68:1c:50:1a:c4:b3:a1:19:66:13:46:11:c5:82:
81:42:5b:b2:3d:45:1d:c8:c5:31:30:57:e0:1a:60:
37:4a:d1:78:c1:bf:04:8d:cf:d2:e5:ee:13:fe:51:
8c:da:4e:86:62:36:12:e2:9c:20:3e:ce:3d:7b:7c:
ee:e3:f7:2d:50:8a:df:0a:f3:84:f6:60:bf:6b:6d:
e9:d7:21:c8:f1:a4:eb:19:79:8e:d7:65:70:47:1a:
e3:d3:e5:46:44:d6:79:6b:58:89:bf:a0:b4:ff:23:
ec:34:6e:73:ba:d3:b1:d5:c4:99:a2:9a:c0:60:85:
19:88:f8:c8:9c:69:f0:14:e6:3f:7d:7c:d9:1f:d5:
01:fe:0b:22:b3:ed:6b:53:6a:87:76:c7:27:53:06:
68:e1:dd:99:ad:a0:7c:bf:b4:c4:23:41:8d:5f:be:
c7:c3:5e:ac:86:e9:33:d2:92:bf:ec:45:a6:43:81:
37:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B0:03:3C:8B:60:D6:3F:35:F9:D9:49:D2:B3:EA:0D:0E:4D:07:24
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.68.0/24
143.14.252.0/24
146.103.10.0/24
146.103.49.0/24
150.241.209.0/24
162.141.104.0/23
167.148.33.0/24
Signature Algorithm: sha256WithRSAEncryption
26:cc:35:8b:9c:ab:77:99:e7:82:5b:c5:11:31:7b:50:85:51:
c5:c9:64:6f:5e:a8:96:91:c8:2f:56:db:89:34:43:0f:0a:3b:
38:7a:ca:8b:c0:79:6e:94:2b:00:a5:be:f0:e5:c5:24:5f:67:
09:a7:98:03:59:bf:31:5d:3a:92:3a:7c:7a:9c:07:46:c6:3b:
3e:3f:ea:b5:f9:18:75:80:58:30:dc:67:ed:ea:02:bd:83:90:
97:d7:ca:6b:3f:5d:9b:b7:23:3e:b9:13:19:42:e6:d0:9b:cd:
b5:30:38:51:82:7a:5d:57:77:9c:84:ef:02:59:d6:47:f3:32:
a6:fc:c8:5e:d4:9b:3b:31:ce:11:99:56:72:7d:7c:65:e2:4f:
26:34:a5:6a:8b:c5:a0:5b:eb:e0:3d:a3:e1:cb:0a:4f:b6:98:
49:0f:dd:f4:39:4a:93:ef:f0:da:46:40:c3:c9:a7:be:8a:76:
8c:d7:ae:ec:4a:57:89:7f:e1:13:02:fd:0f:d0:11:e5:1d:07:
f0:ef:b9:75:94:ac:fc:6d:fe:5a:cf:31:b2:ae:61:da:32:8e:
c7:d4:63:07:b8:21:a6:42:81:23:55:6d:16:01:e2:86:bc:07:
c8:79:e7:dd:47:8a:05:0a:b3:11:b3:85:25:31:85:8f:5c:77:
ed:48:f6:4d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUYbf7Rwmgboq+3phNjR149LUju7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjQwOTI4MDZaFw0yNjA3MjMwOTMzMDZaMDMxMTAvBgNV
BAMTKEVBQjAwMzNDOEI2MEQ2M0YzNUY5RDk0OUQyQjNFQTBEMEU0RDA3MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuzBCoDOdoJGqcOK8u5BMLJqK4
yCUt/R+a4JezKhbxAAjsExfqJDzN7ilaLn5Z9v7pwq2xe9Bn/fEkd06aDO2FEAXg
g0PzJGcfe2BoHFAaxLOhGWYTRhHFgoFCW7I9RR3IxTEwV+AaYDdK0XjBvwSNz9Ll
7hP+UYzaToZiNhLinCA+zj17fO7j9y1Qit8K84T2YL9rbenXIcjxpOsZeY7XZXBH
GuPT5UZE1nlrWIm/oLT/I+w0bnO607HVxJmimsBghRmI+MicafAU5j99fNkf1QH+
CyKz7WtTaod2xydTBmjh3ZmtoHy/tMQjQY1fvsfDXqyG6TPSkr/sRaZDgTcPAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU6rADPItg1j81+dlJ0rPqDQ5NByQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABgPmkD
BACPDkQDBACPDvwDBACSZwoDBACSZzEDBACW8dEDBAGijWgDBACnlCEwDQYJKoZI
hvcNAQELBQADggEBACbMNYucq3eZ54JbxRExe1CFUcXJZG9eqJaRyC9W24k0Qw8K
Ozh6yovAeW6UKwClvvDlxSRfZwmnmANZvzFdOpI6fHqcB0bGOz4/6rX5GHWAWDDc
Z+3qAr2DkJfXyms/XZu3Iz65ExlC5tCbzbUwOFGCel1Xd5yE7wJZ1kfzMqb8yF7U
mzsxzhGZVnJ9fGXiTyY0pWqLxaBb6+A9o+HLCk+2mEkP3fQ5SpPv8NpGQMPJp76K
dozXruxKV4l/4RMC/Q/QEeUdB/DvuXWUrPxt/lrPMbKuYdoyjsfUYwe4IaZCgSNV
bRYB4oa8B8h5591HigUKsxGzhSUxhY9cd+1I9k0=
-----END CERTIFICATE-----
Generated at Fri Jul 25 05:00:30 2025 by rpki-client