Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: ladDBs0eTounk+7+lCpsP4OYlBu3V5MKWaIpode8Vbc=
Subject key identifier: AC:FD:68:CF:86:92:09:96:9E:71:4B:83:EC:28:F2:EE:7B:81:61:66
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 2DB6EC5F2B8EFBD2B34F560C456A9E9F3012888A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
Signing time: Thu 23 Apr 2026 07:34:44 +0000
ROA not before: Thu 23 Apr 2026 07:29:44 +0000
ROA not after: Thu 22 Apr 2027 07:34:44 +0000
asID: 16276
IP address blocks: 141.11.1.0/24 maxlen: 24
141.11.18.0/24 maxlen: 24
141.11.21.0/24 maxlen: 24
141.11.31.0/24 maxlen: 24
141.11.39.0/24 maxlen: 24
141.11.40.0/24 maxlen: 24
141.11.45.0/24 maxlen: 24
141.11.49.0/24 maxlen: 24
141.11.74.0/23 maxlen: 23
141.11.96.0/24 maxlen: 24
141.11.107.0/24 maxlen: 24
141.11.187.0/24 maxlen: 24
141.11.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 11:45:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b6:ec:5f:2b:8e:fb:d2:b3:4f:56:0c:45:6a:9e:9f:30:12:88:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Apr 23 07:29:44 2026 GMT
Not After : Apr 22 07:34:44 2027 GMT
Subject: CN=ACFD68CF869209969E714B83EC28F2EE7B816166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:b5:2d:8b:5b:3c:48:41:42:0d:0e:00:f3:
3f:9b:77:9e:54:5b:f4:92:e8:b0:0e:dd:e3:76:78:
49:17:99:a9:4d:62:aa:6b:49:a1:eb:69:c0:7d:6a:
32:af:c2:e5:c0:9c:6e:3d:b8:b6:54:11:78:fa:5c:
43:6e:b8:68:e5:8e:8d:65:85:d4:5e:83:21:c7:9c:
10:88:08:9b:06:3b:d3:dc:91:fe:a4:fa:c1:63:13:
41:2d:21:ca:4a:44:83:d1:b2:17:b6:9f:92:39:13:
39:ce:f3:7a:a3:e7:9e:4f:05:08:fe:80:66:15:7c:
17:95:94:4a:04:d0:cc:fc:a5:3f:21:64:f0:ba:9f:
08:97:4a:65:e3:b8:a8:d9:9f:a8:6b:05:c5:48:5d:
82:1a:41:a4:78:dc:83:d0:51:d4:3a:c9:c8:fc:fe:
9b:1e:95:bb:57:60:0a:b6:c6:76:f2:d6:c6:e5:7f:
bd:b4:71:82:da:6d:95:50:fd:89:46:36:5f:bf:63:
0e:fa:14:d2:6f:02:48:57:4e:a8:6d:c0:f4:f2:65:
a9:b7:46:88:81:d1:69:3e:55:2f:be:d3:b6:e5:9a:
e6:3d:9c:fa:9c:20:31:0b:a0:39:36:f7:e7:35:7d:
b0:f3:0b:e4:95:28:56:c8:2a:99:19:04:33:af:11:
6f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FD:68:CF:86:92:09:96:9E:71:4B:83:EC:28:F2:EE:7B:81:61:66
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.1.0/24
141.11.18.0/24
141.11.21.0/24
141.11.31.0/24
141.11.39.0-141.11.40.255
141.11.45.0/24
141.11.49.0/24
141.11.74.0/23
141.11.96.0/24
141.11.107.0/24
141.11.187.0/24
141.11.250.0/24
Signature Algorithm: sha256WithRSAEncryption
60:ff:9c:9d:71:dc:b3:44:28:6e:61:41:90:71:da:0e:51:16:
e5:78:8a:6d:fb:53:3e:13:f8:36:fe:68:43:5d:00:7c:55:c5:
63:5a:b5:ce:91:32:fe:49:7e:77:6e:0e:67:bc:79:63:3f:53:
6e:13:ae:47:84:23:22:36:a3:ab:57:2f:8a:b9:5f:90:01:d9:
33:5f:34:6f:7f:37:40:bd:b9:33:7d:67:54:fe:9c:27:4f:8f:
61:3b:80:fe:f4:4f:1d:0a:98:7d:b2:14:bb:05:2e:4a:6a:9b:
2c:ed:20:98:5c:f6:52:fc:2a:3d:1e:97:91:77:85:d4:61:c4:
3f:45:8f:62:1a:79:aa:03:4c:e7:28:21:0d:83:d7:8b:3a:83:
2d:7a:d6:50:bb:1d:17:82:05:0c:a2:31:83:f1:1c:be:8e:49:
d9:ac:4e:14:01:a9:7c:58:7f:eb:d6:1b:be:33:db:7b:ac:19:
70:0c:ac:b2:b4:f4:8c:6b:a0:95:10:bf:05:6a:f3:44:df:01:
d6:fc:b9:4c:55:3f:89:c1:c1:b7:9a:5b:f5:b2:73:1d:e3:07:
be:e6:98:e0:54:14:e0:f9:9c:65:ce:43:7d:85:02:1c:be:aa:
fd:7d:5d:31:49:cf:7f:cf:24:82:41:73:27:de:d0:ac:2f:c4:
82:11:21:cf
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIULbbsXyuO+9KzT1YMRWqenzASiIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA0MjMwNzI5NDRaFw0yNzA0MjIwNzM0NDRaMDMxMTAvBgNV
BAMTKEFDRkQ2OENGODY5MjA5OTY5RTcxNEI4M0VDMjhGMkVFN0I4MTYxNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Z7Uti1s8SEFCDQ4A8z+bd55U
W/SS6LAO3eN2eEkXmalNYqprSaHracB9ajKvwuXAnG49uLZUEXj6XENuuGjljo1l
hdRegyHHnBCICJsGO9Pckf6k+sFjE0EtIcpKRIPRshe2n5I5EznO83qj555PBQj+
gGYVfBeVlEoE0Mz8pT8hZPC6nwiXSmXjuKjZn6hrBcVIXYIaQaR43IPQUdQ6ycj8
/pselbtXYAq2xnby1sblf720cYLabZVQ/YlGNl+/Yw76FNJvAkhXTqhtwPTyZam3
RoiB0Wk+VS++07blmuY9nPqcIDELoDk29+c1fbDzC+SVKFbIKpkZBDOvEW8BAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUrP1oz4aSCZaecUuD7Cjy7nuBYWYwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBACNCwED
BACNCxIDBACNCxUDBACNCx8wDAMEAI0LJwMEAI0LKAMEAI0LLQMEAI0LMQMEAY0L
SgMEAI0LYAMEAI0LawMEAI0LuwMEAI0L+jANBgkqhkiG9w0BAQsFAAOCAQEAYP+c
nXHcs0QobmFBkHHaDlEW5XiKbftTPhP4Nv5oQ10AfFXFY1q1zpEy/kl+d24OZ7x5
Yz9TbhOuR4QjIjajq1cvirlfkAHZM180b383QL25M31nVP6cJ0+PYTuA/vRPHQqY
fbIUuwUuSmqbLO0gmFz2UvwqPR6XkXeF1GHEP0WPYhp5qgNM5yghDYPXizqDLXrW
ULsdF4IFDKIxg/Ecvo5J2axOFAGpfFh/69YbvjPbe6wZcAyssrT0jGuglRC/BWrz
RN8B1vy5TFU/icHBt5pb9bJzHeMHvuaY4FQU4PmcZc5DfYUCHL6q/X1dMUnPf88k
gkFzJ97QrC/EghEhzw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:27:07 2026 by rpki-client