Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 4iFY111o1H5kYMYfPJc0EbSNGkdjJaZ26SrR2/P+/k0=
Subject key identifier: 29:E6:36:94:BA:36:79:C6:26:FF:77:C8:F9:3B:E1:04:47:0F:A6:20
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2001AFA0D375E7B7EB22B80ED8160963C64F569F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Tue 26 Aug 2025 00:03:46 +0000
ROA not before: Mon 25 Aug 2025 23:58:46 +0000
ROA not after: Tue 25 Aug 2026 00:03:46 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.200.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:01:af:a0:d3:75:e7:b7:eb:22:b8:0e:d8:16:09:63:c6:4f:56:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 25 23:58:46 2025 GMT
Not After : Aug 25 00:03:46 2026 GMT
Subject: CN=29E63694BA3679C626FF77C8F93BE104470FA620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:91:e6:54:d9:7f:5e:3c:c5:9d:4d:02:0a:
24:b8:4f:b9:ce:92:11:83:ce:fd:88:09:fb:92:17:
01:1e:e1:2d:09:94:44:14:1f:75:66:fa:3d:8b:7a:
f3:3c:4c:93:e4:31:6b:e2:40:ce:80:fc:4c:09:97:
89:bb:05:d8:f6:0e:5b:f0:46:01:ea:7f:dd:f6:a4:
f6:5b:a3:1e:72:4f:1f:4b:94:1e:53:3a:9c:5c:e3:
ab:79:84:3e:f8:aa:f4:dc:d9:ba:be:b0:7b:b3:6b:
a3:14:ba:08:c5:6c:bb:c9:07:61:7d:5c:d2:de:e2:
a0:7b:c4:5d:9a:17:5d:9f:d6:aa:0a:18:17:51:26:
73:33:74:d7:d6:44:74:6b:3e:4e:6e:ae:6e:5d:2f:
df:db:c5:87:59:f1:6d:89:b6:bf:03:e7:28:25:d7:
d3:dc:cb:d2:6a:d1:d6:27:5d:52:a7:f4:1d:58:64:
c5:b4:44:a6:90:1f:ca:44:ef:ba:a3:40:61:0b:21:
34:57:ca:4c:89:84:0c:a5:f7:5f:52:a6:6f:98:8b:
c0:80:2c:45:54:27:df:ff:08:6a:e4:44:fb:5f:f8:
a4:71:d5:a2:bb:55:a2:a1:d1:ae:3d:1a:ef:ab:f8:
aa:dc:21:db:2f:45:22:80:e0:5f:ba:b6:09:7e:8b:
6e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E6:36:94:BA:36:79:C6:26:FF:77:C8:F9:3B:E1:04:47:0F:A6:20
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.118.0/24
82.24.96.0/22
82.25.146.0/23
82.25.200.0/24
82.26.176.0/20
Signature Algorithm: sha256WithRSAEncryption
92:41:1c:0c:61:a2:eb:22:18:5a:b9:57:54:38:f7:c4:fb:39:
b9:5d:ff:77:4b:91:e0:e5:27:09:60:5e:bc:9e:5c:50:9e:bd:
5e:26:26:d0:19:40:20:d0:ad:49:80:3d:23:c3:43:2a:d9:6f:
1f:21:6c:7f:15:73:bb:fe:87:8c:82:8d:a1:b3:7b:fa:e7:ab:
e8:04:96:99:66:dd:16:e5:fa:ac:2a:1f:4f:ee:dc:8e:1e:14:
38:da:fa:42:0a:b9:13:11:d5:b5:4c:8f:3c:b8:80:43:0d:53:
d2:b6:3c:ba:25:9d:91:31:79:5d:8c:ee:dd:56:41:4e:a0:11:
fd:b5:92:3f:56:7d:64:e5:ef:a0:6f:4e:83:9e:04:88:81:dc:
21:d1:ec:8a:12:ed:13:13:44:2c:c8:be:75:42:7a:c9:cd:b9:
7f:8d:aa:04:56:00:15:fd:e2:90:56:9b:14:73:04:a9:c7:90:
bc:78:ca:90:ac:18:06:8d:3e:57:9e:2d:b4:db:65:de:af:1f:
dd:ce:be:a7:45:c9:b8:e6:dd:27:3f:92:4d:ed:f9:42:3c:8b:
f9:80:38:b7:e0:e6:5b:4e:5d:1e:4b:d6:f4:cd:92:12:f9:7f:
ef:4a:be:7d:7f:b1:d2:0e:7a:3c:bb:d1:4f:e3:97:f9:9c:14:
30:82:c2:bd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUIAGvoNN157frIrgO2BYJY8ZPVp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjUyMzU4NDZaFw0yNjA4MjUwMDAzNDZaMDMxMTAvBgNV
BAMTKDI5RTYzNjk0QkEzNjc5QzYyNkZGNzdDOEY5M0JFMTA0NDcwRkE2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvFZHmVNl/XjzFnU0CCiS4T7nO
khGDzv2ICfuSFwEe4S0JlEQUH3Vm+j2LevM8TJPkMWviQM6A/EwJl4m7Bdj2Dlvw
RgHqf932pPZbox5yTx9LlB5TOpxc46t5hD74qvTc2bq+sHuza6MUugjFbLvJB2F9
XNLe4qB7xF2aF12f1qoKGBdRJnMzdNfWRHRrPk5urm5dL9/bxYdZ8W2Jtr8D5ygl
19Pcy9Jq0dYnXVKn9B1YZMW0RKaQH8pE77qjQGELITRXykyJhAyl919Spm+Yi8CA
LEVUJ9//CGrkRPtf+KRx1aK7VaKh0a49Gu+r+KrcIdsvRSKA4F+6tgl+i25hAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUKeY2lLo2ecYm/3fI+TvhBEcPpiAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABSFYsD
BABSFnYDBAJSGGADBAFSGZIDBABSGcgDBARSGrAwDQYJKoZIhvcNAQELBQADggEB
AJJBHAxhousiGFq5V1Q498T7Obld/3dLkeDlJwlgXryeXFCevV4mJtAZQCDQrUmA
PSPDQyrZbx8hbH8Vc7v+h4yCjaGze/rnq+gElplm3Rbl+qwqH0/u3I4eFDja+kIK
uRMR1bVMjzy4gEMNU9K2PLolnZExeV2M7t1WQU6gEf21kj9WfWTl76BvToOeBIiB
3CHR7IoS7RMTRCzIvnVCesnNuX+NqgRWABX94pBWmxRzBKnHkLx4ypCsGAaNPlee
LbTbZd6vH93OvqdFybjm3Sc/kk3t+UI8i/mAOLfg5ltOXR5L1vTNkhL5f+9Kvn1/
sdIOejy70U/jl/mcFDCCwr0=
-----END CERTIFICATE-----
Generated at Fri Sep 5 09:53:49 2025 by rpki-client