Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 5YJBUKN7ZLIl/Vjk+qI8RVIaEe8lbvYBlD2gESslUug=
Subject key identifier: 0F:BF:15:65:73:52:B1:56:8A:15:A6:B9:59:94:AC:50:79:39:7F:3D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2D62A8FBEBA77C6702039BBF8CD1EF3080516C43
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Tue 02 Jun 2026 12:57:38 +0000
ROA not before: Tue 02 Jun 2026 12:52:38 +0000
ROA not after: Tue 01 Jun 2027 12:57:38 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.15.0/24 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.51.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.24.190.0/24 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.81.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.29.126.0/24 maxlen: 24
82.38.2.0/24 maxlen: 24
82.38.32.0/24 maxlen: 24
82.38.35.0/24 maxlen: 24
82.38.82.0/24 maxlen: 24
82.38.124.0/22 maxlen: 24
82.38.140.0/22 maxlen: 24
82.38.152.0/22 maxlen: 24
82.38.156.0/22 maxlen: 24
82.38.160.0/22 maxlen: 24
82.38.164.0/22 maxlen: 24
82.38.224.0/22 maxlen: 24
82.38.228.0/22 maxlen: 24
82.38.232.0/22 maxlen: 24
82.38.236.0/22 maxlen: 24
82.38.240.0/22 maxlen: 24
82.38.244.0/22 maxlen: 24
82.38.248.0/22 maxlen: 24
82.38.252.0/22 maxlen: 24
82.39.108.0/24 maxlen: 24
82.39.156.0/22 maxlen: 24
82.39.176.0/22 maxlen: 24
82.39.180.0/22 maxlen: 24
82.39.216.0/22 maxlen: 24
82.39.224.0/22 maxlen: 24
82.40.0.0/22 maxlen: 24
82.40.4.0/22 maxlen: 24
82.40.8.0/22 maxlen: 24
82.40.12.0/22 maxlen: 24
82.40.16.0/22 maxlen: 24
82.41.44.0/22 maxlen: 24
82.41.52.0/22 maxlen: 24
82.41.68.0/22 maxlen: 24
82.41.80.0/22 maxlen: 24
82.41.88.0/22 maxlen: 24
82.41.100.0/22 maxlen: 24
82.41.104.0/22 maxlen: 24
82.41.108.0/22 maxlen: 24
82.41.124.0/22 maxlen: 24
82.41.134.0/24 maxlen: 24
82.41.148.0/22 maxlen: 24
82.41.152.0/22 maxlen: 24
82.41.160.0/22 maxlen: 24
82.41.164.0/22 maxlen: 24
82.41.172.0/22 maxlen: 24
82.41.176.0/22 maxlen: 24
82.41.184.0/22 maxlen: 24
82.41.188.0/22 maxlen: 24
82.41.204.0/22 maxlen: 24
82.41.212.0/22 maxlen: 24
82.41.224.0/22 maxlen: 24
82.41.228.0/22 maxlen: 24
82.47.36.0/23 maxlen: 23
82.47.63.0/24 maxlen: 24
82.47.98.0/24 maxlen: 24
82.47.185.0/24 maxlen: 24
178.83.45.0/24 maxlen: 24
178.83.46.0/24 maxlen: 24
2a13:9500:138::/48 maxlen: 48
2a13:9500:143::/48 maxlen: 48
2a13:9500:166::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:62:a8:fb:eb:a7:7c:67:02:03:9b:bf:8c:d1:ef:30:80:51:6c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:52:38 2026 GMT
Not After : Jun 1 12:57:38 2027 GMT
Subject: CN=0FBF15657352B1568A15A6B95994AC5079397F3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6b:fc:8a:25:0e:88:14:5f:a5:d0:79:00:53:
1a:3d:9e:f8:9a:fe:cf:e3:88:e3:a1:d9:09:41:1b:
9b:5d:d7:e9:44:8a:ce:6d:5a:19:f7:67:55:63:2d:
7b:00:bb:57:4e:54:de:f1:13:a5:3f:d8:32:77:24:
ac:e8:20:7e:7c:d3:12:78:ca:a3:a0:8e:ad:3e:49:
7f:a2:18:65:fa:36:ef:f2:c8:9c:73:16:c4:71:4b:
11:dd:71:25:97:28:c0:5e:c4:f3:68:f0:b0:48:66:
f8:fb:c5:0b:ce:ef:cb:d9:c6:c2:15:14:92:04:13:
7d:b3:23:5d:6b:d1:c3:90:cb:8d:ff:7c:23:e5:b8:
cc:bc:fa:4e:f1:7c:3f:fb:1f:dc:5d:72:fe:03:aa:
5d:61:ce:37:6c:9f:d1:58:4f:d4:2c:35:2e:11:d8:
0f:78:11:9d:ab:36:60:81:15:20:e1:7e:38:24:65:
5f:9b:d4:41:22:e1:19:bd:bf:4b:11:dd:7d:24:b6:
c9:13:2f:5b:20:6e:d9:12:44:ee:38:c7:e0:72:30:
cb:d7:96:88:36:eb:a9:c5:31:f3:ad:05:ac:50:dc:
73:14:2a:83:79:30:10:d1:c0:16:f3:53:51:8f:bf:
74:a0:f6:9a:35:8d:e8:d2:f5:c7:71:b0:4c:60:5f:
9e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BF:15:65:73:52:B1:56:8A:15:A6:B9:59:94:AC:50:79:39:7F:3D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.15.0/24
82.22.18.0/24
82.22.25.0/24
82.22.51.0/24
82.22.118.0/24
82.24.96.0/22
82.24.190.0/24
82.25.146.0/23
82.26.81.0/24
82.26.176.0/20
82.29.126.0/24
82.38.2.0/24
82.38.32.0/24
82.38.35.0/24
82.38.82.0/24
82.38.124.0/22
82.38.140.0/22
82.38.152.0-82.38.167.255
82.38.224.0/19
82.39.108.0/24
82.39.156.0/22
82.39.176.0/21
82.39.216.0/22
82.39.224.0/22
82.40.0.0-82.40.19.255
82.41.44.0/22
82.41.52.0/22
82.41.68.0/22
82.41.80.0/22
82.41.88.0/22
82.41.100.0-82.41.111.255
82.41.124.0/22
82.41.134.0/24
82.41.148.0-82.41.155.255
82.41.160.0/21
82.41.172.0-82.41.179.255
82.41.184.0/21
82.41.204.0/22
82.41.212.0/22
82.41.224.0/21
82.47.36.0/23
82.47.63.0/24
82.47.98.0/24
82.47.185.0/24
178.83.45.0-178.83.46.255
IPv6:
2a13:9500:138::/48
2a13:9500:143::/48
2a13:9500:166::/48
Signature Algorithm: sha256WithRSAEncryption
62:28:36:5f:ea:10:57:39:bd:74:89:a7:ed:27:24:b2:d3:f9:
65:b7:55:f5:c0:0f:4b:cc:12:fd:25:40:d5:79:89:f3:db:59:
83:5c:d6:ba:b7:b8:c1:7a:16:87:c6:ca:5f:da:88:ed:e7:a6:
43:fd:3e:ef:f7:7b:a4:aa:ae:05:91:bc:02:07:3a:1b:4e:41:
c7:cf:ff:8e:b3:d4:ed:a9:8d:fb:45:64:17:b7:51:84:72:ad:
62:17:67:a9:da:0d:cc:cb:d7:10:c1:da:d4:bd:af:af:7e:34:
a0:01:58:97:52:41:02:a4:78:5f:d6:41:ac:18:eb:24:8c:f6:
fc:b2:34:37:02:cb:f3:a9:82:75:a8:bc:d9:ee:f9:ab:19:bb:
bb:84:b3:c4:5a:87:fb:d3:4b:55:23:cb:e9:a2:83:b2:da:21:
cc:ae:02:0f:04:cc:16:50:8f:df:15:d7:95:8c:b6:c7:72:31:
dc:9a:08:fd:b9:df:08:84:e4:08:16:cf:09:0a:f2:1d:a4:53:
84:35:65:24:3b:80:4f:3b:0f:d9:b4:9d:f4:76:c8:0d:a5:4c:
cd:1a:14:0d:84:4d:a0:df:dd:6b:73:c3:44:df:c6:67:79:fc:
f2:2f:e5:f3:50:68:73:d5:98:3f:a5:6b:0e:d3:1b:a7:88:5b:
a7:f6:00:61
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgIULWKo++unfGcCA5u/jNHvMIBRbEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjUyMzhaFw0yNzA2MDExMjU3MzhaMDMxMTAvBgNV
BAMTKDBGQkYxNTY1NzM1MkIxNTY4QTE1QTZCOTU5OTRBQzUwNzkzOTdGM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCa/yKJQ6IFF+l0HkAUxo9nvia
/s/jiOOh2QlBG5td1+lEis5tWhn3Z1VjLXsAu1dOVN7xE6U/2DJ3JKzoIH580xJ4
yqOgjq0+SX+iGGX6Nu/yyJxzFsRxSxHdcSWXKMBexPNo8LBIZvj7xQvO78vZxsIV
FJIEE32zI11r0cOQy43/fCPluMy8+k7xfD/7H9xdcv4Dql1hzjdsn9FYT9QsNS4R
2A94EZ2rNmCBFSDhfjgkZV+b1EEi4Rm9v0sR3X0ktskTL1sgbtkSRO44x+ByMMvX
log266nFMfOtBaxQ3HMUKoN5MBDRwBbzU1GPv3Sg9po1jejS9cdxsExgX54JAgMB
AAGjggNzMIIDbzAdBgNVHQ4EFgQUD78VZXNSsVaKFaa5WZSsUHk5fz0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggGHBggrBgEFBQcBBwEB/wSCAXYwggFyMIIBSwQCAAEw
ggFDAwQAUhWLAwQAUhYPAwQAUhYSAwQAUhYZAwQAUhYzAwQAUhZ2AwQCUhhgAwQA
Uhi+AwQBUhmSAwQAUhpRAwQEUhqwAwQAUh1+AwQAUiYCAwQAUiYgAwQAUiYjAwQA
UiZSAwQCUiZ8AwQCUiaMMAwDBANSJpgDBANSJqADBAVSJuADBABSJ2wDBAJSJ5wD
BANSJ7ADBAJSJ9gDBAJSJ+AwCwMDA1IoAwQCUigQAwQCUiksAwQCUik0AwQCUilE
AwQCUilQAwQCUilYMAwDBAJSKWQDBARSKWADBAJSKXwDBABSKYYwDAMEAlIplAME
AlIpmAMEA1IpoDAMAwQCUimsAwQCUimwAwQDUim4AwQCUinMAwQCUinUAwQDUing
AwQBUi8kAwQAUi8/AwQAUi9iAwQAUi+5MAwDBACyUy0DBACyUy4wIQQCAAIwGwMH
ACoTlQABOAMHACoTlQABQwMHACoTlQABZjANBgkqhkiG9w0BAQsFAAOCAQEAYig2
X+oQVzm9dImn7SckstP5ZbdV9cAPS8wS/SVA1XmJ89tZg1zWure4wXoWh8bKX9qI
7eemQ/0+7/d7pKquBZG8Agc6G05Bx8//jrPU7amN+0VkF7dRhHKtYhdnqdoNzMvX
EMHa1L2vr340oAFYl1JBAqR4X9ZBrBjrJIz2/LI0NwLL86mCdai82e75qxm7u4Sz
xFqH+9NLVSPL6aKDstohzK4CDwTMFlCP3xXXlYy2x3Ix3JoI/bnfCITkCBbPCQry
HaRThDVlJDuATzsP2bSd9HbIDaVMzRoUDYRNoN/da3PDRN/GZ3n88i/l81Boc9WY
P6VrDtMbp4hbp/YAYQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:18:12 2026 by rpki-client