Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: ohC10dEF4Wiwin7vHkAB+tomjAu/Q7SMxInC8jzwcjA=
Subject key identifier: E0:A3:47:22:06:FF:B6:C9:6A:31:E0:4C:FF:2C:B5:B9:10:51:E4:D4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 248F6B4C3427F74328AA75C641AE7C7D98DF0EAB
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
Signing time: Wed 05 Mar 2025 11:15:28 +0000
ROA not before: Wed 05 Mar 2025 11:10:28 +0000
ROA not after: Wed 04 Mar 2026 11:15:28 +0000
asID: 16276
IP address blocks: 2.57.18.0/24 maxlen: 24
89.19.44.0/24 maxlen: 24
191.96.153.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:8f:6b:4c:34:27:f7:43:28:aa:75:c6:41:ae:7c:7d:98:df:0e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 5 11:10:28 2025 GMT
Not After : Mar 4 11:15:28 2026 GMT
Subject: CN=E0A3472206FFB6C96A31E04CFF2CB5B91051E4D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:9b:ce:7e:2c:3c:a2:31:ba:16:41:c7:d2:5c:
f9:a5:8f:92:fb:9d:37:6d:31:21:c5:fa:77:b4:da:
dc:6a:fa:77:81:06:f2:c9:b8:16:9d:1a:69:e4:96:
48:86:e2:e1:ba:6d:4d:50:d9:eb:6b:11:d2:17:89:
21:82:db:c5:af:7c:e9:e4:7a:4e:c4:03:1b:a3:19:
b5:03:90:8b:d3:c0:a8:aa:13:3f:9a:7a:28:4a:e3:
3c:36:06:1b:ee:2c:80:f9:b4:af:43:49:b6:b4:da:
1b:dd:26:e8:92:bc:5f:5d:46:ce:2f:f2:05:ec:35:
c4:d2:16:b8:a3:2a:0a:11:6c:73:ef:8e:1f:a2:58:
50:11:2c:aa:03:9b:df:70:c4:bd:0a:4c:c4:59:f5:
41:74:4a:f0:a6:fa:96:39:c8:81:53:62:98:77:8f:
38:8d:3e:2b:b6:8e:e0:93:de:51:84:73:fe:27:88:
8a:4c:6c:78:94:16:eb:18:71:5f:6a:d4:77:d0:cc:
79:4e:56:60:d4:a7:69:c1:21:5b:90:0c:0a:cd:87:
81:be:8c:71:b8:f5:80:45:cd:b9:8e:0f:11:63:c9:
b9:5c:cc:5d:7c:45:bb:8c:b8:4e:1c:5d:4a:67:5f:
ce:cc:b7:e1:5b:68:8d:86:b5:34:10:6f:3b:8f:c3:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A3:47:22:06:FF:B6:C9:6A:31:E0:4C:FF:2C:B5:B9:10:51:E4:D4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.18.0/24
89.19.44.0/24
191.96.153.0/24
191.101.177.0/24
Signature Algorithm: sha256WithRSAEncryption
04:fc:2b:68:92:ac:6f:32:9c:df:06:b9:93:8b:06:b7:5e:95:
d2:56:18:6e:11:28:ec:a6:59:fc:09:6f:45:da:f2:d4:7e:70:
cb:6a:12:43:be:23:9b:6f:f2:4d:66:a1:7c:46:35:f7:1d:51:
ee:69:2a:f7:bb:e6:1e:65:72:37:22:9b:2e:dd:ff:15:d2:03:
b1:7f:04:cd:a2:09:a6:49:28:c9:a3:88:f3:18:fb:68:cb:36:
3e:8e:bc:36:61:e6:75:24:42:81:2a:38:46:c7:3c:fa:ce:04:
45:c4:06:ba:53:20:ec:f5:de:05:d0:c5:97:4b:e7:e8:07:d4:
16:f0:d2:89:28:eb:96:15:97:a2:89:29:da:26:95:e0:18:fd:
db:da:b9:3d:b6:4a:ba:76:b9:1d:7f:7f:33:07:e3:28:17:08:
d7:2c:00:7b:06:0c:40:d0:c8:90:7e:c1:08:ef:4b:16:85:96:
8c:74:14:62:da:d2:f7:53:10:93:15:0a:8e:af:76:e4:f9:b1:
1f:c5:59:8d:de:0e:fa:55:fa:c0:07:c7:d8:fb:8c:b3:d6:95:
19:57:c3:25:84:0b:de:d7:51:d0:8c:24:8a:40:de:bc:25:df:
e7:e6:cd:3c:15:f0:6a:6f:2b:96:1a:2f:90:eb:2e:09:ba:b1:
76:b4:b4:1c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUJI9rTDQn90MoqnXGQa58fZjfDqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMDUxMTEwMjhaFw0yNjAzMDQxMTE1MjhaMDMxMTAvBgNV
BAMTKEUwQTM0NzIyMDZGRkI2Qzk2QTMxRTA0Q0ZGMkNCNUI5MTA1MUU0RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvm85+LDyiMboWQcfSXPmlj5L7
nTdtMSHF+ne02txq+neBBvLJuBadGmnklkiG4uG6bU1Q2etrEdIXiSGC28WvfOnk
ek7EAxujGbUDkIvTwKiqEz+aeihK4zw2BhvuLID5tK9DSba02hvdJuiSvF9dRs4v
8gXsNcTSFrijKgoRbHPvjh+iWFARLKoDm99wxL0KTMRZ9UF0SvCm+pY5yIFTYph3
jziNPiu2juCT3lGEc/4niIpMbHiUFusYcV9q1HfQzHlOVmDUp2nBIVuQDArNh4G+
jHG49YBFzbmODxFjyblczF18RbuMuE4cXUpnX87Mt+FbaI2GtTQQbzuPw/pFAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQU4KNHIgb/tslqMeBM/yy1uRBR5NQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAACORID
BABZEywDBAC/YJkDBAC/ZbEwDQYJKoZIhvcNAQELBQADggEBAAT8K2iSrG8ynN8G
uZOLBrdeldJWGG4RKOymWfwJb0Xa8tR+cMtqEkO+I5tv8k1moXxGNfcdUe5pKve7
5h5lcjcimy7d/xXSA7F/BM2iCaZJKMmjiPMY+2jLNj6OvDZh5nUkQoEqOEbHPPrO
BEXEBrpTIOz13gXQxZdL5+gH1Bbw0oko65YVl6KJKdomleAY/dvauT22Srp2uR1/
fzMH4ygXCNcsAHsGDEDQyJB+wQjvSxaFlox0FGLa0vdTEJMVCo6vduT5sR/FWY3e
DvpV+sAHx9j7jLPWlRlXwyWEC97XUdCMJIpA3rwl3+fmzTwV8GpvK5YaL5DrLgm6
sXa0tBw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:27:50 2025 by rpki-client