Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: u0topUBAjNwsY2dw0gioeh2IjHpVIPEKbUXKLYQ1uw0=
Subject key identifier: 9C:C2:DF:30:EB:22:A4:C6:8B:80:0D:43:E9:FF:B5:43:E1:98:A0:5F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 03F00F0A8FA1782696153923B9542DDC9B046067
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Fri 26 Jun 2026 12:46:30 +0000
ROA not before: Fri 26 Jun 2026 12:41:30 +0000
ROA not after: Fri 25 Jun 2027 12:46:30 +0000
asID: 16509
IP address blocks: 91.124.28.0/24 maxlen: 24
91.124.34.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
92.113.100.0/24 maxlen: 24
95.135.160.0/24 maxlen: 24
95.135.166.0/24 maxlen: 24
95.135.202.0/24 maxlen: 24
178.92.101.0/24 maxlen: 24
178.94.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 21:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:f0:0f:0a:8f:a1:78:26:96:15:39:23:b9:54:2d:dc:9b:04:60:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 26 12:41:30 2026 GMT
Not After : Jun 25 12:46:30 2027 GMT
Subject: CN=9CC2DF30EB22A4C68B800D43E9FFB543E198A05F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:99:e9:1b:92:58:97:94:2f:51:84:6f:4f:
95:e7:91:f7:07:c3:02:39:d3:2d:4e:ec:b4:6f:92:
5f:5b:5e:1b:09:8b:1d:c0:4c:55:b1:32:0f:3f:73:
42:a8:22:25:ca:c1:39:47:a7:14:c4:26:05:6f:21:
32:86:47:7e:3d:56:db:a9:36:4c:03:a9:11:2c:ce:
93:16:01:78:93:b9:31:33:c0:b8:ea:e9:6e:55:3d:
f4:67:43:82:c8:b7:b6:6f:af:90:75:10:2b:fe:89:
f0:cf:5c:2a:03:c4:e5:6c:70:8e:59:5e:e1:79:d0:
cc:c3:91:ef:d5:b3:26:9f:fb:8c:82:1d:14:45:cc:
98:1b:c2:87:c1:3a:9e:aa:e8:95:ad:fd:b2:aa:25:
f3:63:e1:e2:90:10:28:be:6e:f8:65:ce:b0:38:86:
b6:d5:f2:e4:0e:5b:72:ee:62:65:ed:5c:ec:40:1f:
70:65:ec:15:b6:ba:ed:50:16:e6:ac:28:aa:f0:27:
bd:df:9b:d0:07:a8:65:b0:a0:87:24:5c:2b:dd:9f:
90:36:b9:c0:e7:86:d3:38:6f:9a:81:1b:70:02:65:
15:3e:a6:ec:4a:1d:a0:06:61:54:ec:e1:6c:96:f7:
e7:76:f3:49:87:96:83:fb:4d:cc:56:e2:2c:3a:cd:
e0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C2:DF:30:EB:22:A4:C6:8B:80:0D:43:E9:FF:B5:43:E1:98:A0:5F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.28.0/24
91.124.34.0/24
91.124.38.0/24
91.124.42.0/24
91.124.122.0/24
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.58.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
92.113.100.0/24
95.135.160.0/24
95.135.166.0/24
95.135.202.0/24
178.92.101.0/24
178.94.192.0/24
Signature Algorithm: sha256WithRSAEncryption
96:4f:b8:82:e0:8c:3e:56:b3:31:07:b9:dc:0d:6f:d1:38:a4:
03:4a:5e:c3:35:a7:8c:64:e1:54:10:c3:65:4e:e2:50:b1:ce:
cd:0b:36:37:19:bf:a6:fc:3e:df:8f:22:6d:80:20:39:6b:77:
16:1b:5b:61:d2:9c:a0:0c:e5:98:08:d3:02:db:c2:36:e5:db:
bc:92:ce:b0:fd:14:d6:2c:af:03:43:16:8b:88:c4:52:dc:8f:
ec:08:81:00:d7:c7:d2:f2:d6:37:37:fd:dc:ea:5d:81:64:37:
14:4f:5f:75:96:e0:ee:c9:1d:06:61:12:5d:e4:b5:af:fa:31:
1c:97:79:e0:3a:87:9a:75:56:2f:14:e4:f3:52:99:11:7e:db:
e0:69:ed:5f:ad:d3:20:89:e7:1c:47:80:ae:2b:94:96:ea:53:
53:70:82:09:88:6a:f8:52:b6:d5:a2:3d:e4:5b:4e:d3:43:a4:
9c:d1:94:60:0a:3f:82:5e:9b:2d:75:2a:4d:7d:19:21:78:8c:
82:69:1f:0f:3c:e7:1a:da:5b:83:86:53:bb:53:7a:73:73:d0:
ae:b1:e3:d5:5f:9c:1a:70:13:31:1c:9c:a0:37:5a:57:55:14:
84:79:e4:99:37:b1:b0:8c:16:2c:65:4c:47:19:39:4a:ad:a6:
37:e5:6f:9d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIUA/APCo+heCaWFTkjuVQt3JsEYGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MjYxMjQxMzBaFw0yNzA2MjUxMjQ2MzBaMDMxMTAvBgNV
BAMTKDlDQzJERjMwRUIyMkE0QzY4QjgwMEQ0M0U5RkZCNTQzRTE5OEEwNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh3pnpG5JYl5QvUYRvT5XnkfcH
wwI50y1O7LRvkl9bXhsJix3ATFWxMg8/c0KoIiXKwTlHpxTEJgVvITKGR349Vtup
NkwDqREszpMWAXiTuTEzwLjq6W5VPfRnQ4LIt7Zvr5B1ECv+ifDPXCoDxOVscI5Z
XuF50MzDke/Vsyaf+4yCHRRFzJgbwofBOp6q6JWt/bKqJfNj4eKQECi+bvhlzrA4
hrbV8uQOW3LuYmXtXOxAH3Bl7BW2uu1QFuasKKrwJ73fm9AHqGWwoIckXCvdn5A2
ucDnhtM4b5qBG3ACZRU+puxKHaAGYVTs4WyW9+d280mHloP7TcxW4iw6zeAFAgMB
AAGjggKIMIIChDAdBgNVHQ4EFgQUnMLfMOsipMaLgA1D6f+1Q+GYoF8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ0GCCsGAQUFBwEHAQH/BIGNMIGKMIGHBAIAATCBgAME
AFt8HAMEAFt8IgMEAFt8JgMEAFt8KgMEAFt8egMEAFt8gwMEAFt8hQMEAFt82QME
AFxwMwMEAFxwOgMEAFxwPQMEAFxwPwMEAVxwSjAMAwQAXHExAwQBXHE0AwQAXHFk
AwQAX4egAwQAX4emAwQAX4fKAwQAslxlAwQAsl7AMA0GCSqGSIb3DQEBCwUAA4IB
AQCWT7iC4Iw+VrMxB7ncDW/ROKQDSl7DNaeMZOFUEMNlTuJQsc7NCzY3Gb+m/D7f
jyJtgCA5a3cWG1th0pygDOWYCNMC28I25du8ks6w/RTWLK8DQxaLiMRS3I/sCIEA
18fS8tY3N/3c6l2BZDcUT191luDuyR0GYRJd5LWv+jEcl3ngOoeadVYvFOTzUpkR
ftvgae1frdMgieccR4CuK5SW6lNTcIIJiGr4UrbVoj3kW07TQ6Sc0ZRgCj+CXpst
dSpNfRkheIyCaR8PPOca2luDhlO7U3pzc9CusePVX5wacBMxHJygN1pXVRSEeeSZ
N7GwjBYsZUxHGTlKraY35W+d
-----END CERTIFICATE-----
Generated at Tue Jun 30 01:21:31 2026 by rpki-client