Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: QK5AjGTg4FUkBwBKqe7RCvB5hhe9+G6PKp9F2gFpB5Y=
Subject key identifier: 08:16:26:72:A9:86:9F:60:43:81:18:C8:EE:E5:F3:CA:23:58:6B:CC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6AD0F7EA6544D95DC3A38A3398F8C3386DDABFDC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
Signing time: Wed 09 Jul 2025 12:45:26 +0000
ROA not before: Wed 09 Jul 2025 12:40:26 +0000
ROA not after: Wed 08 Jul 2026 12:45:26 +0000
asID: 16276
IP address blocks: 91.124.192.0/24 maxlen: 24
91.124.199.0/24 maxlen: 24
92.113.13.0/24 maxlen: 24
92.113.67.0/24 maxlen: 24
92.113.74.0/24 maxlen: 24
92.113.77.0/24 maxlen: 24
92.113.80.0/24 maxlen: 24
95.135.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d0:f7:ea:65:44:d9:5d:c3:a3:8a:33:98:f8:c3:38:6d:da:bf:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 9 12:40:26 2025 GMT
Not After : Jul 8 12:45:26 2026 GMT
Subject: CN=08162672A9869F60438118C8EEE5F3CA23586BCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:53:37:0d:cc:a1:95:6b:be:1f:12:dd:ee:c4:
db:f3:e5:9d:8c:ca:8f:c2:94:35:f6:4d:67:a1:3d:
15:b8:be:ff:87:9d:37:5c:8d:bc:ea:50:11:4f:db:
00:14:85:6d:43:f0:2f:c7:7a:03:d6:10:20:26:6c:
21:6d:ca:a5:11:82:c0:bf:21:9d:7b:d5:b5:82:f6:
06:cb:80:50:88:b3:c4:06:bb:34:22:fd:5b:7b:6b:
ff:50:ea:df:cf:8c:f3:3f:c2:1f:74:23:b4:85:6d:
0a:af:6a:c8:eb:74:c3:e1:68:61:d1:27:6f:f0:73:
cc:82:35:35:f5:c8:37:fa:25:07:32:e9:21:4c:c8:
e9:0f:fb:e7:db:5e:e0:61:01:49:a3:9c:61:f1:72:
70:49:ad:d8:f3:b7:12:5b:ba:2d:d3:d5:a8:82:cb:
08:bb:58:aa:0d:8f:98:12:ed:14:38:97:41:ac:75:
95:79:80:f2:40:38:fc:6d:80:5a:da:13:95:5a:b4:
4a:ea:b0:09:0a:bc:fc:1a:dd:9a:b7:db:82:64:68:
37:14:f8:63:a8:e6:96:61:b1:8a:37:eb:ef:38:9c:
f7:0f:b4:1d:19:bd:de:9c:4d:a9:1b:a5:6b:61:bf:
c7:38:d1:a9:ae:24:83:e9:b8:98:97:59:9c:d8:2a:
8e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:16:26:72:A9:86:9F:60:43:81:18:C8:EE:E5:F3:CA:23:58:6B:CC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.192.0/24
91.124.199.0/24
92.113.13.0/24
92.113.67.0/24
92.113.74.0/24
92.113.77.0/24
92.113.80.0/24
95.135.58.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c9:38:ca:7d:23:ba:94:a5:b1:d6:bc:30:41:a6:02:e8:ae:
09:f7:e1:52:86:a5:d7:19:e3:0e:00:74:e9:59:96:6e:8b:f9:
9b:1f:17:ad:68:2d:c8:34:88:12:a1:ab:f3:95:da:30:bf:1b:
76:71:84:0f:62:be:7e:94:e1:36:9c:bc:4f:1c:5d:43:9c:18:
87:db:17:ae:d0:11:28:b1:bb:c2:9e:17:68:43:eb:10:7e:2b:
86:11:16:e3:4c:ef:be:0c:73:fe:33:24:41:ee:70:a9:bc:d1:
b6:fd:12:ca:80:b5:38:13:7b:8e:75:43:ae:31:0c:d3:5f:aa:
d7:01:e4:06:25:25:a9:52:66:d2:ed:31:b9:a4:a4:ef:62:1d:
ba:90:cb:ad:2c:61:20:20:5a:40:2c:a7:a6:ec:a4:42:49:7b:
49:32:08:13:a6:02:1c:12:8f:6a:60:44:97:ed:bc:37:36:b2:
6d:c2:51:81:2f:0c:8d:83:9c:91:ed:e8:9c:06:5c:9c:b1:eb:
54:2b:f9:09:d8:9f:e7:6b:ed:45:95:ab:e3:f6:7a:69:03:d1:
2c:2b:b4:2d:ab:8b:5a:bd:81:63:41:ca:96:5b:6e:a0:40:45:
77:67:04:10:2c:d7:c7:e6:f4:50:3e:7f:0f:89:4b:ee:1e:45:
74:81:a6:18
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUatD36mVE2V3Do4ozmPjDOG3av9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MDkxMjQwMjZaFw0yNjA3MDgxMjQ1MjZaMDMxMTAvBgNV
BAMTKDA4MTYyNjcyQTk4NjlGNjA0MzgxMThDOEVFRTVGM0NBMjM1ODZCQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzUzcNzKGVa74fEt3uxNvz5Z2M
yo/ClDX2TWehPRW4vv+HnTdcjbzqUBFP2wAUhW1D8C/HegPWECAmbCFtyqURgsC/
IZ171bWC9gbLgFCIs8QGuzQi/Vt7a/9Q6t/PjPM/wh90I7SFbQqvasjrdMPhaGHR
J2/wc8yCNTX1yDf6JQcy6SFMyOkP++fbXuBhAUmjnGHxcnBJrdjztxJbui3T1aiC
ywi7WKoNj5gS7RQ4l0GsdZV5gPJAOPxtgFraE5VatErqsAkKvPwa3Zq324JkaDcU
+GOo5pZhsYo36+84nPcPtB0Zvd6cTakbpWthv8c40amuJIPpuJiXWZzYKo73AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUCBYmcqmGn2BDgRjI7uXzyiNYa8wwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABbfMAD
BABbfMcDBABccQ0DBABccUMDBABccUoDBABccU0DBABccVADBABfhzowDQYJKoZI
hvcNAQELBQADggEBAF3JOMp9I7qUpbHWvDBBpgLorgn34VKGpdcZ4w4AdOlZlm6L
+ZsfF61oLcg0iBKhq/OV2jC/G3ZxhA9ivn6U4TacvE8cXUOcGIfbF67QESixu8Ke
F2hD6xB+K4YRFuNM774Mc/4zJEHucKm80bb9EsqAtTgTe451Q64xDNNfqtcB5AYl
JalSZtLtMbmkpO9iHbqQy60sYSAgWkAsp6bspEJJe0kyCBOmAhwSj2pgRJftvDc2
sm3CUYEvDI2DnJHt6JwGXJyx61Qr+QnYn+dr7UWVq+P2emkD0SwrtC2ri1q9gWNB
ypZbbqBARXdnBBAs18fm9FA+fw+JS+4eRXSBphg=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:25:12 2025 by rpki-client