
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: sEeVj/nxG06FMyINuq18qNzyWI/uEnaXxsMrK+K4lb8=
Subject key identifier: 86:34:71:5B:6A:4C:C3:49:55:A8:56:B8:9F:8B:04:7E:CA:E7:C9:89
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 760254C8A1DC0C98E4274ABEEB6F0278925DEA67
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Thu 16 Jul 2026 08:32:20 +0000
ROA not before: Thu 16 Jul 2026 08:27:20 +0000
ROA not after: Thu 15 Jul 2027 08:32:20 +0000
asID: 16509
IP address blocks: 181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a00:d1a0:10::/48 maxlen: 48
2a00:d1a0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Jul 2026 07:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:02:54:c8:a1:dc:0c:98:e4:27:4a:be:eb:6f:02:78:92:5d:ea:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 16 08:27:20 2026 GMT
Not After : Jul 15 08:32:20 2027 GMT
Subject: CN=8634715B6A4CC34955A856B89F8B047ECAE7C989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:23:4d:04:aa:28:2e:71:bc:6d:47:00:e5:ad:
8c:0c:af:71:61:db:1a:74:38:a9:0b:66:6b:09:68:
22:c8:5f:06:e5:ce:c1:3a:10:8f:ef:79:6c:73:5f:
1e:b0:0d:18:ca:b2:f7:3a:a7:20:3f:f7:9b:9c:74:
ec:68:ee:96:42:05:9b:ae:8d:66:a8:eb:00:35:aa:
22:5f:8c:5d:cb:f0:dc:47:26:66:31:d1:6c:c6:db:
f5:17:ca:4a:df:91:1e:b2:29:d3:72:a7:d9:71:7b:
fe:26:8c:2e:1e:d4:b6:0f:5e:49:c3:99:49:56:72:
9c:b4:9b:fa:83:54:00:d4:80:39:d0:55:9d:18:f2:
65:dd:cf:a4:a9:89:11:4a:4c:8f:44:c3:ec:4f:4c:
9c:d2:00:ae:1b:96:f7:91:71:f7:18:c0:6a:8b:a4:
33:e2:21:a9:e5:c6:e5:6d:82:10:31:eb:7c:f6:a4:
43:46:54:74:97:9c:22:83:f3:3e:30:10:d8:ed:17:
a0:3c:83:03:eb:35:63:b4:bd:a3:20:f4:ad:2a:77:
2b:62:7f:8a:e5:51:13:5c:b9:43:0e:e1:87:ad:91:
b5:f3:63:f0:ff:e5:db:a7:b8:96:c6:01:d7:c8:9d:
17:26:3b:3e:63:10:e2:2e:29:17:1a:3e:f8:fe:43:
f7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:34:71:5B:6A:4C:C3:49:55:A8:56:B8:9F:8B:04:7E:CA:E7:C9:89
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
IPv6:
2a00:d1a0:10::/47
Signature Algorithm: sha256WithRSAEncryption
9b:42:32:22:8a:f0:e3:36:5e:fe:6d:9d:d2:df:7d:ae:38:d9:
3c:9a:88:86:7e:f3:08:49:b1:41:78:1d:ae:81:db:1a:9e:5f:
1e:43:f4:aa:2b:d6:9c:91:52:a2:0a:6a:38:61:fa:b4:39:3c:
cb:3b:22:f7:03:92:d9:00:bf:a3:9a:a9:26:d1:93:bf:d3:c2:
d0:c9:23:1c:9f:6b:8d:92:54:cf:f9:a3:e5:a7:d4:79:7d:29:
ce:83:cf:17:83:4c:e2:31:96:68:12:ba:93:fd:45:72:96:ac:
47:ab:4e:67:9e:56:66:50:c0:05:4d:b5:7e:98:66:c5:ff:89:
31:cd:57:c9:c6:a9:02:92:5e:30:0a:d5:b1:1c:48:1a:98:7f:
c1:d1:97:b8:fc:48:b1:87:b3:42:ad:34:01:b7:17:7f:e8:bb:
aa:1a:54:1b:91:9b:69:dc:c4:84:b9:02:4c:c2:d1:f6:2d:08:
24:37:ef:06:09:3f:c2:55:61:15:72:8d:47:d3:5e:5a:74:90:
a8:1a:56:9f:d8:0e:6b:4f:6c:83:28:a0:c0:4e:dd:82:5b:a9:
ae:a1:f1:6e:e7:f1:d8:84:8d:fb:6e:aa:d3:f4:f2:a0:18:cb:
6f:cf:39:f0:e0:8c:65:22:40:e7:a1:d8:ca:b7:1e:89:6d:20:
5a:f0:3c:66
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUdgJUyKHcDJjkJ0q+628CeJJd6mcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MTYwODI3MjBaFw0yNzA3MTUwODMyMjBaMDMxMTAvBgNV
BAMTKDg2MzQ3MTVCNkE0Q0MzNDk1NUE4NTZCODlGOEIwNDdFQ0FFN0M5ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrI00EqigucbxtRwDlrYwMr3Fh
2xp0OKkLZmsJaCLIXwblzsE6EI/veWxzXx6wDRjKsvc6pyA/95ucdOxo7pZCBZuu
jWao6wA1qiJfjF3L8NxHJmYx0WzG2/UXykrfkR6yKdNyp9lxe/4mjC4e1LYPXknD
mUlWcpy0m/qDVADUgDnQVZ0Y8mXdz6SpiRFKTI9Ew+xPTJzSAK4blveRcfcYwGqL
pDPiIanlxuVtghAx63z2pENGVHSXnCKD8z4wENjtF6A8gwPrNWO0vaMg9K0qdyti
f4rlURNcuUMO4YetkbXzY/D/5dunuJbGAdfInRcmOz5jEOIuKRcaPvj+Q/erAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUhjRxW2pMw0lVqFa4n4sEfsrnyYkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBAC11l4D
BAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA0aAAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAm0IyIorw4zZe/m2d0t99rjjZPJqIhn7zCEmxQXgd
roHbGp5fHkP0qivWnJFSogpqOGH6tDk8yzsi9wOS2QC/o5qpJtGTv9PC0MkjHJ9r
jZJUz/mj5afUeX0pzoPPF4NM4jGWaBK6k/1FcpasR6tOZ55WZlDABU21fphmxf+J
Mc1XycapApJeMArVsRxIGph/wdGXuPxIsYezQq00AbcXf+i7qhpUG5GbadzEhLkC
TMLR9i0IJDfvBgk/wlVhFXKNR9NeWnSQqBpWn9gOa09sgyigwE7dgluprqHxbufx
2ISN+26q0/TyoBjLb8858OCMZSJA56HYyrceiW0gWvA8Zg==
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:38:46 2026 by rpki-client