Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: /xZl2hpM17J2tXzLiFSqyabm0+JT43Ef8GPbFzOk3ag=
Subject key identifier: 83:ED:00:4D:D5:23:C6:AE:0C:05:81:3F:8A:36:18:C8:A6:35:3E:54
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7C1F33D9AECB9097FEF118D989D0740C67B2CC9A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
Signing time: Sun 20 Jul 2025 10:12:25 +0000
ROA not before: Sun 20 Jul 2025 10:07:25 +0000
ROA not after: Sun 19 Jul 2026 10:12:25 +0000
asID: 16276
IP address blocks: 141.11.74.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 10:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:1f:33:d9:ae:cb:90:97:fe:f1:18:d9:89:d0:74:0c:67:b2:cc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 20 10:07:25 2025 GMT
Not After : Jul 19 10:12:25 2026 GMT
Subject: CN=83ED004DD523C6AE0C05813F8A3618C8A6353E54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:87:4a:ad:93:fd:38:63:ff:9c:01:9a:ec:
53:66:99:97:ec:cb:f3:2b:c6:4a:20:81:2d:ed:ff:
9c:12:61:4b:1a:d3:f8:a2:e2:38:1e:46:26:a9:49:
16:8b:05:7e:a4:dc:68:fe:29:dc:d7:fb:c2:5a:94:
97:3c:ab:28:93:6f:e3:cf:f9:c6:f5:c4:97:3a:4d:
4d:69:ac:cb:40:e4:c1:ab:9f:f6:45:be:2a:89:cb:
5b:96:28:e8:eb:32:02:26:fb:3e:12:b8:32:26:e1:
c2:33:37:b3:f2:96:25:3c:a8:ba:11:81:82:07:e8:
02:d8:71:02:b7:95:a4:13:bc:51:df:d0:3e:08:a3:
c8:a8:3b:98:09:74:3c:c7:d6:3c:67:57:c7:25:c2:
f5:5a:53:54:89:a3:f2:ac:81:bd:5b:31:53:1f:54:
78:a8:88:b6:f9:4f:1f:77:a5:7b:9b:08:d5:e8:b9:
44:a3:34:dd:fd:14:de:37:71:83:59:19:3b:4b:ce:
98:d8:77:b1:5a:cb:9f:bb:05:51:00:61:23:2f:45:
88:21:20:03:0c:88:87:f1:c3:69:46:6c:e0:2a:2d:
3f:3a:5c:a2:bb:da:92:28:64:15:82:32:1f:af:9a:
e1:c0:3f:db:90:b3:2c:cd:23:b1:73:fe:ee:ea:87:
a5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:ED:00:4D:D5:23:C6:AE:0C:05:81:3F:8A:36:18:C8:A6:35:3E:54
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.74.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:ae:af:90:c7:06:b1:39:b1:62:ce:d6:b3:2f:25:92:7a:51:
a3:c7:7d:18:b3:87:4d:de:1b:61:82:74:04:2f:57:60:5c:1a:
27:db:40:d5:1a:9b:73:97:45:4c:77:f8:3d:c3:8e:c3:7b:23:
56:6f:0b:aa:a6:14:19:cf:31:6d:24:8c:76:1a:30:e0:4a:5b:
53:7a:5f:06:5d:af:6c:c5:5d:bb:7f:ee:69:07:5b:34:32:ef:
fc:ed:01:5c:49:33:33:51:88:fb:26:55:0e:08:39:bf:53:1b:
0e:5e:f0:79:53:2f:f3:10:d1:9e:8e:ce:9a:ab:19:79:60:6e:
0e:67:a4:c0:97:b3:9c:e8:2e:53:c0:98:05:c5:c4:10:90:2e:
b9:f7:29:4e:ae:c9:cf:0f:c4:78:e8:25:e0:57:95:bb:a2:9e:
5d:01:19:f1:fc:87:03:0b:1c:80:21:6d:fa:98:9a:59:2c:64:
9e:8e:6c:01:a0:12:5d:ec:88:7b:ab:69:2d:a1:6a:50:af:a0:
13:46:a3:7d:5a:a0:c5:5c:da:62:06:51:91:2a:ed:30:8f:fb:
fc:95:ee:bd:c5:d2:9e:a7:6a:7f:09:eb:58:fb:fa:65:07:a7:
b7:0b:6e:d0:f4:48:e2:1e:9a:22:b5:99:c5:96:15:9b:35:bd:
b7:d0:da:65
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUfB8z2a7LkJf+8RjZidB0DGeyzJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA3MjAxMDA3MjVaFw0yNjA3MTkxMDEyMjVaMDMxMTAvBgNV
BAMTKDgzRUQwMDRERDUyM0M2QUUwQzA1ODEzRjhBMzYxOEM4QTYzNTNFNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuqYdKrZP9OGP/nAGa7FNmmZfs
y/MrxkoggS3t/5wSYUsa0/ii4jgeRiapSRaLBX6k3Gj+KdzX+8JalJc8qyiTb+PP
+cb1xJc6TU1prMtA5MGrn/ZFviqJy1uWKOjrMgIm+z4SuDIm4cIzN7PyliU8qLoR
gYIH6ALYcQK3laQTvFHf0D4Io8ioO5gJdDzH1jxnV8clwvVaU1SJo/Ksgb1bMVMf
VHioiLb5Tx93pXubCNXouUSjNN39FN43cYNZGTtLzpjYd7Fay5+7BVEAYSMvRYgh
IAMMiIfxw2lGbOAqLT86XKK72pIoZBWCMh+vmuHAP9uQsyzNI7Fz/u7qh6XPAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUg+0ATdUjxq4MBYE/ijYYyKY1PlQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGNC0ow
DQYJKoZIhvcNAQELBQADggEBAKGur5DHBrE5sWLO1rMvJZJ6UaPHfRizh03eG2GC
dAQvV2BcGifbQNUam3OXRUx3+D3DjsN7I1ZvC6qmFBnPMW0kjHYaMOBKW1N6XwZd
r2zFXbt/7mkHWzQy7/ztAVxJMzNRiPsmVQ4IOb9TGw5e8HlTL/MQ0Z6OzpqrGXlg
bg5npMCXs5zoLlPAmAXFxBCQLrn3KU6uyc8PxHjoJeBXlbuinl0BGfH8hwMLHIAh
bfqYmlksZJ6ObAGgEl3siHuraS2halCvoBNGo31aoMVc2mIGUZEq7TCP+/yV7r3F
0p6nan8J61j7+mUHp7cLbtD0SOIemiK1mcWWFZs1vbfQ2mU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:57:19 2025 by rpki-client