Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: rRwNtTUOeqb1GXF8vRAHeLUFltdlEDVAuniT+soL69U=
Subject key identifier: 73:92:17:40:27:8B:09:F8:A7:7A:BF:9A:EF:AB:23:4F:AB:96:68:64
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7E54BDFCE0ACBA8C802E2D104D6C181119161BD3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Mon 27 Apr 2026 08:18:08 +0000
ROA not before: Mon 27 Apr 2026 08:13:08 +0000
ROA not after: Mon 26 Apr 2027 08:18:08 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
155.117.5.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
155.117.233.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
168.222.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:54:bd:fc:e0:ac:ba:8c:80:2e:2d:10:4d:6c:18:11:19:16:1b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 27 08:13:08 2026 GMT
Not After : Apr 26 08:18:08 2027 GMT
Subject: CN=73921740278B09F8A77ABF9AEFAB234FAB966864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:56:47:c9:0e:24:e5:08:8b:99:2a:05:35:
a5:2b:3e:ad:c9:a5:4c:88:20:a5:33:56:21:fb:2f:
02:d8:7a:0a:8c:dc:93:d7:7c:7b:01:7e:07:39:8a:
cd:13:4c:0b:ae:bf:75:1f:14:ab:c1:44:2a:d1:51:
d6:aa:3c:63:1e:4e:37:4d:b5:8e:cb:c3:5c:9a:d8:
e1:04:34:32:0a:8a:17:5e:55:12:3b:68:71:1a:f6:
3d:42:ea:57:e5:f2:5e:2d:44:4e:4b:e1:1e:bb:57:
86:8a:cb:9b:f9:1f:7a:45:31:91:f9:4e:8c:cf:57:
f0:08:91:c6:e0:f9:94:0e:3a:80:22:13:29:34:8e:
3d:ce:fc:4a:3f:d2:2c:e5:2c:52:14:45:2b:43:c3:
86:d1:37:02:76:a4:0b:5b:49:73:ca:75:20:50:08:
23:64:3a:17:36:fa:79:bb:d7:35:f6:b4:39:67:97:
08:8a:1a:8d:58:9f:ea:d4:90:ea:63:ac:7f:12:c0:
2f:f3:20:6e:ff:c2:90:94:8a:76:5e:9d:9f:6e:0a:
61:0b:9f:6b:a3:50:45:d3:70:71:48:30:88:e6:e5:
bc:a6:10:17:b1:30:4b:5c:dc:6a:fc:c8:2b:07:67:
33:ef:dc:7d:49:04:15:a2:95:9b:bc:6f:6c:84:a5:
53:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:92:17:40:27:8B:09:F8:A7:7A:BF:9A:EF:AB:23:4F:AB:96:68:64
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.231.0/24
146.103.10.0/24
148.135.192.0/24
155.117.5.0/24
155.117.210.0/24
155.117.212.0/23
155.117.233.0-155.117.234.255
162.141.71.0/24
167.148.125.0/24
167.148.193.0/24
168.222.49.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7e:62:0a:ab:62:3f:71:ec:bb:f3:37:f1:24:cf:43:64:e6:
02:e0:df:65:ae:0c:45:b2:58:93:e7:80:4f:7c:95:0b:2b:ed:
c6:65:99:9d:88:82:a6:9b:4e:a7:d6:c2:29:1a:d5:c2:0d:d0:
1a:de:3a:8a:64:4e:c8:c2:13:bf:27:53:5f:5b:f2:4a:13:84:
1f:d1:98:91:f9:df:0f:99:a4:92:0f:3c:08:8f:e8:70:ad:43:
47:2e:b5:63:d5:ab:92:c1:bc:5f:d4:f5:76:55:6b:09:61:38:
b1:a1:ce:64:9e:87:6b:fa:b8:fb:08:44:4e:18:71:fb:6c:3e:
c2:2e:f2:5a:fd:87:20:63:8a:2a:db:17:61:cd:aa:fd:6a:34:
36:6c:e9:26:a4:11:27:4e:32:a3:c1:57:a1:15:e9:a5:b0:a2:
7f:b2:d9:12:25:b1:bd:a1:71:ed:d6:d1:d9:80:4b:d2:60:c0:
e0:43:77:33:83:40:53:fd:e3:67:64:53:ac:4c:77:d0:f1:ad:
f1:93:9c:46:ea:fe:84:a0:42:4d:dc:96:50:f0:cf:9d:e1:74:
21:d3:e6:e5:64:fb:bb:08:47:a9:45:09:ba:59:6a:c1:dd:01:
64:56:74:79:4c:9e:1a:5b:31:f1:dd:63:54:a7:2b:6e:b4:15:
e7:9c:ab:8d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUflS9/OCsuoyALi0QTWwYERkWG9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjcwODEzMDhaFw0yNzA0MjYwODE4MDhaMDMxMTAvBgNV
BAMTKDczOTIxNzQwMjc4QjA5RjhBNzdBQkY5QUVGQUIyMzRGQUI5NjY4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4V1ZHyQ4k5QiLmSoFNaUrPq3J
pUyIIKUzViH7LwLYegqM3JPXfHsBfgc5is0TTAuuv3UfFKvBRCrRUdaqPGMeTjdN
tY7Lw1ya2OEENDIKihdeVRI7aHEa9j1C6lfl8l4tRE5L4R67V4aKy5v5H3pFMZH5
TozPV/AIkcbg+ZQOOoAiEyk0jj3O/Eo/0izlLFIURStDw4bRNwJ2pAtbSXPKdSBQ
CCNkOhc2+nm71zX2tDlnlwiKGo1Yn+rUkOpjrH8SwC/zIG7/wpCUinZenZ9uCmEL
n2ujUEXTcHFIMIjm5bymEBexMEtc3Gr8yCsHZzPv3H1JBBWilZu8b2yEpVOnAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUc5IXQCeLCfiner+a76sjT6uWaGQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBABgPmkD
BACPDucDBACSZwoDBACUh8ADBACbdQUDBACbddIDBAGbddQwDAMEAJt16QMEAJt1
6gMEAKKNRwMEAKeUfQMEAKeUwQMEAKjeMTANBgkqhkiG9w0BAQsFAAOCAQEAQX5i
CqtiP3Hsu/M38STPQ2TmAuDfZa4MRbJYk+eAT3yVCyvtxmWZnYiCpptOp9bCKRrV
wg3QGt46imROyMITvydTX1vyShOEH9GYkfnfD5mkkg88CI/ocK1DRy61Y9WrksG8
X9T1dlVrCWE4saHOZJ6Ha/q4+whEThhx+2w+wi7yWv2HIGOKKtsXYc2q/Wo0Nmzp
JqQRJ04yo8FXoRXppbCif7LZEiWxvaFx7dbR2YBL0mDA4EN3M4NAU/3jZ2RTrEx3
0PGt8ZOcRur+hKBCTdyWUPDPneF0IdPm5WT7uwhHqUUJullqwd0BZFZ0eUyeGlsx
8d1jVKcrbrQV55yrjQ==
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:27:05 2026 by rpki-client