Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: kL09i7QC+wCMY77BoVzFKL6muw3YVShdgOQ0ZlRkV4o=
Subject key identifier: A6:8A:A8:9D:26:10:2A:5D:F3:E1:2E:3A:21:DB:55:03:F6:5F:A0:9B
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 665C7B07819D8966C7E57B6DF0E54CA440214578
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16276.roa
Signing time: Wed 28 May 2025 00:01:14 +0000
ROA not before: Tue 27 May 2025 23:56:14 +0000
ROA not after: Wed 27 May 2026 00:01:14 +0000
asID: 16276
IP address blocks: 193.151.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5c:7b:07:81:9d:89:66:c7:e5:7b:6d:f0:e5:4c:a4:40:21:45:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 27 23:56:14 2025 GMT
Not After : May 27 00:01:14 2026 GMT
Subject: CN=A68AA89D26102A5DF3E12E3A21DB5503F65FA09B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ba:15:ba:0b:f5:61:44:df:08:49:b2:d3:1c:
ad:17:33:b5:02:f7:1b:b8:34:f5:4f:cd:de:05:8e:
20:b5:64:ca:97:94:27:9a:f7:a9:2b:e0:d4:4d:ca:
a7:3f:50:87:6e:1e:57:84:05:1d:ad:f3:f8:27:e8:
0a:d3:19:4b:67:4b:c0:5c:df:42:70:2a:44:0c:af:
ed:63:e8:08:60:21:81:2f:8a:13:45:44:11:58:f0:
88:a4:ad:f5:d2:b4:0f:0e:c1:ce:2b:0f:48:7e:f6:
f0:92:89:e2:74:c3:f3:c4:a0:10:dc:58:1f:bf:a8:
77:62:d1:46:7c:91:29:68:17:57:86:7c:48:43:6b:
2f:7d:4b:51:da:9b:18:02:71:f7:fa:6b:be:62:73:
d7:4d:57:dd:08:8d:ce:fe:d0:0c:61:5d:74:af:37:
2c:a7:22:83:95:3b:a1:92:57:be:78:2a:41:75:f8:
d8:38:da:12:88:05:f8:06:88:b5:24:93:13:cf:04:
9b:16:c8:cd:21:af:32:4c:e0:d6:65:d5:27:22:67:
56:28:47:36:6c:3f:51:04:2c:7c:d8:c9:16:d0:9a:
ff:f2:4f:ab:0f:f0:30:36:d6:c6:5f:13:cf:5d:75:
67:af:76:51:89:42:4d:43:7d:87:64:f5:d4:a3:7e:
7a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8A:A8:9D:26:10:2A:5D:F3:E1:2E:3A:21:DB:55:03:F6:5F:A0:9B
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.181.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:49:f1:5f:eb:4e:99:e2:5e:c8:15:65:ed:64:3c:b4:4b:ec:
d9:ab:dd:be:35:30:58:24:97:d2:5b:d8:f7:5b:65:0d:05:83:
0d:2e:d3:ef:b1:7a:9c:49:bd:ef:4d:1f:59:ad:ad:27:1a:90:
32:05:80:a1:52:d2:74:15:b3:36:5d:f8:02:72:e2:04:f4:f9:
c4:a6:11:e7:36:7b:d8:ba:bc:f6:24:8a:19:a8:ac:57:e1:8a:
05:94:3a:f8:2e:52:f7:63:69:7c:13:5f:55:66:ae:09:15:22:
52:05:09:d6:29:01:5a:b6:3d:d5:cf:a1:37:35:43:14:34:37:
ea:4a:b0:60:dd:b9:ed:cc:23:7b:42:bf:7b:62:26:b4:26:3d:
2c:7d:99:d6:57:06:d6:d7:4d:e1:ba:e4:d9:8d:7b:57:f5:37:
14:df:15:69:0e:2e:63:a3:bc:c3:2e:cc:02:74:1b:b3:53:9d:
90:2a:6f:61:e5:71:f7:b1:22:6b:40:c9:14:15:5f:0e:1c:57:
9a:30:55:27:51:26:5f:bf:c9:14:f6:e6:5a:54:f4:06:03:12:
ba:68:34:9a:03:f6:61:9d:71:dd:3c:18:42:56:3f:14:40:ef:
26:ae:49:9d:26:46:6d:34:a3:0a:b0:bf:3f:65:b1:20:ac:54:
83:08:94:ff
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZlx7B4GdiWbH5Xtt8OVMpEAhRXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA1MjcyMzU2MTRaFw0yNjA1MjcwMDAxMTRaMDMxMTAvBgNV
BAMTKEE2OEFBODlEMjYxMDJBNURGM0UxMkUzQTIxREI1NTAzRjY1RkEwOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCluhW6C/VhRN8ISbLTHK0XM7UC
9xu4NPVPzd4FjiC1ZMqXlCea96kr4NRNyqc/UIduHleEBR2t8/gn6ArTGUtnS8Bc
30JwKkQMr+1j6AhgIYEvihNFRBFY8IikrfXStA8Owc4rD0h+9vCSieJ0w/PEoBDc
WB+/qHdi0UZ8kSloF1eGfEhDay99S1HamxgCcff6a75ic9dNV90Ijc7+0AxhXXSv
NyynIoOVO6GSV754KkF1+Ng42hKIBfgGiLUkkxPPBJsWyM0hrzJM4NZl1SciZ1Yo
RzZsP1EELHzYyRbQmv/yT6sP8DA21sZfE89ddWevdlGJQk1DfYdk9dSjfnqfAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUpoqonSYQKl3z4S46IdtVA/ZfoJswHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBl7Uw
DQYJKoZIhvcNAQELBQADggEBALpJ8V/rTpniXsgVZe1kPLRL7Nmr3b41MFgkl9Jb
2PdbZQ0Fgw0u0++xepxJve9NH1mtrScakDIFgKFS0nQVszZd+AJy4gT0+cSmEec2
e9i6vPYkihmorFfhigWUOvguUvdjaXwTX1VmrgkVIlIFCdYpAVq2PdXPoTc1QxQ0
N+pKsGDdue3MI3tCv3tiJrQmPSx9mdZXBtbXTeG65NmNe1f1NxTfFWkOLmOjvMMu
zAJ0G7NTnZAqb2HlcfexImtAyRQVXw4cV5owVSdRJl+/yRT25lpU9AYDErpoNJoD
9mGdcd08GEJWPxRA7yauSZ0mRm00owqwvz9lsSCsVIMIlP8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:57 2025 by rpki-client