Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: vhv2z21lm8Cb+j9n0TbSjPxlghL33uGseKW1QyWN+H0=
Subject key identifier: 15:C9:59:F9:8E:52:0F:6F:6E:30:B5:2D:47:82:10:51:16:5D:B7:B5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 256CFF7D5BA144DD9E93B742C6AB2CF3E9B09667
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
Signing time: Tue 03 Jun 2025 10:29:23 +0000
ROA not before: Tue 03 Jun 2025 10:24:23 +0000
ROA not after: Tue 02 Jun 2026 10:29:23 +0000
asID: 16276
IP address blocks: 91.124.192.0/24 maxlen: 24
91.124.199.0/24 maxlen: 24
91.124.209.0/24 maxlen: 24
92.113.13.0/24 maxlen: 24
92.113.67.0/24 maxlen: 24
92.113.74.0/24 maxlen: 24
92.113.77.0/24 maxlen: 24
92.113.80.0/24 maxlen: 24
95.134.149.0/24 maxlen: 24
95.135.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:6c:ff:7d:5b:a1:44:dd:9e:93:b7:42:c6:ab:2c:f3:e9:b0:96:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 3 10:24:23 2025 GMT
Not After : Jun 2 10:29:23 2026 GMT
Subject: CN=15C959F98E520F6F6E30B52D47821051165DB7B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:5e:03:81:af:bb:4d:3e:4d:9d:47:3a:15:
bc:e8:ba:d6:56:b7:57:8f:8f:0a:f1:54:6b:53:16:
24:5b:d1:e0:fc:74:b7:0a:c2:44:dd:bd:1e:aa:09:
fd:de:ea:2e:ab:1b:52:87:ca:ea:39:55:8c:65:33:
e8:7b:da:87:70:88:b3:5b:86:42:13:c3:f6:3a:94:
8c:b7:8b:ed:1c:2e:06:1e:eb:ea:b9:52:f4:36:d9:
67:10:b5:56:0b:fa:48:d3:8d:ba:61:b2:41:4c:ef:
d9:65:52:3e:8a:02:11:75:f3:95:b4:8d:1d:91:f1:
0e:22:7f:12:f4:3d:ff:4c:b1:06:b9:bf:b9:83:05:
c0:b9:21:5b:2f:d7:73:6b:db:9a:63:fc:91:0e:72:
00:3c:b6:ff:cd:95:74:4b:02:93:63:c7:c2:94:32:
66:35:9a:72:28:68:f1:39:2b:9d:1d:eb:d8:76:43:
f0:5f:0b:9b:c6:9a:e1:d3:08:97:33:47:fe:a5:3b:
43:8c:3c:61:71:01:b2:f6:4a:43:17:c9:ef:48:9d:
26:a9:31:7f:79:26:1d:d5:b7:33:b1:76:86:2e:48:
b9:2d:f0:3b:1c:6f:57:f1:6e:a6:28:62:8c:b3:4a:
7a:45:8d:32:45:bf:2a:6c:c2:e9:85:4a:91:8e:ad:
ec:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C9:59:F9:8E:52:0F:6F:6E:30:B5:2D:47:82:10:51:16:5D:B7:B5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.192.0/24
91.124.199.0/24
91.124.209.0/24
92.113.13.0/24
92.113.67.0/24
92.113.74.0/24
92.113.77.0/24
92.113.80.0/24
95.134.149.0/24
95.135.58.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6c:54:0b:a7:0a:cc:31:45:f5:c5:7a:23:80:a4:c2:d9:f4:
95:e3:55:07:c7:d3:69:c4:f2:a0:93:e9:e4:4f:91:72:5a:b3:
38:5b:03:a5:12:54:91:cc:a9:b4:8e:9b:1d:8a:04:41:1b:42:
76:b3:34:2f:f1:86:a9:32:9e:4d:6a:13:c3:41:3e:42:b7:0f:
93:0b:e9:c5:5b:38:ab:20:f3:46:7f:c2:93:29:c6:bb:48:04:
e2:79:39:d0:23:31:16:03:78:75:5e:2d:b5:00:df:83:f5:1e:
84:f2:76:60:60:51:38:8c:1d:68:98:25:99:19:8e:21:bb:c2:
25:4e:98:90:5d:b6:ce:61:5c:9b:56:23:82:92:b1:b5:c8:ad:
f4:42:25:ee:95:66:24:22:56:77:73:9d:14:31:8a:42:08:cc:
28:b7:a8:52:a6:01:a4:a0:1d:ca:32:cb:c3:cf:e8:1e:a7:64:
d5:a0:e9:e4:c9:ed:ff:ea:ee:95:d2:7a:42:5a:e6:6b:3c:5a:
67:b4:b1:aa:58:99:c3:2e:fc:c2:9b:fa:3f:16:b1:e9:6e:c9:
25:98:de:58:41:0e:e8:a5:b3:1b:07:00:a0:1f:d5:f8:83:6e:
da:15:b1:27:26:15:f2:83:d8:a2:55:9d:c0:b9:9d:5f:0c:d7:
57:9c:d3:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJWz/fVuhRN2ek7dCxqss8+mwlmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MDMxMDI0MjNaFw0yNjA2MDIxMDI5MjNaMDMxMTAvBgNV
BAMTKDE1Qzk1OUY5OEU1MjBGNkY2RTMwQjUyRDQ3ODIxMDUxMTY1REI3QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbf14Dga+7TT5NnUc6FbzoutZW
t1ePjwrxVGtTFiRb0eD8dLcKwkTdvR6qCf3e6i6rG1KHyuo5VYxlM+h72odwiLNb
hkITw/Y6lIy3i+0cLgYe6+q5UvQ22WcQtVYL+kjTjbphskFM79llUj6KAhF185W0
jR2R8Q4ifxL0Pf9MsQa5v7mDBcC5IVsv13Nr25pj/JEOcgA8tv/NlXRLApNjx8KU
MmY1mnIoaPE5K50d69h2Q/BfC5vGmuHTCJczR/6lO0OMPGFxAbL2SkMXye9InSap
MX95Jh3VtzOxdoYuSLkt8Dscb1fxbqYoYoyzSnpFjTJFvypswumFSpGOrez9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFclZ+Y5SD29uMLUtR4IQURZdt7UwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBABbfMAD
BABbfMcDBABbfNEDBABccQ0DBABccUMDBABccUoDBABccU0DBABccVADBABfhpUD
BABfhzowDQYJKoZIhvcNAQELBQADggEBAJNsVAunCswxRfXFeiOApMLZ9JXjVQfH
02nE8qCT6eRPkXJaszhbA6USVJHMqbSOmx2KBEEbQnazNC/xhqkynk1qE8NBPkK3
D5ML6cVbOKsg80Z/wpMpxrtIBOJ5OdAjMRYDeHVeLbUA34P1HoTydmBgUTiMHWiY
JZkZjiG7wiVOmJBdts5hXJtWI4KSsbXIrfRCJe6VZiQiVndznRQxikIIzCi3qFKm
AaSgHcoyy8PP6B6nZNWg6eTJ7f/q7pXSekJa5ms8Wme0sapYmcMu/MKb+j8Wselu
ySWY3lhBDuilsxsHAKAf1fiDbtoVsScmFfKD2KJVncC5nV8M11ec064=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:52 2025 by rpki-client