Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: l5XrEKC0DUDPPzO3d8T8XFwiF2XFKnmsW08/v7OfU9M=
Subject key identifier: 75:8E:27:F7:F2:35:0B:87:CA:60:A3:F2:9A:17:E1:74:2D:C6:0A:9E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5938AFD5C4F806781C11BFCD166B0CCE433101
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Fri 17 Jan 2025 06:27:19 +0000
ROA not before: Fri 17 Jan 2025 06:22:19 +0000
ROA not after: Fri 16 Jan 2026 06:27:19 +0000
asID: 16276
IP address blocks: 82.21.100.0/24 maxlen: 24
82.21.206.0/24 maxlen: 24
82.23.246.0/24 maxlen: 24
82.23.247.0/24 maxlen: 24
82.23.248.0/24 maxlen: 24
82.23.249.0/24 maxlen: 24
82.23.250.0/24 maxlen: 24
82.23.251.0/24 maxlen: 24
82.23.252.0/24 maxlen: 24
82.23.253.0/24 maxlen: 24
82.23.254.0/24 maxlen: 24
82.23.255.0/24 maxlen: 24
82.24.22.0/24 maxlen: 24
82.24.207.0/24 maxlen: 24
82.26.64.0/24 maxlen: 24
82.26.206.0/24 maxlen: 24
82.27.98.0/24 maxlen: 24
82.27.207.0/24 maxlen: 24
82.29.89.0/24 maxlen: 24
82.29.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:38:af:d5:c4:f8:06:78:1c:11:bf:cd:16:6b:0c:ce:43:31:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jan 17 06:22:19 2025 GMT
Not After : Jan 16 06:27:19 2026 GMT
Subject: CN=758E27F7F2350B87CA60A3F29A17E1742DC60A9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2f:db:82:a2:72:4c:ce:25:4d:65:41:d5:9e:
1b:93:77:97:c1:de:26:ab:ee:15:1b:48:a3:09:8b:
25:3f:8a:cb:58:7d:b7:13:f0:0b:d3:c8:1c:dc:fc:
a4:74:67:e3:c5:04:fc:fd:c3:e8:23:05:6c:f2:74:
12:9b:7a:41:9d:f3:f0:39:ff:40:9e:1c:bd:0e:8d:
6a:d6:08:f8:97:09:84:70:8f:98:df:88:2a:15:a1:
a2:fb:b9:2a:72:d0:88:52:c5:84:f6:e2:e5:59:85:
4a:fa:20:2d:00:69:e0:a3:0a:65:8c:56:c8:3c:98:
73:3f:af:f9:58:af:c6:dd:e7:75:d3:03:ff:39:24:
f9:8e:6d:32:a8:a2:52:0c:f1:4f:6c:56:48:c8:3a:
28:30:ca:8e:75:41:ed:2f:ff:d5:9c:b5:b5:1c:48:
36:d6:9e:4d:3d:72:b6:f9:aa:d6:0f:fd:d3:f3:79:
a2:f2:1a:9d:bf:73:5a:52:88:96:4b:be:61:19:9e:
6f:21:de:da:56:ad:f2:24:ab:f7:52:7a:41:e6:d3:
f5:03:50:e3:07:84:ab:48:68:3a:dc:1b:e4:c9:b4:
6f:32:f2:33:41:c6:e1:86:12:b7:a2:cc:9c:93:fe:
d8:4a:13:e9:47:0b:2b:58:f2:52:5a:14:38:83:5a:
3f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8E:27:F7:F2:35:0B:87:CA:60:A3:F2:9A:17:E1:74:2D:C6:0A:9E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.100.0/24
82.21.206.0/24
82.23.246.0-82.23.255.255
82.24.22.0/24
82.24.207.0/24
82.26.64.0/24
82.26.206.0/24
82.27.98.0/24
82.27.207.0/24
82.29.89.0/24
82.29.148.0/24
Signature Algorithm: sha256WithRSAEncryption
50:53:ca:fa:fd:e0:37:59:d7:94:fd:64:e9:5c:6d:5c:1d:36:
81:b0:29:7d:3a:45:80:1e:3d:17:32:0b:bb:5b:b3:20:5e:d4:
15:50:3a:a5:6b:1c:0f:21:10:5f:72:96:fe:0f:00:1c:cf:62:
80:0a:39:49:7b:a9:70:76:14:e5:be:92:de:e8:c0:9f:1c:c5:
a7:f8:d2:ad:3f:62:6d:68:95:68:1a:ac:fc:60:d8:08:25:f5:
27:69:20:79:00:f9:28:0b:87:37:04:9e:a3:91:59:f2:d6:4e:
54:9a:1d:19:7c:6d:74:38:57:55:6a:9b:df:89:e6:11:e5:ba:
1e:cd:92:06:2e:78:a6:02:46:d7:f3:e2:9b:cb:32:21:4c:11:
b1:f0:0c:ac:f3:03:17:e8:94:f7:22:85:9f:3e:d1:b2:da:a5:
48:94:0e:f2:79:39:99:ad:b7:23:d6:51:57:18:cc:13:61:ed:
5b:05:23:e9:6f:6a:a4:20:5d:07:2a:58:b4:54:16:81:c8:23:
14:b1:e8:da:6d:b0:fa:f9:6b:f5:1d:3f:e2:ac:4a:6c:09:d3:
dd:f6:fb:99:5f:83:f6:96:12:ea:f2:33:eb:90:03:17:43:dc:
ad:39:2f:1d:b5:1c:c0:d3:7f:c2:a4:f4:44:9a:64:58:de:01:
dd:4e:e2:9b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgITWTiv1cT4BngcEb/NFmsMzkMxATANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygyMThjYzZlMjQxMDVkZTZjNWM5MDAzZDY1MjQzODkzY2Iz
Y2ZkZDAxMB4XDTI1MDExNzA2MjIxOVoXDTI2MDExNjA2MjcxOVowMzExMC8GA1UE
AxMoNzU4RTI3RjdGMjM1MEI4N0NBNjBBM0YyOUExN0UxNzQyREM2MEE5RTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOYv24KickzOJU1lQdWeG5N3l8He
JqvuFRtIowmLJT+Ky1h9txPwC9PIHNz8pHRn48UE/P3D6CMFbPJ0Ept6QZ3z8Dn/
QJ4cvQ6NatYI+JcJhHCPmN+IKhWhovu5KnLQiFLFhPbi5VmFSvogLQBp4KMKZYxW
yDyYcz+v+Vivxt3nddMD/zkk+Y5tMqiiUgzxT2xWSMg6KDDKjnVB7S//1Zy1tRxI
NtaeTT1ytvmq1g/90/N5ovIanb9zWlKIlku+YRmebyHe2lat8iSr91J6QebT9QNQ
4weEq0hoOtwb5Mm0bzLyM0HG4YYSt6LMnJP+2EoT6UcLK1jyUloUOINaP98CAwEA
AaOCAkwwggJIMB0GA1UdDgQWBBR1jif38jULh8pgo/KaF+F0LcYKnjAfBgNVHSME
GDAWgBQhjMbiQQXebFyQA9ZSQ4k8s8/dATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS83MThhMWI0Zi1iNjRjLTQwMmMtYmUxNS1kZDgyYTQxYTFh
ZjYvMC8yMThDQzZFMjQxMDVERTZDNUM5MDAzRDY1MjQzODkzQ0IzQ0ZERDAxLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvSVl6RzRrRUYzbXhja0FQV1VrT0pQTFBQ
M1FFLmNlcjB6BggrBgEFBQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00
MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvQVMxNjI3Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBiBggrBgEFBQcBBwEB/wRTMFEwTwQCAAEwSQMEAFIVZAME
AFIVzjALAwQBUhf2AwMDUhADBABSGBYDBABSGM8DBABSGkADBABSGs4DBABSG2ID
BABSG88DBABSHVkDBABSHZQwDQYJKoZIhvcNAQELBQADggEBAFBTyvr94DdZ15T9
ZOlcbVwdNoGwKX06RYAePRcyC7tbsyBe1BVQOqVrHA8hEF9ylv4PABzPYoAKOUl7
qXB2FOW+kt7owJ8cxaf40q0/Ym1olWgarPxg2Agl9SdpIHkA+SgLhzcEnqORWfLW
TlSaHRl8bXQ4V1Vqm9+J5hHluh7NkgYueKYCRtfz4pvLMiFMEbHwDKzzAxfolPci
hZ8+0bLapUiUDvJ5OZmttyPWUVcYzBNh7VsFI+lvaqQgXQcqWLRUFoHIIxSx6Npt
sPr5a/UdP+KsSmwJ0932+5lfg/aWEuryM+uQAxdD3K05Lx21HMDTf8Kk9ESaZFje
Ad1O4ps=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:01 2025 by rpki-client