Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: OPpg5+rfmWKwgDqGDj9kdY3saSYnz65sfcCFVhdeico=
Subject key identifier: 9F:9C:43:7B:19:89:3A:DA:66:73:C0:08:F4:B6:03:13:74:6C:76:9B
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4BA41577246BCE3C926D4CF6E5C88FC31940C360
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
Signing time: Thu 27 Mar 2025 02:34:11 +0000
ROA not before: Thu 27 Mar 2025 02:29:11 +0000
ROA not after: Thu 26 Mar 2026 02:34:11 +0000
asID: 16509
IP address blocks: 45.155.17.0/24 maxlen: 24
193.111.117.0/24 maxlen: 24
193.142.18.0/24 maxlen: 24
193.164.10.0/24 maxlen: 24
194.5.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a4:15:77:24:6b:ce:3c:92:6d:4c:f6:e5:c8:8f:c3:19:40:c3:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 27 02:29:11 2025 GMT
Not After : Mar 26 02:34:11 2026 GMT
Subject: CN=9F9C437B19893ADA6673C008F4B60313746C769B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:03:a3:ec:6b:30:24:cb:68:59:0a:87:c1:
06:98:c8:bc:8e:53:7f:9e:89:95:46:4f:09:91:2c:
f4:4d:ad:7e:9c:f8:29:0b:ba:93:4b:70:c1:d4:52:
2f:50:15:65:6a:e4:51:ee:4f:24:5a:06:9c:e6:83:
4c:6f:1a:31:c1:b5:71:55:4f:6c:3c:16:64:e4:d5:
29:cf:4a:3a:11:ad:eb:86:b5:c5:23:10:99:d0:dc:
85:e3:2c:74:45:ec:77:cd:61:e5:42:ec:2a:ee:c1:
b8:79:77:b4:37:f4:85:6f:36:9d:6d:1c:f1:59:63:
43:d9:e3:1b:f0:db:7c:b5:37:fb:c6:bc:65:a5:3b:
4c:6c:15:38:d8:df:ee:60:e8:8d:9a:b9:9d:17:4f:
dd:32:0e:c7:50:35:22:65:21:c9:61:32:45:e2:04:
dd:23:0c:29:62:19:ea:09:44:f7:b1:fa:5e:0a:be:
51:d3:26:dd:09:bf:b2:fd:eb:f2:c5:7c:8f:84:89:
f8:65:8d:1a:f0:b0:bf:45:cd:ba:29:f2:ee:50:c7:
92:0d:71:d1:5d:e5:53:7b:c9:20:99:a3:7d:75:ed:
f7:3e:54:ca:10:ae:ef:f8:f9:84:5e:dd:78:10:3d:
6c:dc:11:a3:1c:43:9a:db:c1:16:4b:bd:49:3e:27:
8a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:9C:43:7B:19:89:3A:DA:66:73:C0:08:F4:B6:03:13:74:6C:76:9B
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.17.0/24
193.111.117.0/24
193.142.18.0/24
193.164.10.0/24
194.5.147.0/24
Signature Algorithm: sha256WithRSAEncryption
58:00:54:e5:4c:89:04:50:33:fa:ca:05:ec:4e:30:2f:07:38:
b4:65:41:fb:0f:0b:01:bb:c9:63:08:fa:c5:81:bf:04:61:14:
60:57:49:83:7d:a0:75:d2:76:f6:bb:41:47:90:09:3d:4e:02:
c7:34:f2:ca:b5:61:cd:9b:ea:0d:3e:59:8b:8d:6a:ac:02:d6:
10:59:ba:47:47:31:74:d0:8d:6d:33:29:f2:87:a5:c3:93:ad:
06:bb:37:0e:78:96:74:52:b8:43:a4:80:d9:b8:d8:50:31:4b:
dd:08:82:ac:f2:5b:58:fc:0d:ca:84:61:5a:60:57:91:a1:73:
b6:78:c4:f6:3f:a3:1e:21:7b:86:52:88:30:c2:9c:e2:87:61:
8b:04:5f:06:69:f3:8d:84:48:59:08:92:1d:be:f1:58:1a:1d:
32:0a:db:f4:fd:1a:8a:24:25:34:ca:c0:3e:12:17:43:77:a7:
2c:cc:dd:98:cd:71:f2:82:2b:ff:c9:19:63:f5:01:44:d2:17:
2c:fe:5d:7c:5c:63:0f:1e:42:ac:c8:ab:12:05:59:97:68:c1:
42:f2:7c:8d:44:9e:7c:a6:1b:a2:c5:41:b0:b1:01:76:b4:71:
c6:43:24:f0:08:0e:63:8a:79:ec:1a:e9:d0:65:57:fc:f7:c4:
bc:01:e2:c7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUS6QVdyRrzjySbUz25ciPwxlAw2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAzMjcwMjI5MTFaFw0yNjAzMjYwMjM0MTFaMDMxMTAvBgNV
BAMTKDlGOUM0MzdCMTk4OTNBREE2NjczQzAwOEY0QjYwMzEzNzQ2Qzc2OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAdQOj7GswJMtoWQqHwQaYyLyO
U3+eiZVGTwmRLPRNrX6c+CkLupNLcMHUUi9QFWVq5FHuTyRaBpzmg0xvGjHBtXFV
T2w8FmTk1SnPSjoRreuGtcUjEJnQ3IXjLHRF7HfNYeVC7Cruwbh5d7Q39IVvNp1t
HPFZY0PZ4xvw23y1N/vGvGWlO0xsFTjY3+5g6I2auZ0XT90yDsdQNSJlIclhMkXi
BN0jDCliGeoJRPex+l4KvlHTJt0Jv7L96/LFfI+EifhljRrwsL9Fzbop8u5Qx5IN
cdFd5VN7ySCZo3117fc+VMoQru/4+YRe3XgQPWzcEaMcQ5rbwRZLvUk+J4phAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUn5xDexmJOtpmc8AI9LYDE3RsdpswHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAtmxED
BADBb3UDBADBjhIDBADBpAoDBADCBZMwDQYJKoZIhvcNAQELBQADggEBAFgAVOVM
iQRQM/rKBexOMC8HOLRlQfsPCwG7yWMI+sWBvwRhFGBXSYN9oHXSdva7QUeQCT1O
Asc08sq1Yc2b6g0+WYuNaqwC1hBZukdHMXTQjW0zKfKHpcOTrQa7Nw54lnRSuEOk
gNm42FAxS90IgqzyW1j8DcqEYVpgV5Ghc7Z4xPY/ox4he4ZSiDDCnOKHYYsEXwZp
842ESFkIkh2+8VgaHTIK2/T9GookJTTKwD4SF0N3pyzM3ZjNcfKCK//JGWP1AUTS
Fyz+XXxcYw8eQqzIqxIFWZdowULyfI1EnnymG6LFQbCxAXa0ccZDJPAIDmOKeewa
6dBlV/z3xLwB4sc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:18:17 2025 by rpki-client