Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: gRA3fAMrMGs/BvGP0x12IclEtKpVdUjJ3F9zbYi9GOg=
Subject key identifier: E7:5B:EA:5E:1B:87:A8:24:01:92:63:BD:AB:1B:1D:74:C6:92:7E:92
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 2F17DADBC1DB4058E504A22A00A7061A944C08DA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
Signing time: Thu 27 Mar 2025 13:11:27 +0000
ROA not before: Thu 27 Mar 2025 13:06:27 +0000
ROA not after: Thu 26 Mar 2026 13:11:27 +0000
asID: 16276
IP address blocks: 141.11.40.0/24 maxlen: 24
141.11.74.0/23 maxlen: 23
141.11.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:17:da:db:c1:db:40:58:e5:04:a2:2a:00:a7:06:1a:94:4c:08:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 27 13:06:27 2025 GMT
Not After : Mar 26 13:11:27 2026 GMT
Subject: CN=E75BEA5E1B87A824019263BDAB1B1D74C6927E92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ad:48:bd:4c:30:08:17:c5:f8:73:33:d5:f5:
3b:87:5c:d0:c4:84:e9:f4:a2:b8:14:cd:4f:35:cc:
df:88:5e:2c:e3:d7:40:8d:73:0d:0f:8c:12:ed:d0:
a7:2f:95:4f:1e:e7:bd:6b:ec:bf:2b:ba:45:37:fd:
9f:b6:44:d0:ae:18:e8:ab:e2:e2:62:c1:08:ef:aa:
07:6c:c5:7a:5b:9e:69:d1:84:2f:a7:af:5c:b0:28:
5b:70:5b:dd:ea:b4:74:a9:bd:56:24:34:26:4b:e7:
d5:3d:45:04:17:1f:8b:d1:06:3d:e7:00:be:93:73:
c4:63:dc:2b:02:80:d5:92:4c:7d:64:f2:c1:64:31:
36:dd:b3:9a:83:6a:a3:08:0c:e4:18:25:5a:b6:78:
8c:4b:97:f0:be:3c:81:70:76:3c:e2:70:c4:26:df:
cb:1f:86:a3:cd:5c:5f:1b:71:1e:4a:3e:bd:8a:5a:
94:3a:7a:2c:82:e2:66:4f:71:52:35:94:19:e1:7d:
4d:b2:23:a3:ae:ae:be:c1:25:7a:e7:75:d0:ad:b1:
eb:e2:ad:8d:3c:83:b7:4a:f7:af:7a:6e:88:33:9f:
d4:14:d7:43:22:b3:0e:79:44:e2:7c:f4:c0:9a:6a:
fa:12:e5:e2:b9:f9:31:0f:be:d0:75:5f:3c:6d:df:
d9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5B:EA:5E:1B:87:A8:24:01:92:63:BD:AB:1B:1D:74:C6:92:7E:92
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.40.0/24
141.11.74.0/23
141.11.237.0/24
Signature Algorithm: sha256WithRSAEncryption
69:95:32:cb:82:c9:06:f3:6c:2e:d5:86:86:ac:16:22:b6:13:
fe:c8:36:74:4c:75:d0:b5:cc:37:2d:0e:83:c9:23:ad:b1:b4:
54:4f:77:4d:08:f2:8b:65:5f:45:33:bd:7a:9e:3a:c8:18:ed:
0d:a5:cd:13:c5:e0:0d:fd:7f:b5:77:30:d6:98:d1:9d:dc:b7:
fc:6a:c4:cb:a8:34:e7:31:90:fa:64:3e:0f:19:51:17:94:1e:
6c:aa:4c:be:d7:c5:f5:07:a6:9f:26:e5:5e:71:71:95:fe:ad:
df:6e:a8:04:52:f9:d3:93:e2:f5:01:15:7a:ea:33:47:3f:4f:
f1:cc:af:f7:f0:79:76:44:97:bb:04:18:22:d7:d5:69:ce:5e:
c3:a4:7b:a3:e3:57:0e:b9:c9:bc:5b:ab:97:ba:5e:fe:78:1a:
f8:5b:b7:66:b1:6d:c6:4b:06:1e:e1:f9:3e:3e:a1:bb:13:e6:
aa:52:f6:aa:67:7d:ac:a7:0a:80:e4:26:e8:59:f9:9b:a5:06:
d4:76:55:75:40:e1:10:93:80:65:88:7d:67:ac:23:95:1d:5b:
a2:f3:0f:2c:5b:65:64:67:3a:34:ca:f9:13:47:63:d1:5f:d9:
fd:b9:da:fc:47:99:47:6d:ee:6d:be:3a:72:a8:f4:c0:65:66:
42:2f:58:54
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIULxfa28HbQFjlBKIqAKcGGpRMCNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAzMjcxMzA2MjdaFw0yNjAzMjYxMzExMjdaMDMxMTAvBgNV
BAMTKEU3NUJFQTVFMUI4N0E4MjQwMTkyNjNCREFCMUIxRDc0QzY5MjdFOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDerUi9TDAIF8X4czPV9TuHXNDE
hOn0orgUzU81zN+IXizj10CNcw0PjBLt0KcvlU8e571r7L8rukU3/Z+2RNCuGOir
4uJiwQjvqgdsxXpbnmnRhC+nr1ywKFtwW93qtHSpvVYkNCZL59U9RQQXH4vRBj3n
AL6Tc8Rj3CsCgNWSTH1k8sFkMTbds5qDaqMIDOQYJVq2eIxLl/C+PIFwdjzicMQm
38sfhqPNXF8bcR5KPr2KWpQ6eiyC4mZPcVI1lBnhfU2yI6Ourr7BJXrnddCtsevi
rY08g7dK9696bogzn9QU10Misw55ROJ89MCaavoS5eK5+TEPvtB1Xzxt39lfAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU51vqXhuHqCQBkmO9qxsddMaSfpIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACNCygD
BAGNC0oDBACNC+0wDQYJKoZIhvcNAQELBQADggEBAGmVMsuCyQbzbC7VhoasFiK2
E/7INnRMddC1zDctDoPJI62xtFRPd00I8otlX0UzvXqeOsgY7Q2lzRPF4A39f7V3
MNaY0Z3ct/xqxMuoNOcxkPpkPg8ZUReUHmyqTL7XxfUHpp8m5V5xcZX+rd9uqARS
+dOT4vUBFXrqM0c/T/HMr/fweXZEl7sEGCLX1WnOXsOke6PjVw65ybxbq5e6Xv54
Gvhbt2axbcZLBh7h+T4+obsT5qpS9qpnfaynCoDkJuhZ+ZulBtR2VXVA4RCTgGWI
fWesI5UdW6LzDyxbZWRnOjTK+RNHY9Ff2f252vxHmUdt7m2+OnKo9MBlZkIvWFQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:06 2025 by rpki-client