Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: QK9qaAtMcO80SDGwr2q5VbV8bDsRNvLI7CQlIvLoMW4=
Subject key identifier: D8:9B:B3:74:37:19:F1:03:CA:05:4A:B9:34:D7:2B:52:A5:D0:9E:95
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0F928650CB15B17F05C643FC34B5B8CDC4E358C5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Mon 08 Sep 2025 08:33:25 +0000
ROA not before: Mon 08 Sep 2025 08:28:25 +0000
ROA not after: Mon 07 Sep 2026 08:33:25 +0000
asID: 16509
IP address blocks: 91.124.34.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
92.113.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:92:86:50:cb:15:b1:7f:05:c6:43:fc:34:b5:b8:cd:c4:e3:58:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Sep 8 08:28:25 2025 GMT
Not After : Sep 7 08:33:25 2026 GMT
Subject: CN=D89BB3743719F103CA054AB934D72B52A5D09E95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:84:12:83:18:df:62:57:be:b3:7b:e2:ac:8c:
4e:b3:db:97:c6:1e:09:14:52:0f:17:fe:5e:60:f0:
d0:d2:7c:df:02:93:08:25:2a:6e:ec:4c:a9:f9:cc:
eb:6f:bd:c3:53:9a:36:e9:8e:c2:9c:2d:75:8b:c4:
2a:aa:b5:d3:e8:be:d7:5f:6d:41:15:e2:6a:2b:1c:
22:7e:97:65:dc:a7:ae:28:95:4e:72:a8:53:bd:c9:
83:ad:d4:c8:7d:a3:38:49:39:57:2d:8e:03:02:94:
be:fc:ba:93:0f:60:a2:4f:3d:0a:a2:99:4e:49:f7:
f3:78:2d:12:db:a7:90:09:6f:f3:14:2b:5f:f1:9c:
5c:be:4d:05:a7:0b:7e:c8:5c:32:43:85:10:02:c4:
21:ba:9f:5a:0b:b8:2a:8b:27:7f:9a:c6:8c:7c:5e:
81:a3:36:b2:43:35:b5:b8:d1:27:1c:f3:5e:79:43:
42:76:a2:df:b2:71:93:27:70:f1:ef:f6:f2:06:a9:
06:fe:96:c3:10:ef:55:d0:a4:c0:3e:53:e8:f1:ca:
d7:bc:f0:c3:0e:c2:10:44:0d:e7:37:d6:d7:d3:90:
10:2d:ec:f7:ce:88:47:ac:eb:93:3a:08:d1:58:9b:
f4:02:08:24:b6:0d:a5:ad:3e:04:91:d0:9e:ef:ac:
e0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:9B:B3:74:37:19:F1:03:CA:05:4A:B9:34:D7:2B:52:A5:D0:9E:95
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.34.0/24
91.124.38.0/24
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.58.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
92.113.100.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2a:9c:73:4c:bc:a2:f4:f8:5b:c6:f3:59:7e:4a:8b:cf:b7:
21:bc:ce:ad:be:d4:d9:65:b0:dd:c2:fc:78:96:c3:64:55:f9:
aa:94:f3:30:cd:c7:28:44:0e:94:5f:0b:84:84:16:55:c9:e4:
3c:8c:1d:f9:9e:c8:ac:9c:20:b3:2a:6d:ea:db:47:a5:f2:c3:
c3:4e:4b:96:b0:a1:94:23:86:81:61:31:ef:99:07:0a:18:81:
15:c8:89:95:ec:32:2c:45:7f:c1:fa:56:48:59:70:aa:92:b8:
be:92:77:d5:b9:8c:c5:61:25:ce:a5:87:db:2e:37:08:3c:14:
9a:7d:64:c3:d7:6f:5d:41:04:c4:57:bc:38:a4:26:c6:f9:90:
ec:a4:fa:7c:98:40:5c:22:65:14:0a:2f:1b:b7:8f:26:cb:4f:
0d:e5:79:ee:15:92:bd:27:6a:ab:7b:76:8a:4b:ff:95:3a:46:
a1:5a:de:e5:d8:b7:ef:2f:89:ea:81:91:2f:07:f5:6e:9c:2e:
d2:94:69:2e:47:5d:10:bc:41:34:c3:85:af:25:6b:1e:6a:7d:
85:bf:24:54:e8:e4:fd:ca:03:6c:af:a6:70:5b:5b:d7:5e:d7:
24:bc:85:d8:79:73:4f:c4:e1:0b:88:2f:84:51:d9:e6:95:79:
8b:45:2f:b1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUD5KGUMsVsX8FxkP8NLW4zcTjWMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MDgwODI4MjVaFw0yNjA5MDcwODMzMjVaMDMxMTAvBgNV
BAMTKEQ4OUJCMzc0MzcxOUYxMDNDQTA1NEFCOTM0RDcyQjUyQTVEMDlFOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAhBKDGN9iV76ze+KsjE6z25fG
HgkUUg8X/l5g8NDSfN8CkwglKm7sTKn5zOtvvcNTmjbpjsKcLXWLxCqqtdPovtdf
bUEV4morHCJ+l2Xcp64olU5yqFO9yYOt1Mh9ozhJOVctjgMClL78upMPYKJPPQqi
mU5J9/N4LRLbp5AJb/MUK1/xnFy+TQWnC37IXDJDhRACxCG6n1oLuCqLJ3+axox8
XoGjNrJDNbW40Scc8155Q0J2ot+ycZMncPHv9vIGqQb+lsMQ71XQpMA+U+jxyte8
8MMOwhBEDec31tfTkBAt7PfOiEes65M6CNFYm/QCCCS2DaWtPgSR0J7vrODHAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU2JuzdDcZ8QPKBUq5NNcrUqXQnpUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBABbfCID
BABbfCYDBABbfIMDBABbfIUDBABbfNkDBABccDMDBABccDoDBABccD0DBABccD8D
BAFccEowDAMEAFxxMQMEAVxxNAMEAFxxZDANBgkqhkiG9w0BAQsFAAOCAQEAbCqc
c0y8ovT4W8bzWX5Ki8+3IbzOrb7U2WWw3cL8eJbDZFX5qpTzMM3HKEQOlF8LhIQW
VcnkPIwd+Z7IrJwgsypt6ttHpfLDw05LlrChlCOGgWEx75kHChiBFciJlewyLEV/
wfpWSFlwqpK4vpJ31bmMxWElzqWH2y43CDwUmn1kw9dvXUEExFe8OKQmxvmQ7KT6
fJhAXCJlFAovG7ePJstPDeV57hWSvSdqq3t2ikv/lTpGoVre5di37y+J6oGRLwf1
bpwu0pRpLkddELxBNMOFryVrHmp9hb8kVOjk/coDbK+mcFtb117XJLyF2HlzT8Th
C4gvhFHZ5pV5i0UvsQ==
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:35:06 2025 by rpki-client