
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: QLtX+D4JjXOXiT7aN1RnQTLRtLtRZCvJdEH61dffIlc=
Subject key identifier: D9:7E:69:6A:DE:2F:CC:40:35:D1:22:0C:D1:B6:CB:B1:89:92:AE:8C
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2276CBCA23DF0AA7984A78328D1BE0C770AD4217
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Thu 16 Jul 2026 16:00:45 +0000
ROA not before: Thu 16 Jul 2026 15:55:45 +0000
ROA not after: Thu 15 Jul 2027 16:00:45 +0000
asID: 16509
IP address blocks: 82.21.0.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.98.0/24 maxlen: 24
82.41.168.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
2a13:9500:110::/48 maxlen: 48
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
2a13:9500:176::/48 maxlen: 48
2a13:9500:1a1::/48 maxlen: 48
2a13:9500:1a3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:76:cb:ca:23:df:0a:a7:98:4a:78:32:8d:1b:e0:c7:70:ad:42:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 16 15:55:45 2026 GMT
Not After : Jul 15 16:00:45 2027 GMT
Subject: CN=D97E696ADE2FCC4035D1220CD1B6CBB18992AE8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:ff:4f:1e:2b:50:f9:65:78:f2:4e:92:eb:
c2:e4:79:92:9e:c0:60:21:fe:d6:be:6d:30:0f:47:
1d:32:6a:4a:f5:5c:33:8f:e4:6a:8f:39:df:7a:37:
30:07:25:51:f6:48:3b:e4:5d:85:c9:a5:44:fa:c4:
76:09:a8:83:e0:8a:fa:11:0d:b5:76:e0:d2:ef:1e:
35:18:b5:1e:2f:35:19:2c:96:0f:7c:ab:d8:b2:f6:
40:e7:d3:b7:3b:ee:71:df:c6:4c:c3:d0:6c:1c:8a:
f9:29:3e:34:f9:c1:e7:38:e8:81:49:9f:4b:29:bb:
c9:df:4f:19:8e:25:7d:49:d5:92:3b:d8:6e:84:39:
f3:cb:74:fb:e6:40:a5:5d:13:71:c4:78:aa:32:ba:
7c:e2:c8:30:26:98:33:9f:d5:ea:1d:17:6a:a7:a4:
42:bc:9c:33:3e:67:55:3f:6d:5d:e0:42:a5:25:8a:
2a:49:ea:c9:e7:40:18:43:29:e9:37:09:b4:41:8b:
f2:f7:49:06:c6:28:9c:1d:b3:67:23:9e:6a:28:5b:
a4:3a:b7:63:d3:66:f5:51:1e:67:05:d8:e9:64:ca:
4a:35:6b:a0:69:71:8b:08:79:c1:62:11:37:ff:24:
4c:67:ef:4f:62:5f:8b:01:85:e9:cc:b9:2e:fd:d3:
b0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7E:69:6A:DE:2F:CC:40:35:D1:22:0C:D1:B6:CB:B1:89:92:AE:8C
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.24.76.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.44.0/24
82.29.102.0/24
82.29.104.0/23
82.41.98.0/24
82.41.168.0/24
82.41.200.0/24
82.47.64.0/19
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
IPv6:
2a13:9500:110::/48
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
2a13:9500:176::/48
2a13:9500:1a1::/48
2a13:9500:1a3::/48
Signature Algorithm: sha256WithRSAEncryption
18:7a:e2:5f:a5:06:19:16:c0:40:2c:45:e1:56:d6:fe:16:23:
3d:29:68:61:eb:4f:74:02:04:2e:b2:ae:83:ea:bd:32:1b:58:
f5:74:b4:49:a7:54:c0:dd:40:62:a2:4d:67:85:ee:d7:77:00:
9c:b1:ad:1d:39:48:06:34:82:c8:e4:55:ee:5a:61:31:67:ab:
86:31:65:55:9f:c0:9e:5d:8b:a3:20:0c:8b:56:3a:2a:b1:27:
2f:95:99:73:80:0d:67:bb:b9:e5:56:eb:c5:cb:d7:13:94:f9:
29:bf:e0:85:7a:5e:6b:ed:b6:37:f9:37:b0:24:64:94:7a:e6:
1c:3b:bb:e6:c3:1f:ce:bc:16:a9:49:65:2d:c5:d9:83:2b:db:
07:6e:aa:87:50:b2:c8:c1:67:30:f0:50:1a:6d:2c:24:98:99:
e9:4b:4d:64:48:73:f0:0c:cf:30:51:6a:d4:fa:0e:0c:b7:e9:
12:b2:fd:22:98:48:f9:ad:08:f0:f3:67:0e:51:44:dd:a6:6f:
54:46:a3:59:aa:27:78:47:a9:e5:4d:97:a6:be:ce:b3:18:11:
37:d2:1f:be:bb:09:38:58:e2:76:c0:c2:a5:a4:1b:b8:1b:93:
82:0c:9e:14:1c:d4:5c:9b:f0:11:17:a1:a4:b8:e0:83:c6:6c:
ec:6a:9a:88
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgIUInbLyiPfCqeYSngyjRvgx3CtQhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA3MTYxNTU1NDVaFw0yNzA3MTUxNjAwNDVaMDMxMTAvBgNV
BAMTKEQ5N0U2OTZBREUyRkNDNDAzNUQxMjIwQ0QxQjZDQkIxODk5MkFFOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZW/9PHitQ+WV48k6S68LkeZKe
wGAh/ta+bTAPRx0yakr1XDOP5GqPOd96NzAHJVH2SDvkXYXJpUT6xHYJqIPgivoR
DbV24NLvHjUYtR4vNRkslg98q9iy9kDn07c77nHfxkzD0GwcivkpPjT5wec46IFJ
n0spu8nfTxmOJX1J1ZI72G6EOfPLdPvmQKVdE3HEeKoyunziyDAmmDOf1eodF2qn
pEK8nDM+Z1U/bV3gQqUliipJ6snnQBhDKek3CbRBi/L3SQbGKJwds2cjnmooW6Q6
t2PTZvVRHmcF2Olkyko1a6BpcYsIecFiETf/JExn709iX4sBhenMuS7907D5AgMB
AAGjggMMMIIDCDAdBgNVHQ4EFgQU2X5pat4vzEA10SIM0bbLsYmSrowwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEgBggrBgEFBQcBBwEB/wSCAQ8wggELMIHBBAIAATCB
ugMEAFIVAAMEAFIYTAMEAFIamgMEAFIayQMEAFIdADAMAwQBUh0CAwQAUh0EAwQA
Uh0sAwQAUh1mAwQBUh1oAwQAUiliAwQAUimoAwQAUinIAwQFUi9AAwQBVEsSAwQA
VEsiMAwDBAJUSyQDBABUSyYwDAMEAFRLKQMEAFRLKgMEAFRLMDAMAwQBVEsyAwQB
VEs0AwQAVEs3MAwDBABUSz0DBAFUS0AwDAMEAFRLQwMEAFRLRgMEBVRLYDBFBAIA
AjA/AwcAKhOVAAEQAwcBKhOVAAEmAwcAKhOVAAE6AwcAKhOVAAFXAwcAKhOVAAF2
AwcAKhOVAAGhAwcAKhOVAAGjMA0GCSqGSIb3DQEBCwUAA4IBAQAYeuJfpQYZFsBA
LEXhVtb+FiM9KWhh6090AgQusq6D6r0yG1j1dLRJp1TA3UBiok1nhe7XdwCcsa0d
OUgGNILI5FXuWmExZ6uGMWVVn8CeXYujIAyLVjoqsScvlZlzgA1nu7nlVuvFy9cT
lPkpv+CFel5r7bY3+TewJGSUeuYcO7vmwx/OvBapSWUtxdmDK9sHbqqHULLIwWcw
8FAabSwkmJnpS01kSHPwDM8wUWrU+g4Mt+kSsv0imEj5rQjw82cOUUTdpm9URqNZ
qid4R6nlTZemvs6zGBE30h++uwk4WOJ2wMKlpBu4G5OCDJ4UHNRcm/ARF6GkuOCD
xmzsapqI
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:07:06 2026 by rpki-client