Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: ZidDwH34K8KEW3BgHkyttV6XDP+v0KlDBfK8w4829Kg=
Subject key identifier: 45:77:0F:F8:EC:5D:81:EC:1D:08:A4:F3:AD:18:F0:E2:5C:52:D6:1E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 69FD7E8166D878F8918643D3DB4BCC5E67FE5120
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
Signing time: Wed 05 Feb 2025 13:30:24 +0000
ROA not before: Wed 05 Feb 2025 13:25:24 +0000
ROA not after: Wed 04 Feb 2026 13:30:24 +0000
asID: 16276
IP address blocks: 91.124.199.0/24 maxlen: 24
91.124.207.0/24 maxlen: 24
91.124.209.0/24 maxlen: 24
92.113.13.0/24 maxlen: 24
92.113.67.0/24 maxlen: 24
92.113.74.0/24 maxlen: 24
92.113.77.0/24 maxlen: 24
92.113.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:fd:7e:81:66:d8:78:f8:91:86:43:d3:db:4b:cc:5e:67:fe:51:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 5 13:25:24 2025 GMT
Not After : Feb 4 13:30:24 2026 GMT
Subject: CN=45770FF8EC5D81EC1D08A4F3AD18F0E25C52D61E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:86:e2:a0:f8:56:bf:2a:64:b9:0c:f1:e5:0f:
f0:80:0a:db:a1:7c:42:e1:48:e3:07:cb:6f:c8:b9:
fb:73:99:be:42:53:8c:a4:08:05:89:c6:0e:59:3f:
be:51:17:e0:d6:48:bc:ff:0a:31:1a:df:46:48:a0:
36:ae:3f:dc:a7:41:13:b1:53:b9:29:ae:2e:ff:9b:
56:c8:e2:95:aa:ed:80:bc:d0:da:a4:7b:a9:ad:28:
fd:48:4d:37:9e:2b:bf:db:16:bc:6a:c3:29:ea:6d:
65:c8:10:f3:46:5c:9d:1f:d7:e3:48:f4:fe:fa:fd:
34:97:01:ac:4e:00:be:97:14:93:9d:d3:be:27:53:
7d:45:2b:7e:f1:79:c5:34:1c:a1:ed:f9:28:f2:e6:
d7:6d:fc:bf:57:cf:67:2b:47:bc:fe:54:52:5b:40:
56:7c:69:b1:81:4b:b6:2a:ed:75:74:93:b1:89:04:
fa:0c:6c:67:bd:b7:ec:3f:06:40:16:b8:3a:9f:d5:
1d:fd:b1:e9:de:47:0f:04:79:86:85:c5:b7:68:c7:
54:4e:53:d8:14:f1:f2:14:8e:f5:b5:6d:95:e1:9d:
c6:06:d7:10:81:52:f3:e9:8d:24:36:85:d7:5b:a5:
e7:74:f4:55:99:27:9b:3d:2a:66:76:dc:22:b5:00:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:77:0F:F8:EC:5D:81:EC:1D:08:A4:F3:AD:18:F0:E2:5C:52:D6:1E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.199.0/24
91.124.207.0/24
91.124.209.0/24
92.113.13.0/24
92.113.67.0/24
92.113.74.0/24
92.113.77.0/24
92.113.80.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b5:fd:b1:bf:0a:de:89:ec:49:61:8b:e4:1e:c2:e9:2d:ca:
c3:06:12:5e:99:18:62:85:05:c2:de:ee:78:39:e3:9f:01:97:
7b:b6:b1:33:f3:38:cf:e7:c4:c0:d1:a4:1f:d2:df:a8:7d:bb:
31:c2:09:75:67:0d:a7:9f:dd:3c:08:f6:45:e3:c6:b5:37:79:
31:bc:3c:64:90:5f:f7:c8:e5:a0:a0:a5:12:a2:4f:d5:7c:f4:
03:a2:89:45:99:85:cd:75:31:99:cb:11:00:bc:df:bb:82:74:
60:04:63:36:19:e3:9e:93:80:a7:c8:4b:97:a4:ce:13:38:1d:
e4:b4:c0:9b:17:7f:f3:a7:68:a5:79:85:98:46:9b:69:bf:53:
9b:99:f7:d5:61:9f:05:01:70:33:35:2c:48:fe:10:0d:ab:10:
27:62:fd:64:d8:33:68:54:69:7d:da:80:f2:73:24:9f:1f:15:
46:84:db:10:50:13:46:38:d7:1a:2f:66:c8:24:61:f4:62:d1:
dc:f2:99:fa:a6:d5:28:e4:a6:d4:c3:95:8a:fa:8b:fe:3e:bc:
3a:4a:c8:b1:3f:5b:a6:af:b6:f3:84:0e:59:76:e3:81:cf:ed:
94:fe:50:c0:21:86:9d:e5:39:80:86:2c:c1:48:7b:20:d2:f9:
1c:8a:23:29
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUaf1+gWbYePiRhkPT20vMXmf+USAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMDUxMzI1MjRaFw0yNjAyMDQxMzMwMjRaMDMxMTAvBgNV
BAMTKDQ1NzcwRkY4RUM1RDgxRUMxRDA4QTRGM0FEMThGMEUyNUM1MkQ2MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxhuKg+Fa/KmS5DPHlD/CACtuh
fELhSOMHy2/Iuftzmb5CU4ykCAWJxg5ZP75RF+DWSLz/CjEa30ZIoDauP9ynQROx
U7kpri7/m1bI4pWq7YC80Nqke6mtKP1ITTeeK7/bFrxqwynqbWXIEPNGXJ0f1+NI
9P76/TSXAaxOAL6XFJOd074nU31FK37xecU0HKHt+Sjy5tdt/L9Xz2crR7z+VFJb
QFZ8abGBS7Yq7XV0k7GJBPoMbGe9t+w/BkAWuDqf1R39seneRw8EeYaFxbdox1RO
U9gU8fIUjvW1bZXhncYG1xCBUvPpjSQ2hddbped09FWZJ5s9KmZ23CK1ABeBAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQURXcP+OxdgewdCKTzrRjw4lxS1h4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABbfMcD
BABbfM8DBABbfNEDBABccQ0DBABccUMDBABccUoDBABccU0DBABccVAwDQYJKoZI
hvcNAQELBQADggEBAKK1/bG/Ct6J7Elhi+QewuktysMGEl6ZGGKFBcLe7ng5458B
l3u2sTPzOM/nxMDRpB/S36h9uzHCCXVnDaef3TwI9kXjxrU3eTG8PGSQX/fI5aCg
pRKiT9V89AOiiUWZhc11MZnLEQC837uCdGAEYzYZ456TgKfIS5ekzhM4HeS0wJsX
f/OnaKV5hZhGm2m/U5uZ99VhnwUBcDM1LEj+EA2rECdi/WTYM2hUaX3agPJzJJ8f
FUaE2xBQE0Y41xovZsgkYfRi0dzymfqm1SjkptTDlYr6i/4+vDpKyLE/W6avtvOE
Dll244HP7ZT+UMAhhp3lOYCGLMFIeyDS+RyKIyk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:48:35 2025 by rpki-client