Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: OU9dKv8koirJ540x0RylhIa9OPYhSZFpJNEf1107Dgw=
Subject key identifier: 06:EE:64:9D:8F:10:AD:B3:95:AE:5C:FF:42:66:9A:F8:05:93:CA:A4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 70C72DB9EA19E72A473FC790AE4D44A51A36CA53
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
Signing time: Mon 01 Sep 2025 15:48:51 +0000
ROA not before: Mon 01 Sep 2025 15:43:51 +0000
ROA not after: Mon 31 Aug 2026 15:48:51 +0000
asID: 16276
IP address blocks: 46.202.232.0/22 maxlen: 24
46.202.240.0/22 maxlen: 24
46.203.108.0/22 maxlen: 24
46.203.116.0/22 maxlen: 24
46.203.128.0/22 maxlen: 24
46.203.140.0/22 maxlen: 24
91.124.192.0/24 maxlen: 24
91.124.199.0/24 maxlen: 24
92.113.13.0/24 maxlen: 24
92.113.67.0/24 maxlen: 24
92.113.74.0/24 maxlen: 24
92.113.77.0/24 maxlen: 24
92.113.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c7:2d:b9:ea:19:e7:2a:47:3f:c7:90:ae:4d:44:a5:1a:36:ca:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 1 15:43:51 2025 GMT
Not After : Aug 31 15:48:51 2026 GMT
Subject: CN=06EE649D8F10ADB395AE5CFF42669AF80593CAA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:82:5a:0d:b3:da:95:7f:fa:b4:e8:02:c5:c2:
8e:8b:2d:b2:c2:2f:65:3c:66:51:99:dd:e1:6b:c0:
f1:db:7f:fb:a9:df:74:a0:c1:44:4e:4e:0a:d6:bc:
d4:37:2b:5e:f4:b7:70:6b:49:88:17:1c:f6:57:ef:
84:16:de:a3:89:2b:f7:af:d4:b4:14:b1:e4:ee:cb:
29:12:70:e3:3c:90:45:56:e5:a4:a7:19:30:f5:ce:
7c:6a:42:4f:07:8b:99:a5:13:51:28:4a:dc:9f:11:
68:02:47:16:42:b4:4c:0b:67:98:84:bc:ea:7a:e3:
2a:8d:5c:3e:44:a6:93:41:67:6a:ac:db:73:e0:f8:
bc:16:fe:26:c6:91:d1:09:e7:6d:77:c6:58:13:b2:
ca:1e:70:06:c8:81:be:bb:9d:06:fa:e4:0d:e8:e4:
fa:a2:31:0d:4f:49:9c:c9:82:55:df:c4:ee:3b:3a:
79:0c:57:a5:c8:2f:5d:e1:63:9a:e8:ce:08:f9:e8:
aa:53:b2:da:10:51:83:de:ab:54:4a:f8:88:ba:df:
cf:c6:ef:fe:74:38:94:a4:4f:f9:64:b1:e3:d8:be:
57:91:f6:99:c3:a3:51:f9:31:d0:55:23:3c:40:e4:
9c:51:66:98:0c:d7:7d:3f:df:86:51:a8:ac:bd:2e:
33:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EE:64:9D:8F:10:AD:B3:95:AE:5C:FF:42:66:9A:F8:05:93:CA:A4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.232.0/22
46.202.240.0/22
46.203.108.0/22
46.203.116.0/22
46.203.128.0/22
46.203.140.0/22
91.124.192.0/24
91.124.199.0/24
92.113.13.0/24
92.113.67.0/24
92.113.74.0/24
92.113.77.0/24
92.113.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:8b:76:a0:e4:58:da:01:df:44:d4:39:ba:a9:d6:89:0d:a9:
14:da:23:38:4d:30:c9:40:55:b6:8f:f8:2b:d8:8f:5e:c9:a3:
08:7f:9f:66:1e:d6:72:ea:e1:fd:f0:be:9f:a6:ba:3e:78:0b:
c3:20:3e:6b:92:78:bd:16:98:f7:81:60:94:25:a1:08:a2:b9:
30:f2:1a:e4:3e:6a:82:9d:e2:a9:95:cb:42:62:f0:8c:0e:64:
fa:86:ea:1d:a0:0e:b5:ec:a6:0a:86:af:19:f8:d7:f3:27:29:
5b:7b:07:63:b9:33:9c:cc:bd:24:d7:45:38:9c:f4:e1:53:1a:
bb:71:2b:2a:7f:45:47:be:cb:c4:66:b8:16:5b:f2:4f:95:1a:
bc:93:69:c3:08:ca:e5:01:b0:fa:36:71:3e:34:bc:0c:cb:e2:
3e:96:f4:ef:7d:d6:73:19:98:8e:0c:30:62:25:df:c0:01:4e:
68:6b:f4:9f:cd:95:69:32:bb:26:33:8d:87:02:fa:a9:c3:4c:
cb:3e:d5:fe:eb:4e:6e:ee:4f:7d:3b:c8:7a:d3:6d:9d:c9:ea:
23:f3:ad:6d:80:c3:91:9a:d9:60:9d:0a:c3:21:9a:9e:de:bd:
9b:70:b0:b5:2c:9c:ba:c4:4c:f7:37:74:40:75:74:24:52:ca:
f4:0b:0a:93
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUcMctueoZ5ypHP8eQrk1EpRo2ylMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MDExNTQzNTFaFw0yNjA4MzExNTQ4NTFaMDMxMTAvBgNV
BAMTKDA2RUU2NDlEOEYxMEFEQjM5NUFFNUNGRjQyNjY5QUY4MDU5M0NBQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpgloNs9qVf/q06ALFwo6LLbLC
L2U8ZlGZ3eFrwPHbf/up33SgwUROTgrWvNQ3K170t3BrSYgXHPZX74QW3qOJK/ev
1LQUseTuyykScOM8kEVW5aSnGTD1znxqQk8Hi5mlE1EoStyfEWgCRxZCtEwLZ5iE
vOp64yqNXD5EppNBZ2qs23Pg+LwW/ibGkdEJ5213xlgTssoecAbIgb67nQb65A3o
5PqiMQ1PSZzJglXfxO47OnkMV6XIL13hY5rozgj56KpTstoQUYPeq1RK+Ii638/G
7/50OJSkT/lksePYvleR9pnDo1H5MdBVIzxA5JxRZpgM130/34ZRqKy9LjPbAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUBu5knY8QrbOVrlz/Qmaa+AWTyqQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBAIuyugD
BAIuyvADBAIuy2wDBAIuy3QDBAIuy4ADBAIuy4wDBABbfMADBABbfMcDBABccQ0D
BABccUMDBABccUoDBABccU0DBABccVAwDQYJKoZIhvcNAQELBQADggEBAEqLdqDk
WNoB30TUObqp1okNqRTaIzhNMMlAVbaP+CvYj17Jowh/n2Ye1nLq4f3wvp+muj54
C8MgPmuSeL0WmPeBYJQloQiiuTDyGuQ+aoKd4qmVy0Ji8IwOZPqG6h2gDrXspgqG
rxn41/MnKVt7B2O5M5zMvSTXRTic9OFTGrtxKyp/RUe+y8RmuBZb8k+VGryTacMI
yuUBsPo2cT40vAzL4j6W9O991nMZmI4MMGIl38ABTmhr9J/NlWkyuyYzjYcC+qnD
TMs+1f7rTm7uT307yHrTbZ3J6iPzrW2Aw5Ga2WCdCsMhmp7evZtwsLUsnLrETPc3
dEB1dCRSyvQLCpM=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:55 2025 by rpki-client