Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: vOYbIUHAQnFX3mOPFnkh5APukb0fP9526dakVQmWe+I=
Subject key identifier: C6:2D:82:15:48:FE:F9:41:84:4E:D5:11:A6:7E:D7:F6:35:78:E2:74
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 488F33C59754004350C9BC7515E8EFFD88197461
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Wed 04 Jun 2025 07:04:53 +0000
ROA not before: Wed 04 Jun 2025 06:59:53 +0000
ROA not after: Wed 03 Jun 2026 07:04:53 +0000
asID: 16276
IP address blocks: 82.22.118.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.23.190.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.135.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:8f:33:c5:97:54:00:43:50:c9:bc:75:15:e8:ef:fd:88:19:74:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 4 06:59:53 2025 GMT
Not After : Jun 3 07:04:53 2026 GMT
Subject: CN=C62D821548FEF941844ED511A67ED7F63578E274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:22:1f:fe:4b:20:31:3c:a8:2c:0b:27:94:
ef:ed:0a:3a:bd:38:ce:35:e9:a3:1e:74:42:82:29:
f4:8c:6a:af:f9:70:8a:e0:63:4d:e6:54:dd:e4:d6:
b3:39:ee:96:6d:2c:d6:f0:55:53:11:db:d8:4a:f4:
1c:e9:47:26:d0:05:75:8c:33:9b:97:5f:55:8a:7c:
99:58:45:f7:9a:af:aa:50:43:6b:16:b2:ee:c9:90:
c7:93:92:d0:96:28:30:a9:b6:0a:e4:dd:62:2b:97:
d8:16:4a:ab:e8:c5:a0:39:5a:11:ff:36:a3:2f:37:
3e:3c:61:73:12:81:aa:fa:dd:e0:8e:9a:af:31:57:
c5:7b:a2:40:d0:ad:9e:7c:3a:8d:9c:2e:51:c0:e8:
6f:e6:fd:0b:cb:fc:48:87:bd:18:ad:a7:4a:e8:22:
ea:4c:36:78:bf:d6:20:cc:32:52:c5:7f:5c:86:e1:
c6:9f:51:41:d2:3d:7e:a4:85:a4:cc:dc:50:11:b1:
93:a4:41:32:35:2a:20:10:fe:88:24:8d:e7:a1:f5:
00:0a:a1:f0:36:0e:35:c7:45:bb:21:17:be:01:00:
17:dc:6d:b4:91:70:5d:fd:3a:9b:7b:1b:bb:57:c6:
1e:04:14:0c:fa:b0:64:98:ff:ca:62:d1:65:10:d2:
5f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:82:15:48:FE:F9:41:84:4E:D5:11:A6:7E:D7:F6:35:78:E2:74
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.118.0/24
82.22.196.0/24
82.23.190.0/24
82.24.96.0/22
82.25.135.0/24
82.26.202.0/24
82.27.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:7f:6c:a0:1a:51:99:3f:f8:7f:9f:31:2b:fe:b5:a7:1a:53:
b0:00:17:15:ad:51:fc:59:c6:45:54:8d:14:b6:b8:c7:9e:09:
fa:71:22:0e:8d:d3:f2:1d:0d:41:88:8f:cd:7c:71:fb:37:36:
27:ca:bf:76:a5:65:17:95:5a:0f:e9:03:58:d3:87:06:bc:50:
d5:30:b5:e5:c1:ee:52:2f:a8:89:58:27:3f:ba:54:2f:7c:d3:
2c:f1:d7:26:0d:4b:cd:74:6c:9b:e4:8f:90:2e:64:17:7b:0d:
f7:32:9d:5f:8d:f4:ed:13:1c:00:84:9a:6c:1c:85:8e:b4:21:
8a:2f:af:ff:c3:ce:65:79:3f:a5:8c:89:c1:01:99:3e:2b:32:
92:27:63:ac:1e:c6:94:82:38:f4:ab:99:54:db:44:ad:df:a5:
ac:b7:5f:ce:af:82:02:ca:5f:bc:6b:c7:fb:45:95:b3:29:08:
76:d5:08:2d:9c:38:78:2a:12:37:c4:1f:74:d5:e7:42:98:52:
03:a7:dc:37:4a:76:a2:8b:ba:2f:7c:6d:22:9a:17:fd:4e:a2:
27:29:f1:39:15:eb:0a:56:f2:57:84:26:a6:0a:07:03:36:f6:
3b:8e:b7:8d:fe:fd:19:80:91:fb:50:eb:bd:5e:a7:7b:2e:70:
a1:02:4d:c1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUSI8zxZdUAENQybx1Fejv/YgZdGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDQwNjU5NTNaFw0yNjA2MDMwNzA0NTNaMDMxMTAvBgNV
BAMTKEM2MkQ4MjE1NDhGRUY5NDE4NDRFRDUxMUE2N0VEN0Y2MzU3OEUyNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxNyIf/ksgMTyoLAsnlO/tCjq9
OM416aMedEKCKfSMaq/5cIrgY03mVN3k1rM57pZtLNbwVVMR29hK9BzpRybQBXWM
M5uXX1WKfJlYRfear6pQQ2sWsu7JkMeTktCWKDCptgrk3WIrl9gWSqvoxaA5WhH/
NqMvNz48YXMSgar63eCOmq8xV8V7okDQrZ58Oo2cLlHA6G/m/QvL/EiHvRitp0ro
IupMNni/1iDMMlLFf1yG4cafUUHSPX6khaTM3FARsZOkQTI1KiAQ/ogkjeeh9QAK
ofA2DjXHRbshF74BABfcbbSRcF39Opt7G7tXxh4EFAz6sGSY/8pi0WUQ0l99AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUxi2CFUj++UGETtURpn7X9jV44nQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABSFnYD
BABSFsQDBABSF74DBAJSGGADBABSGYcDBABSGsoDBABSG8UwDQYJKoZIhvcNAQEL
BQADggEBAKZ/bKAaUZk/+H+fMSv+tacaU7AAFxWtUfxZxkVUjRS2uMeeCfpxIg6N
0/IdDUGIj818cfs3NifKv3alZReVWg/pA1jThwa8UNUwteXB7lIvqIlYJz+6VC98
0yzx1yYNS810bJvkj5AuZBd7DfcynV+N9O0THACEmmwchY60IYovr//DzmV5P6WM
icEBmT4rMpInY6wexpSCOPSrmVTbRK3fpay3X86vggLKX7xrx/tFlbMpCHbVCC2c
OHgqEjfEH3TV50KYUgOn3DdKdqKLui98bSKaF/1Ooicp8TkV6wpW8leEJqYKBwM2
9juOt43+/RmAkftQ671ep3sucKECTcE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:19 2025 by rpki-client