Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: sgnfycirmL67j5gYw7N03w9HDdBYo0u8PbHqQLW1gdU=
Subject key identifier: C8:CF:EE:D5:93:58:5E:DF:AF:B2:C0:37:A5:95:ED:90:27:0C:AA:AB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 13CBE822D7D0524B9994E505169C39B6F24132E6
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Mon 30 Jun 2025 00:00:24 +0000
ROA not before: Sun 29 Jun 2025 23:55:24 +0000
ROA not after: Mon 29 Jun 2026 00:00:24 +0000
asID: 16509
IP address blocks: 181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cb:e8:22:d7:d0:52:4b:99:94:e5:05:16:9c:39:b6:f2:41:32:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 29 23:55:24 2025 GMT
Not After : Jun 29 00:00:24 2026 GMT
Subject: CN=C8CFEED593585EDFAFB2C037A595ED90270CAAAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:58:33:6b:0a:1d:5b:e9:ac:11:49:da:93:bf:
ab:2e:da:0e:7f:6f:20:54:2b:c6:59:54:14:78:99:
92:5d:38:06:dc:14:a7:63:0d:2d:9c:0e:54:b5:4e:
63:07:b0:2f:fa:fd:be:4e:57:01:7d:28:d3:cb:17:
fa:c6:3f:0e:ee:69:ca:f8:d3:dc:8e:00:9a:8b:ce:
30:08:96:58:a6:c8:7b:49:73:bb:6c:5f:23:ec:e7:
97:85:2c:74:1a:66:ec:98:26:95:54:a0:ec:e1:7e:
3b:95:49:73:72:dc:ec:ac:a2:f1:8b:7f:e5:c9:b4:
db:5c:ac:77:4a:49:0f:7c:bc:38:ce:53:63:c9:80:
d2:98:5d:aa:59:3a:3c:12:ef:1d:e8:a3:10:a5:4d:
61:b7:f8:08:42:1e:24:22:71:b0:cc:5c:ae:ff:5c:
63:6c:fa:76:1c:5e:3e:f8:23:83:32:c6:40:e6:6f:
d4:58:83:a9:71:ae:c1:63:f9:dc:a5:18:88:88:11:
05:78:e4:ee:07:23:81:f1:23:6d:fd:88:7d:c3:63:
82:6f:75:f0:a7:65:5b:85:4e:3b:2d:b3:cc:06:d8:
de:0d:3a:c2:37:78:74:b9:70:87:91:71:f8:6d:9b:
1f:04:87:08:88:30:7a:42:e0:5c:d6:8d:87:e3:cd:
47:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CF:EE:D5:93:58:5E:DF:AF:B2:C0:37:A5:95:ED:90:27:0C:AA:AB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c8:bc:5f:61:98:b4:a2:3c:12:33:8a:70:59:70:83:2a:1a:
52:89:a1:0f:a3:45:db:70:b0:eb:07:c6:1a:05:35:2d:ff:61:
29:b6:7a:00:f5:40:65:39:6d:ec:7f:f7:1e:d7:8c:f9:8c:98:
e9:21:8f:22:c0:f5:e6:0a:6c:92:51:3a:8a:4c:cb:0b:71:5e:
6d:5b:16:cf:05:21:b8:28:38:6d:40:3c:c1:f8:4b:e4:2a:bd:
4d:60:ae:3d:5f:14:50:c2:3c:58:0f:a5:97:9d:55:0b:f8:34:
58:c8:6d:33:06:2b:42:23:16:c2:e0:9f:b8:22:58:90:c9:83:
ec:f8:84:bd:88:43:a7:0d:2f:de:d2:a9:d5:81:2e:ec:96:54:
2e:aa:cd:05:81:e4:79:6e:e4:0b:2e:5a:62:b3:f8:31:ee:1a:
d0:8b:22:ff:94:2a:31:fa:e7:ce:80:3c:9b:6f:d0:1c:e2:8d:
15:64:8a:cd:9c:5c:28:cd:fb:2e:ec:94:4a:3c:3e:02:76:fa:
54:5f:a8:d1:00:4b:5b:d9:3c:73:ff:86:09:72:1a:5d:b2:c0:
fe:0b:ff:bf:1e:4d:d6:7a:70:8e:f6:95:1f:55:4c:68:6c:15:
3f:e4:62:91:a0:84:1a:57:e4:0a:df:a2:5b:b4:10:88:c9:b9:
20:79:18:7b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUE8voItfQUkuZlOUFFpw5tvJBMuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MjkyMzU1MjRaFw0yNjA2MjkwMDAwMjRaMDMxMTAvBgNV
BAMTKEM4Q0ZFRUQ1OTM1ODVFREZBRkIyQzAzN0E1OTVFRDkwMjcwQ0FBQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4WDNrCh1b6awRSdqTv6su2g5/
byBUK8ZZVBR4mZJdOAbcFKdjDS2cDlS1TmMHsC/6/b5OVwF9KNPLF/rGPw7uacr4
09yOAJqLzjAIllimyHtJc7tsXyPs55eFLHQaZuyYJpVUoOzhfjuVSXNy3OysovGL
f+XJtNtcrHdKSQ98vDjOU2PJgNKYXapZOjwS7x3ooxClTWG3+AhCHiQicbDMXK7/
XGNs+nYcXj74I4MyxkDmb9RYg6lxrsFj+dylGIiIEQV45O4HI4HxI239iH3DY4Jv
dfCnZVuFTjsts8wG2N4NOsI3eHS5cIeRcfhtmx8EhwiIMHpC4FzWjYfjzUfxAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUyM/u1ZNYXt+vssA3pZXtkCcMqqswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAC11m4D
BAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8wDQYJKoZIhvcNAQEL
BQADggEBAKHIvF9hmLSiPBIzinBZcIMqGlKJoQ+jRdtwsOsHxhoFNS3/YSm2egD1
QGU5bex/9x7XjPmMmOkhjyLA9eYKbJJROopMywtxXm1bFs8FIbgoOG1APMH4S+Qq
vU1grj1fFFDCPFgPpZedVQv4NFjIbTMGK0IjFsLgn7giWJDJg+z4hL2IQ6cNL97S
qdWBLuyWVC6qzQWB5Hlu5AsuWmKz+DHuGtCLIv+UKjH6586APJtv0BzijRVkis2c
XCjN+y7slEo8PgJ2+lRfqNEAS1vZPHP/hglyGl2ywP4L/78eTdZ6cI72lR9VTGhs
FT/kYpGghBpX5Arfolu0EIjJuSB5GHs=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:08:40 2025 by rpki-client