Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 4qQjmFGDoymtnjsilH2qzOMXYlnBTnEk0GTRw1UeMtE=
Subject key identifier: 3B:B0:30:6D:4B:EF:D1:C2:BF:41:51:4E:89:9A:1C:D3:76:C0:CB:B0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7D97793AA4AE69558F4C45B8E8969F0BA694089A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Thu 05 Jun 2025 02:54:00 +0000
ROA not before: Thu 05 Jun 2025 02:49:00 +0000
ROA not after: Thu 04 Jun 2026 02:54:00 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.49.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
167.148.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:97:79:3a:a4:ae:69:55:8f:4c:45:b8:e8:96:9f:0b:a6:94:08:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 5 02:49:00 2025 GMT
Not After : Jun 4 02:54:00 2026 GMT
Subject: CN=3BB0306D4BEFD1C2BF41514E899A1CD376C0CBB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:9d:b4:ab:96:7a:66:68:03:1d:4b:90:b6:
d8:34:55:dc:ab:fe:7b:0c:d5:d9:38:b4:e1:5e:a4:
e0:a1:20:65:88:37:10:aa:13:6b:c7:59:40:e7:48:
ab:b2:e1:4a:94:78:27:b8:f8:5b:48:dd:51:c4:d6:
04:8a:83:76:94:bc:b1:d5:2a:29:9d:92:c9:dc:b8:
d5:9d:ae:f5:86:c5:d2:17:a7:dc:52:19:4d:43:65:
24:e4:e0:76:ac:37:46:ca:cb:0b:7f:43:45:3e:e1:
5e:ed:c0:9a:0c:83:6c:3e:ad:1c:2b:ef:ab:bf:e3:
e3:f4:92:f2:e2:e1:92:22:1d:6e:de:89:8c:b2:6d:
80:4c:c7:eb:4b:90:12:2a:8a:e9:5b:15:88:54:30:
67:27:2f:7d:c1:a0:ef:d8:07:d7:12:31:39:5b:ee:
3f:70:a6:3a:b4:93:6d:85:2e:ad:27:74:03:c9:c8:
1d:df:b3:79:67:f7:f9:23:cb:75:b4:a1:a9:20:5d:
e0:e4:1d:36:a9:22:0b:3e:e9:80:aa:76:2a:73:d0:
b0:63:0a:20:d4:10:0d:ae:73:3f:eb:53:f8:1f:58:
36:43:59:0e:9c:6e:65:a4:b4:a5:2b:bf:9f:17:7c:
72:51:e9:7f:7c:cc:93:c9:4d:d8:40:1e:fe:7b:29:
d1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B0:30:6D:4B:EF:D1:C2:BF:41:51:4E:89:9A:1C:D3:76:C0:CB:B0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.68.0/24
143.14.252.0/24
146.103.10.0/24
146.103.49.0/24
150.241.209.0/24
167.148.33.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c4:19:a0:f2:b4:2f:09:14:74:57:54:98:97:f9:0a:d2:5a:
b7:c7:a3:ad:86:15:b7:cd:48:e9:c1:3e:e4:4b:2f:49:86:0d:
1e:eb:3a:89:b4:e9:c2:f6:b5:03:4c:7c:61:bc:39:de:74:5a:
b8:b3:8d:c6:ca:0a:eb:bc:9c:13:48:85:c0:59:cc:38:a5:69:
f5:84:2a:e0:29:4b:97:10:72:cc:ed:64:ec:01:ec:30:b0:59:
a0:60:00:9a:81:16:05:35:5c:1e:a4:27:05:fe:8b:08:59:86:
1b:20:4a:4b:a5:20:53:f4:1e:55:25:72:3a:6c:16:04:5b:dd:
d7:b3:38:bd:49:4f:37:a5:fc:39:0a:e7:25:2a:a2:ce:7b:1a:
e9:d3:57:71:63:d7:7b:97:4e:e7:c6:4f:95:d3:47:1b:97:5d:
67:e3:38:e6:c4:e6:60:4e:14:ff:73:d8:0d:24:e0:e7:1f:bc:
1e:dd:e8:03:30:2c:3d:64:28:85:91:c1:86:ef:40:c8:1f:a1:
06:c2:42:61:50:08:f5:bf:74:13:22:37:97:4a:5f:d0:6d:79:
94:94:de:5c:2d:ee:0f:a4:f9:c9:a8:27:52:f0:38:10:ae:ee:
25:4c:59:f9:47:8d:b5:22:d9:f6:1a:df:b9:93:e6:cb:59:47:
9f:61:5f:f5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUfZd5OqSuaVWPTEW46JafC6aUCJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDUwMjQ5MDBaFw0yNjA2MDQwMjU0MDBaMDMxMTAvBgNV
BAMTKDNCQjAzMDZENEJFRkQxQzJCRjQxNTE0RTg5OUExQ0QzNzZDMENCQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCySp20q5Z6ZmgDHUuQttg0Vdyr
/nsM1dk4tOFepOChIGWINxCqE2vHWUDnSKuy4UqUeCe4+FtI3VHE1gSKg3aUvLHV
KimdksncuNWdrvWGxdIXp9xSGU1DZSTk4HasN0bKywt/Q0U+4V7twJoMg2w+rRwr
76u/4+P0kvLi4ZIiHW7eiYyybYBMx+tLkBIqiulbFYhUMGcnL33BoO/YB9cSMTlb
7j9wpjq0k22FLq0ndAPJyB3fs3ln9/kjy3W0oakgXeDkHTapIgs+6YCqdipz0LBj
CiDUEA2ucz/rU/gfWDZDWQ6cbmWktKUrv58XfHJR6X98zJPJTdhAHv57KdGLAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUO7AwbUvv0cK/QVFOiZoc03bAy7AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABgPmkD
BACPDkQDBACPDvwDBACSZwoDBACSZzEDBACW8dEDBACnlCEwDQYJKoZIhvcNAQEL
BQADggEBADnEGaDytC8JFHRXVJiX+QrSWrfHo62GFbfNSOnBPuRLL0mGDR7rOom0
6cL2tQNMfGG8Od50WrizjcbKCuu8nBNIhcBZzDilafWEKuApS5cQcsztZOwB7DCw
WaBgAJqBFgU1XB6kJwX+iwhZhhsgSkulIFP0HlUlcjpsFgRb3dezOL1JTzel/DkK
5yUqos57GunTV3Fj13uXTufGT5XTRxuXXWfjOObE5mBOFP9z2A0k4OcfvB7d6AMw
LD1kKIWRwYbvQMgfoQbCQmFQCPW/dBMiN5dKX9BteZSU3lwt7g+k+cmoJ1LwOBCu
7iVMWflHjbUi2fYa37mT5stZR59hX/U=
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:39:18 2025 by rpki-client