Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: 7/nS480AGWoz53TfWCbSoqzAsl6WxPoxcqlVDZRFOyM=
Subject key identifier: E0:AB:97:B0:8D:87:0F:80:A5:EA:F6:6E:91:B9:29:68:EE:84:06:A0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2CA7F3A2E83E16FC539644303812B14C20E96644
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Thu 05 Mar 2026 12:44:59 +0000
ROA not before: Thu 05 Mar 2026 12:39:59 +0000
ROA not after: Thu 04 Mar 2027 12:44:59 +0000
asID: 16509
IP address blocks: 45.139.182.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 13:35:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:a7:f3:a2:e8:3e:16:fc:53:96:44:30:38:12:b1:4c:20:e9:66:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 5 12:39:59 2026 GMT
Not After : Mar 4 12:44:59 2027 GMT
Subject: CN=E0AB97B08D870F80A5EAF66E91B92968EE8406A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:bd:15:48:b8:cb:01:88:93:f4:0d:09:61:
48:d1:1b:ef:1d:ed:09:d0:31:41:c3:8e:f8:39:b9:
00:5b:35:90:64:44:d0:e9:15:63:08:cf:d7:b9:78:
92:9b:a9:b4:d9:64:e9:94:25:28:1b:3c:43:6e:3a:
32:5d:cf:46:52:45:a7:a2:fd:70:de:3a:e0:cc:4a:
ea:0a:47:cf:00:11:b6:62:a0:29:67:ac:a6:5c:f4:
5a:ee:75:42:7e:77:0c:11:34:f4:de:04:74:05:b4:
75:0b:6e:ef:23:af:91:6e:1b:b0:00:7a:63:32:7e:
fd:a1:7e:96:8d:d0:2a:2a:30:43:67:60:d7:e9:9a:
90:4c:f7:07:99:78:0e:56:37:fe:25:30:de:41:f2:
d9:7e:a3:6e:39:8e:55:68:a5:06:a0:ca:31:08:5a:
1f:82:c0:21:1c:fd:0d:04:52:3e:93:b3:1b:dc:26:
21:0d:b4:10:51:0b:3d:1a:1f:5e:2e:7b:06:17:ff:
86:61:19:be:7d:e4:ed:1e:f5:4e:97:3a:7f:3b:ad:
98:37:90:fa:d2:15:d1:d4:8c:29:63:77:c4:56:70:
66:70:61:17:3e:74:ac:8a:fc:13:a8:05:e9:53:5a:
35:29:35:15:fb:d3:44:9a:05:eb:a2:45:20:1c:68:
fa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AB:97:B0:8D:87:0F:80:A5:EA:F6:6E:91:B9:29:68:EE:84:06:A0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/24
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6c:21:d6:70:16:a5:9e:25:f1:7f:ce:2d:00:6f:5d:fc:b9:
67:68:8c:4f:36:52:90:17:ef:8d:52:0d:80:2d:5d:f7:a0:0a:
70:f0:66:b7:80:8f:61:a3:38:dc:45:06:19:29:99:15:a1:b2:
1f:ee:54:5a:c6:0b:bb:ba:23:12:02:4b:87:ec:5b:94:b3:9e:
25:5a:5e:79:a5:7b:70:88:84:41:b9:4d:73:97:bf:35:94:ca:
51:82:8f:9d:66:89:1f:14:7c:ab:6c:f9:30:ea:22:0c:2e:46:
94:7d:1f:aa:8f:1f:d8:93:f1:3a:8e:8d:c6:8e:ef:98:a0:ae:
f9:74:09:9b:fa:da:30:0e:52:bf:33:a9:5e:f2:89:85:ef:58:
61:bf:60:66:95:bb:b6:b4:6c:95:52:e7:0c:b2:e9:94:d3:c9:
34:08:f1:71:e4:54:9e:01:9f:b8:5c:48:11:49:a9:d8:3e:f8:
c6:ab:e8:00:f0:9a:fb:92:5b:96:2e:12:7a:04:5a:ec:e7:b2:
a1:87:e0:ca:db:0a:4d:7c:83:c9:eb:39:74:45:5a:14:ce:8d:
03:63:6b:df:5a:d2:88:2e:c5:b0:cb:66:2c:30:89:99:d1:bd:
0b:fc:a4:2c:a2:42:d8:10:d0:54:f4:90:8d:c7:b1:3d:39:84:
55:46:47:b2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIULKfzoug+FvxTlkQwOBKxTCDpZkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMDUxMjM5NTlaFw0yNzAzMDQxMjQ0NTlaMDMxMTAvBgNV
BAMTKEUwQUI5N0IwOEQ4NzBGODBBNUVBRjY2RTkxQjkyOTY4RUU4NDA2QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYmr0VSLjLAYiT9A0JYUjRG+8d
7QnQMUHDjvg5uQBbNZBkRNDpFWMIz9e5eJKbqbTZZOmUJSgbPENuOjJdz0ZSRaei
/XDeOuDMSuoKR88AEbZioClnrKZc9FrudUJ+dwwRNPTeBHQFtHULbu8jr5FuG7AA
emMyfv2hfpaN0CoqMENnYNfpmpBM9weZeA5WN/4lMN5B8tl+o245jlVopQagyjEI
Wh+CwCEc/Q0EUj6TsxvcJiENtBBRCz0aH14uewYX/4ZhGb595O0e9U6XOn87rZg3
kPrSFdHUjCljd8RWcGZwYRc+dKyK/BOoBelTWjUpNRX700SaBeuiRSAcaPqxAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU4KuXsI2HD4Cl6vZukbkpaO6EBqAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAAti7YD
BAC11l4DBAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDQYJKoZIhvcNAQEL
BQADggEBAA5sIdZwFqWeJfF/zi0Ab138uWdojE82UpAX741SDYAtXfegCnDwZreA
j2GjONxFBhkpmRWhsh/uVFrGC7u6IxICS4fsW5SzniVaXnmle3CIhEG5TXOXvzWU
ylGCj51miR8UfKts+TDqIgwuRpR9H6qPH9iT8TqOjcaO75igrvl0CZv62jAOUr8z
qV7yiYXvWGG/YGaVu7a0bJVS5wyy6ZTTyTQI8XHkVJ4Bn7hcSBFJqdg++Mar6ADw
mvuSW5YuEnoEWuznsqGH4MrbCk18g8nrOXRFWhTOjQNja99a0oguxbDLZiwwiZnR
vQv8pCyiQtgQ0FT0kI3HsT05hFVGR7I=
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:34:52 2026 by rpki-client