Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: sZKL2YdxpFZXgYQDP8ZiGO73TVStOVPlpa7wLzFkueE=
Subject key identifier: 9F:7B:5C:AC:CF:CE:D9:02:F3:83:B4:7B:39:4E:9A:00:12:99:F7:D6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3C7F56F6ADCB32E5F00DA4275C3C644D6ACAAF43
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Sat 18 Apr 2026 10:50:37 +0000
ROA not before: Sat 18 Apr 2026 10:45:37 +0000
ROA not after: Sat 17 Apr 2027 10:50:37 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.15.0/24 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.51.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.81.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.29.126.0/24 maxlen: 24
82.38.2.0/24 maxlen: 24
82.38.32.0/24 maxlen: 24
82.38.35.0/24 maxlen: 24
82.38.82.0/24 maxlen: 24
82.38.124.0/22 maxlen: 24
82.38.140.0/22 maxlen: 24
82.38.152.0/22 maxlen: 24
82.38.156.0/22 maxlen: 24
82.38.160.0/22 maxlen: 24
82.38.164.0/22 maxlen: 24
82.38.224.0/22 maxlen: 24
82.38.228.0/22 maxlen: 24
82.38.232.0/22 maxlen: 24
82.38.236.0/22 maxlen: 24
82.38.240.0/22 maxlen: 24
82.38.244.0/22 maxlen: 24
82.38.248.0/22 maxlen: 24
82.38.252.0/22 maxlen: 24
82.39.108.0/24 maxlen: 24
82.39.138.0/24 maxlen: 24
82.39.156.0/22 maxlen: 24
82.39.176.0/22 maxlen: 24
82.39.180.0/22 maxlen: 24
82.39.216.0/22 maxlen: 24
82.39.221.0/24 maxlen: 24
82.39.224.0/22 maxlen: 24
82.40.0.0/22 maxlen: 24
82.40.4.0/22 maxlen: 24
82.40.8.0/22 maxlen: 24
82.40.12.0/22 maxlen: 24
82.40.16.0/22 maxlen: 24
82.41.44.0/22 maxlen: 24
82.41.52.0/22 maxlen: 24
82.41.68.0/22 maxlen: 24
82.41.80.0/22 maxlen: 24
82.41.88.0/22 maxlen: 24
82.41.100.0/22 maxlen: 24
82.41.104.0/22 maxlen: 24
82.41.108.0/22 maxlen: 24
82.41.124.0/22 maxlen: 24
82.41.134.0/24 maxlen: 24
82.41.148.0/22 maxlen: 24
82.41.152.0/22 maxlen: 24
82.41.160.0/22 maxlen: 24
82.41.164.0/22 maxlen: 24
82.41.172.0/22 maxlen: 24
82.41.176.0/22 maxlen: 24
82.41.184.0/22 maxlen: 24
82.41.188.0/22 maxlen: 24
82.41.204.0/22 maxlen: 24
82.41.212.0/22 maxlen: 24
82.41.224.0/22 maxlen: 24
82.41.228.0/22 maxlen: 24
2a13:9500:138::/48 maxlen: 48
2a13:9500:143::/48 maxlen: 48
2a13:9500:166::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:7f:56:f6:ad:cb:32:e5:f0:0d:a4:27:5c:3c:64:4d:6a:ca:af:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 18 10:45:37 2026 GMT
Not After : Apr 17 10:50:37 2027 GMT
Subject: CN=9F7B5CACCFCED902F383B47B394E9A001299F7D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:37:98:80:f5:aa:5a:fe:09:e2:bd:1c:47:
7d:a7:65:b9:cd:0d:67:ee:24:ab:e9:f2:0c:7a:c3:
26:87:68:5c:34:a5:13:6e:19:a9:c5:cb:5d:1b:dc:
0e:f5:46:7a:e2:81:a3:eb:06:09:08:b3:4c:bb:5e:
12:03:d1:76:65:81:02:bc:cf:5a:2c:c2:90:75:70:
82:a0:9c:94:14:a3:7f:d5:0e:84:a9:f0:22:6d:3c:
2e:18:95:86:b3:23:b3:82:ec:70:a5:d4:fa:3e:38:
5b:c1:10:86:15:d5:93:14:e3:a6:99:ee:68:d2:e1:
3d:b0:5f:0d:42:18:61:2d:e7:1c:21:a2:4f:63:41:
16:54:17:32:6b:e5:b6:b9:e5:db:f9:d0:4a:9d:37:
37:ee:4d:5a:e7:8c:63:be:92:31:73:35:95:93:fd:
38:76:82:fe:a1:cc:8e:42:ba:af:e8:d5:14:59:a9:
82:f0:53:9a:36:78:cc:00:9d:45:e0:c3:d1:8c:c1:
d9:24:af:b0:43:5a:f7:45:37:8e:c1:24:5a:8c:49:
49:dc:50:49:d5:1b:01:51:0a:b1:b4:c9:ae:8f:dd:
3d:48:34:c0:0a:5a:28:f7:64:c8:82:de:58:c0:bb:
77:fa:0c:76:d8:96:49:85:9d:af:a1:e6:f6:86:37:
a5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7B:5C:AC:CF:CE:D9:02:F3:83:B4:7B:39:4E:9A:00:12:99:F7:D6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.15.0/24
82.22.18.0/24
82.22.25.0/24
82.22.51.0/24
82.22.118.0/24
82.24.96.0/22
82.25.146.0/23
82.26.81.0/24
82.26.176.0/20
82.29.126.0/24
82.38.2.0/24
82.38.32.0/24
82.38.35.0/24
82.38.82.0/24
82.38.124.0/22
82.38.140.0/22
82.38.152.0-82.38.167.255
82.38.224.0/19
82.39.108.0/24
82.39.138.0/24
82.39.156.0/22
82.39.176.0/21
82.39.216.0/22
82.39.221.0/24
82.39.224.0/22
82.40.0.0-82.40.19.255
82.41.44.0/22
82.41.52.0/22
82.41.68.0/22
82.41.80.0/22
82.41.88.0/22
82.41.100.0-82.41.111.255
82.41.124.0/22
82.41.134.0/24
82.41.148.0-82.41.155.255
82.41.160.0/21
82.41.172.0-82.41.179.255
82.41.184.0/21
82.41.204.0/22
82.41.212.0/22
82.41.224.0/21
IPv6:
2a13:9500:138::/48
2a13:9500:143::/48
2a13:9500:166::/48
Signature Algorithm: sha256WithRSAEncryption
16:5c:ff:b5:c6:85:b5:aa:c3:86:86:9e:aa:d0:82:19:2d:00:
b4:18:66:7c:ef:ed:1b:b6:e8:3d:05:8d:4e:9e:d1:59:07:9b:
14:e5:13:63:7f:ea:2e:f4:14:97:64:2d:be:c5:99:b9:d1:52:
ca:7d:12:86:32:5d:c4:a7:ee:04:f1:eb:78:9e:13:39:23:5b:
f7:70:b1:c8:e1:4d:44:0c:51:b1:9a:63:75:47:4a:6d:de:6a:
53:e3:96:96:35:39:c6:26:e6:75:e8:99:9a:26:97:d9:c5:1b:
44:27:74:cd:aa:ca:7d:c2:44:43:cf:50:7d:38:30:f8:30:2d:
55:93:1d:6c:c1:90:b9:ff:d2:e7:a0:77:13:00:23:c8:30:b5:
75:0f:0d:3e:0d:fc:c8:63:5d:9f:5b:27:fd:7c:e4:91:04:10:
64:f1:b0:93:ae:9f:eb:25:23:7a:db:17:a8:5b:9f:b4:94:f6:
2f:6b:8b:72:9b:07:7a:7b:65:f3:5f:8f:29:b8:09:06:a2:45:
c1:c4:69:34:f6:5c:a6:86:21:ca:b1:32:9a:3d:60:6a:ec:dc:
db:b3:32:c4:0a:22:64:df:7d:75:26:c8:7f:96:c9:bf:17:f0:
99:70:a7:19:f7:a5:29:d2:b9:55:4f:e9:4d:c5:6f:eb:3b:d1:
1b:71:f6:9d
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIUPH9W9q3LMuXwDaQnXDxkTWrKr0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTgxMDQ1MzdaFw0yNzA0MTcxMDUwMzdaMDMxMTAvBgNV
BAMTKDlGN0I1Q0FDQ0ZDRUQ5MDJGMzgzQjQ3QjM5NEU5QTAwMTI5OUY3RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC15zeYgPWqWv4J4r0cR32nZbnN
DWfuJKvp8gx6wyaHaFw0pRNuGanFy10b3A71RnrigaPrBgkIs0y7XhID0XZlgQK8
z1oswpB1cIKgnJQUo3/VDoSp8CJtPC4YlYazI7OC7HCl1Po+OFvBEIYV1ZMU46aZ
7mjS4T2wXw1CGGEt5xwhok9jQRZUFzJr5ba55dv50EqdNzfuTVrnjGO+kjFzNZWT
/Th2gv6hzI5Cuq/o1RRZqYLwU5o2eMwAnUXgw9GMwdkkr7BDWvdFN47BJFqMSUnc
UEnVGwFRCrG0ya6P3T1INMAKWij3ZMiC3ljAu3f6DHbYlkmFna+h5vaGN6W9AgMB
AAGjggNTMIIDTzAdBgNVHQ4EFgQUn3tcrM/O2QLzg7R7OU6aABKZ99YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFnBggrBgEFBQcBBwEB/wSCAVYwggFSMIIBKwQCAAEw
ggEjAwQAUhWLAwQAUhYPAwQAUhYSAwQAUhYZAwQAUhYzAwQAUhZ2AwQCUhhgAwQB
UhmSAwQAUhpRAwQEUhqwAwQAUh1+AwQAUiYCAwQAUiYgAwQAUiYjAwQAUiZSAwQC
UiZ8AwQCUiaMMAwDBANSJpgDBANSJqADBAVSJuADBABSJ2wDBABSJ4oDBAJSJ5wD
BANSJ7ADBAJSJ9gDBABSJ90DBAJSJ+AwCwMDA1IoAwQCUigQAwQCUiksAwQCUik0
AwQCUilEAwQCUilQAwQCUilYMAwDBAJSKWQDBARSKWADBAJSKXwDBABSKYYwDAME
AlIplAMEAlIpmAMEA1IpoDAMAwQCUimsAwQCUimwAwQDUim4AwQCUinMAwQCUinU
AwQDUingMCEEAgACMBsDBwAqE5UAATgDBwAqE5UAAUMDBwAqE5UAAWYwDQYJKoZI
hvcNAQELBQADggEBABZc/7XGhbWqw4aGnqrQghktALQYZnzv7Ru26D0FjU6e0VkH
mxTlE2N/6i70FJdkLb7FmbnRUsp9EoYyXcSn7gTx63ieEzkjW/dwscjhTUQMUbGa
Y3VHSm3ealPjlpY1OcYm5nXomZoml9nFG0QndM2qyn3CREPPUH04MPgwLVWTHWzB
kLn/0uegdxMAI8gwtXUPDT4N/MhjXZ9bJ/185JEEEGTxsJOun+slI3rbF6hbn7SU
9i9ri3KbB3p7ZfNfjym4CQaiRcHEaTT2XKaGIcqxMpo9YGrs3NuzMsQKImTffXUm
yH+Wyb8X8Jlwpxn3pSnSuVVP6U3Fb+s70Rtx9p0=
-----END CERTIFICATE-----
Generated at Sat Apr 18 19:38:22 2026 by rpki-client