Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: RTX81q8HSZNJ+pS35LfVcom53Ryj/daS1KYAv1489rc=
Subject key identifier: A9:95:94:AE:5C:B5:63:B6:BF:95:FA:3F:A0:EB:C9:47:5E:A8:BC:3F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 26B75E7891031AD8F28C706D65BF9BC2B7F9FFCC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Mon 31 Mar 2025 14:41:03 +0000
ROA not before: Mon 31 Mar 2025 14:36:03 +0000
ROA not after: Mon 30 Mar 2026 14:41:03 +0000
asID: 16276
IP address blocks: 82.22.118.0/24 maxlen: 24
82.23.190.0/24 maxlen: 24
82.25.135.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:b7:5e:78:91:03:1a:d8:f2:8c:70:6d:65:bf:9b:c2:b7:f9:ff:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 31 14:36:03 2025 GMT
Not After : Mar 30 14:41:03 2026 GMT
Subject: CN=A99594AE5CB563B6BF95FA3FA0EBC9475EA8BC3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:98:b8:4e:27:89:a7:82:67:70:d1:ac:8b:5a:
4a:0b:30:5c:0d:0a:f2:47:f7:09:1e:fa:e5:de:2a:
39:14:7b:f7:4a:10:f4:91:6f:e0:a9:91:8f:fb:82:
02:72:56:7d:0c:8a:a3:95:1c:f3:dc:94:d5:ff:80:
81:df:c9:42:95:d9:f7:bf:15:94:69:72:78:cc:48:
51:19:10:45:43:76:4c:0e:00:df:5a:1f:d9:16:23:
13:e3:e1:6d:94:00:07:cb:ba:30:e7:1c:97:3c:6d:
51:9c:6b:4c:8c:f6:8f:97:1f:6f:a7:2a:81:4f:9a:
87:d5:ac:84:4a:cc:54:6f:43:d6:ba:af:bd:b8:be:
ed:ee:8e:73:84:75:9b:f7:2a:f9:02:7c:0f:73:06:
dd:a7:ff:71:00:c9:1b:85:7a:65:51:11:29:72:60:
07:03:af:a6:a1:ef:33:94:e3:6d:c7:5f:88:d9:26:
6b:61:36:b0:98:56:19:c4:19:ee:ac:7f:9d:4d:e9:
8b:2d:a8:8c:bd:1d:20:4f:cd:0a:c6:c8:d4:a8:ec:
24:12:75:40:d0:ef:30:d0:cf:68:c5:fa:e4:a7:6a:
58:c7:6e:ac:50:72:93:1b:56:6d:e9:38:ad:ec:b7:
57:7f:dd:02:4c:b4:55:de:e0:18:84:a0:aa:d0:1e:
de:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:95:94:AE:5C:B5:63:B6:BF:95:FA:3F:A0:EB:C9:47:5E:A8:BC:3F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.118.0/24
82.23.190.0/24
82.25.135.0/24
82.26.202.0/24
82.27.197.0/24
Signature Algorithm: sha256WithRSAEncryption
91:e0:fc:4d:9f:12:52:ff:af:56:72:58:54:82:0a:6e:b6:6f:
fe:9b:2e:11:cd:a5:84:0d:4b:69:4a:5f:31:0c:ec:67:89:9f:
40:de:48:97:af:16:b1:e4:38:ca:eb:e2:3b:01:d2:a8:14:51:
77:08:61:07:45:45:2a:86:c5:e0:e9:1d:81:67:32:50:ff:13:
86:58:59:45:c0:9d:57:cb:60:49:10:4c:3f:fc:0d:01:47:43:
2e:93:a1:e8:9b:19:30:b7:ef:e4:36:61:b6:a2:f2:9a:b9:2b:
2d:58:6c:e2:e7:fe:98:34:33:1f:57:a0:d7:10:27:af:0a:80:
6c:1f:3b:e8:36:de:31:34:68:c4:41:b0:7b:21:af:33:50:14:
03:52:29:49:bf:cd:fc:5a:3d:a2:fb:a9:29:26:54:3e:ad:a5:
b2:41:f1:94:f8:78:5d:0d:18:b0:eb:10:0d:c0:ae:e9:5f:f3:
17:f0:13:49:d5:d6:a7:fa:08:f6:7c:d8:16:cd:75:32:ca:03:
a0:22:0a:40:da:a6:9a:9a:96:e2:c6:d8:26:b9:eb:f1:20:c7:
b2:f8:a8:fa:c0:21:f5:ac:ed:71:a9:20:f3:2c:26:d1:81:38:
fd:86:81:0e:d6:e2:a1:da:41:cf:0f:ae:d9:4f:57:75:d8:f4:
39:cc:18:32
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUJrdeeJEDGtjyjHBtZb+bwrf5/8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMzExNDM2MDNaFw0yNjAzMzAxNDQxMDNaMDMxMTAvBgNV
BAMTKEE5OTU5NEFFNUNCNTYzQjZCRjk1RkEzRkEwRUJDOTQ3NUVBOEJDM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpmLhOJ4mngmdw0ayLWkoLMFwN
CvJH9wke+uXeKjkUe/dKEPSRb+CpkY/7ggJyVn0MiqOVHPPclNX/gIHfyUKV2fe/
FZRpcnjMSFEZEEVDdkwOAN9aH9kWIxPj4W2UAAfLujDnHJc8bVGca0yM9o+XH2+n
KoFPmofVrIRKzFRvQ9a6r724vu3ujnOEdZv3KvkCfA9zBt2n/3EAyRuFemVRESly
YAcDr6ah7zOU423HX4jZJmthNrCYVhnEGe6sf51N6YstqIy9HSBPzQrGyNSo7CQS
dUDQ7zDQz2jF+uSnaljHbqxQcpMbVm3pOK3st1d/3QJMtFXe4BiEoKrQHt5tAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUqZWUrly1Y7a/lfo/oOvJR16ovD8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABSFnYD
BABSF74DBABSGYcDBABSGsoDBABSG8UwDQYJKoZIhvcNAQELBQADggEBAJHg/E2f
ElL/r1ZyWFSCCm62b/6bLhHNpYQNS2lKXzEM7GeJn0DeSJevFrHkOMrr4jsB0qgU
UXcIYQdFRSqGxeDpHYFnMlD/E4ZYWUXAnVfLYEkQTD/8DQFHQy6ToeibGTC37+Q2
Ybai8pq5Ky1YbOLn/pg0Mx9XoNcQJ68KgGwfO+g23jE0aMRBsHshrzNQFANSKUm/
zfxaPaL7qSkmVD6tpbJB8ZT4eF0NGLDrEA3Arulf8xfwE0nV1qf6CPZ82BbNdTLK
A6AiCkDappqaluLG2Ca56/Egx7L4qPrAIfWs7XGpIPMsJtGBOP2GgQ7W4qHaQc8P
rtlPV3XY9DnMGDI=
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:40 2025 by rpki-client