Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: KGjZFQqiADCZAyHn1Pxy7KqkknWsIGcKScMPO88EV2Y=
Subject key identifier: F3:02:39:48:61:72:F3:2A:EC:8F:AE:26:B6:7C:89:16:6C:06:1C:96
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0270D0500A2B5A54FE53D5A8A5BA3C27C1758C41
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Tue 26 May 2026 08:40:14 +0000
ROA not before: Tue 26 May 2026 08:35:14 +0000
ROA not after: Tue 25 May 2027 08:40:14 +0000
asID: 16509
IP address blocks: 96.62.208.0/22 maxlen: 22
140.150.156.0/24 maxlen: 24
140.233.128.0/19 maxlen: 24
143.14.81.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
147.79.26.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:70:d0:50:0a:2b:5a:54:fe:53:d5:a8:a5:ba:3c:27:c1:75:8c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 26 08:35:14 2026 GMT
Not After : May 25 08:40:14 2027 GMT
Subject: CN=F30239486172F32AEC8FAE26B67C89166C061C96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:16:00:72:76:6e:f5:ce:82:de:fa:ba:d0:21:
a7:15:fa:c5:07:14:7c:71:27:8c:6b:2f:3a:6a:22:
a6:12:27:15:81:ed:91:f9:80:cc:40:4b:04:05:59:
b6:9f:88:cf:4a:6e:33:43:72:b0:c9:4c:be:41:23:
39:e7:96:77:98:45:5a:cd:c2:b8:a8:86:9a:af:ed:
49:6d:5b:0d:88:b9:ad:f6:b5:9a:d1:63:b3:c9:9d:
cc:f6:ed:ce:49:ce:a5:33:5f:83:c4:d9:e8:94:17:
35:bb:bf:73:ab:a2:09:5d:fd:f0:33:d5:8a:af:c7:
a9:12:ac:c7:91:77:a1:05:29:fb:e3:a1:3c:59:ce:
da:d5:1a:df:55:66:7e:23:95:f2:e1:1e:4e:6c:06:
5c:23:93:d8:1d:c5:b1:b4:b8:37:fd:48:30:f8:39:
56:87:a8:da:0b:df:a8:05:b4:3c:ca:03:88:85:4f:
b5:e2:29:21:9b:31:a3:3c:65:9b:c2:92:54:e7:58:
93:69:16:c9:e0:5a:82:d3:a0:ca:60:f6:6b:ed:b8:
d6:85:e4:9f:dc:22:38:0a:37:d9:25:55:cd:d4:f1:
d4:39:1e:93:41:1e:92:53:39:99:12:bf:7e:1c:69:
38:03:0a:11:ff:6c:92:85:18:8b:7f:8a:f5:57:36:
ea:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:02:39:48:61:72:F3:2A:EC:8F:AE:26:B6:7C:89:16:6C:06:1C:96
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.150.156.0/24
140.233.128.0/19
143.14.81.0/24
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0-147.79.26.255
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
29:57:c9:46:bb:08:80:67:81:f6:8e:17:ab:fd:2f:68:cb:e6:
5e:e7:f3:45:9d:82:1d:f2:a5:5c:77:a5:f7:e6:d7:93:9b:4f:
9d:2b:f4:b7:b3:04:da:90:4d:38:a1:c0:5b:c6:b5:ee:6f:0b:
4b:d2:61:48:2a:59:92:41:9a:6b:52:8f:06:6e:f6:b3:31:7c:
a6:7a:5a:65:6d:e9:81:cb:da:13:2e:69:c4:fb:a8:24:29:8f:
2f:c0:f8:2c:31:d1:0f:93:01:3e:97:8f:f6:19:77:0d:a9:54:
c4:86:b6:12:02:ba:ae:98:41:c9:4c:cf:c0:fb:74:d1:6c:4b:
a5:49:a8:b8:49:03:40:e6:c0:c9:0b:36:89:26:68:15:86:b5:
6a:84:ca:86:7f:95:3a:5f:17:48:fd:17:b6:e9:5f:3d:a3:e8:
d9:0f:3d:4b:8b:c2:66:20:37:80:de:26:65:ed:97:9a:b6:2a:
6a:58:df:b4:6b:04:f6:0d:4e:62:31:5c:93:cd:79:42:3a:62:
fc:31:c1:64:7b:e2:53:a5:99:88:49:1f:4c:1e:5a:db:df:25:
32:5a:65:92:9c:54:c1:30:c1:ee:ff:c0:29:0f:a2:a1:1c:22:
42:c4:23:c0:80:df:b8:6d:55:02:14:71:1b:bc:94:0e:2c:98:
a3:72:54:90
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUAnDQUAorWlT+U9Wopbo8J8F1jEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MjYwODM1MTRaFw0yNzA1MjUwODQwMTRaMDMxMTAvBgNV
BAMTKEYzMDIzOTQ4NjE3MkYzMkFFQzhGQUUyNkI2N0M4OTE2NkMwNjFDOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGFgBydm71zoLe+rrQIacV+sUH
FHxxJ4xrLzpqIqYSJxWB7ZH5gMxASwQFWbafiM9KbjNDcrDJTL5BIznnlneYRVrN
wriohpqv7UltWw2Iua32tZrRY7PJncz27c5JzqUzX4PE2eiUFzW7v3Orogld/fAz
1Yqvx6kSrMeRd6EFKfvjoTxZztrVGt9VZn4jlfLhHk5sBlwjk9gdxbG0uDf9SDD4
OVaHqNoL36gFtDzKA4iFT7XiKSGbMaM8ZZvCklTnWJNpFsngWoLToMpg9mvtuNaF
5J/cIjgKN9klVc3U8dQ5HpNBHpJTOZkSv34caTgDChH/bJKFGIt/ivVXNuqTAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQU8wI5SGFy8yrsj64mtnyJFmwGHJYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZYGCCsGAQUFBwEHAQH/BIGGMIGDMIGABAIAATB6AwQC
YD7QAwQAjJacAwQFjOmAAwQAjw5RAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+MAwD
BACTTxkDBACTTxoDBACUh7QDBACUh7oDBACbdQADBACbdTwDBACbdbkDBACbdbsD
BACbdcsDBACijZ8DBACijbQDBACo3nkwDQYJKoZIhvcNAQELBQADggEBAClXyUa7
CIBngfaOF6v9L2jL5l7n80Wdgh3ypVx3pffm15ObT50r9LezBNqQTTihwFvGte5v
C0vSYUgqWZJBmmtSjwZu9rMxfKZ6WmVt6YHL2hMuacT7qCQpjy/A+Cwx0Q+TAT6X
j/YZdw2pVMSGthICuq6YQclMz8D7dNFsS6VJqLhJA0DmwMkLNokmaBWGtWqEyoZ/
lTpfF0j9F7bpXz2j6NkPPUuLwmYgN4DeJmXtl5q2KmpY37RrBPYNTmIxXJPNeUI6
YvwxwWR74lOlmYhJH0weWtvfJTJaZZKcVMEwwe7/wCkPoqEcIkLEI8CA37htVQIU
cRu8lA4smKNyVJA=
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:17:11 2026 by rpki-client