Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: cfXKVcVHgzIn2MPy1ZGsfIVo5YUFjeJDkn5P2eD+ac4=
Subject key identifier: FF:86:8B:6C:44:99:3A:0D:A6:E5:5A:61:DF:31:D7:7A:FC:92:B2:E8
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6DAA0AAB910397091C7D799B5A36149DDBCB1AAF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Mon 02 Jun 2025 00:01:10 +0000
ROA not before: Sun 01 Jun 2025 23:56:10 +0000
ROA not after: Mon 01 Jun 2026 00:01:10 +0000
asID: 16509
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 06:41:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:aa:0a:ab:91:03:97:09:1c:7d:79:9b:5a:36:14:9d:db:cb:1a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 1 23:56:10 2025 GMT
Not After : Jun 1 00:01:10 2026 GMT
Subject: CN=FF868B6C44993A0DA6E55A61DF31D77AFC92B2E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:70:e7:0f:c1:cf:3c:cf:a5:de:d3:43:ae:
e9:87:6b:d7:00:60:66:f3:af:2d:0f:ff:67:b3:73:
b3:90:8e:d2:0b:79:83:66:68:d1:73:ae:31:92:c5:
72:da:17:44:9c:5f:2f:14:62:59:86:1c:0e:86:ba:
e0:bf:b6:d1:b3:64:53:e6:af:1b:0e:a5:68:62:21:
1e:ac:7e:f3:af:cc:bc:74:ac:74:a0:25:bb:ee:6a:
23:ae:36:5b:62:12:1c:03:7e:2a:5f:63:d1:5d:56:
b6:ea:96:bc:98:94:71:70:be:34:b0:51:67:47:ee:
d2:0f:e7:75:25:04:b4:c5:30:bf:85:97:41:b7:78:
34:16:5b:6a:1e:03:bc:27:a0:63:34:7c:de:f1:3d:
36:cc:62:69:6c:b5:b6:1f:3e:02:0d:20:03:26:31:
8d:7b:97:d1:ba:01:5f:27:ca:8c:63:9c:2f:c3:4a:
ee:7c:2b:a8:e1:37:97:7e:ba:b1:7a:da:46:57:a6:
88:eb:aa:a6:fc:2f:31:5f:67:3a:4c:43:9e:81:94:
b7:05:b4:c8:e5:1a:47:01:74:0b:3f:ca:31:dc:0c:
49:67:ec:fe:b6:b2:28:ca:5b:01:69:59:83:48:63:
84:56:13:b7:97:19:51:0a:d9:64:4e:a8:58:1e:ae:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:86:8B:6C:44:99:3A:0D:A6:E5:5A:61:DF:31:D7:7A:FC:92:B2:E8
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
185.151.58.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:da:02:d8:da:21:8b:d1:58:4a:13:5b:47:06:a5:5e:f7:e7:
04:31:86:01:13:bb:8f:ca:d6:b3:14:11:29:e9:df:80:72:bd:
31:d5:db:ad:6c:a1:d5:9c:df:19:9c:a9:46:8d:29:27:0d:8d:
16:8e:41:e7:9a:c2:a4:d1:f6:6e:ee:6b:41:7e:08:0f:cc:1d:
40:0e:bd:ac:6d:57:2b:1b:5b:99:f2:39:e7:08:08:59:75:fd:
8b:70:cd:f7:ed:23:20:2b:7b:22:e9:1f:bc:57:87:7c:72:c9:
6c:eb:5c:a0:02:6b:28:55:24:0a:ca:48:79:e2:d5:42:0e:e9:
d9:1a:71:c0:c8:4f:b5:ff:24:91:cb:52:52:b6:d7:e5:c6:f9:
28:12:8b:42:91:b3:51:7e:a3:89:87:8c:3c:a1:39:de:f8:b4:
d0:b6:82:a3:8a:fd:c5:5b:d0:d3:bc:08:b8:d7:6a:6d:ff:3c:
b3:76:e1:07:03:4a:3d:cc:31:9c:cc:c3:ac:3a:47:97:e0:f0:
89:0f:eb:e2:ad:f8:20:3c:64:6a:a3:58:97:6e:f4:4b:15:77:
73:a4:43:62:43:24:c0:e1:a7:67:b5:eb:c1:e1:48:66:37:4e:
58:1d:23:2a:48:1f:23:44:87:a7:5b:0e:c1:36:6d:02:b1:ff:
de:fe:d7:4e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbaoKq5EDlwkcfXmbWjYUndvLGq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MDEyMzU2MTBaFw0yNjA2MDEwMDAxMTBaMDMxMTAvBgNV
BAMTKEZGODY4QjZDNDQ5OTNBMERBNkU1NUE2MURGMzFENzdBRkM5MkIyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd83DnD8HPPM+l3tNDrumHa9cA
YGbzry0P/2ezc7OQjtILeYNmaNFzrjGSxXLaF0ScXy8UYlmGHA6GuuC/ttGzZFPm
rxsOpWhiIR6sfvOvzLx0rHSgJbvuaiOuNltiEhwDfipfY9FdVrbqlryYlHFwvjSw
UWdH7tIP53UlBLTFML+Fl0G3eDQWW2oeA7wnoGM0fN7xPTbMYmlstbYfPgINIAMm
MY17l9G6AV8nyoxjnC/DSu58K6jhN5d+urF62kZXpojrqqb8LzFfZzpMQ56BlLcF
tMjlGkcBdAs/yjHcDEln7P62sijKWwFpWYNIY4RWE7eXGVEK2WROqFgeroZzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/4aLbESZOg2m5Vph3zHXevySsugwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC5lzoDBAC/YMwDBAC/ZW8D
BAC/Zd8wDQYJKoZIhvcNAQELBQADggEBAK7aAtjaIYvRWEoTW0cGpV735wQxhgET
u4/K1rMUESnp34ByvTHV261sodWc3xmcqUaNKScNjRaOQeeawqTR9m7ua0F+CA/M
HUAOvaxtVysbW5nyOecICFl1/YtwzfftIyAreyLpH7xXh3xyyWzrXKACayhVJArK
SHni1UIO6dkaccDIT7X/JJHLUlK21+XG+SgSi0KRs1F+o4mHjDyhOd74tNC2gqOK
/cVb0NO8CLjXam3/PLN24QcDSj3MMZzMw6w6R5fg8IkP6+Kt+CA8ZGqjWJdu9EsV
d3OkQ2JDJMDhp2e168HhSGY3TlgdIypIHyNEh6dbDsE2bQKx/97+104=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:25:39 2025 by rpki-client