Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: gjC9lKvgN9LR5SGDdNwNVMeVxHjH8toFhd925zmKFuU=
Subject key identifier: 3C:77:CA:58:38:E7:93:6C:FB:47:8C:AA:1C:E6:A8:2C:E4:F8:DE:D6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3E38559D714E229E8352FCBF6595DB9F09ED8534
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Mon 25 Nov 2024 07:53:20 +0000
ROA not before: Mon 25 Nov 2024 07:48:20 +0000
ROA not after: Mon 24 Nov 2025 07:53:20 +0000
asID: 16509
IP address blocks: 46.203.168.0/21 maxlen: 24
46.203.176.0/21 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:38:55:9d:71:4e:22:9e:83:52:fc:bf:65:95:db:9f:09:ed:85:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 25 07:48:20 2024 GMT
Not After : Nov 24 07:53:20 2025 GMT
Subject: CN=3C77CA5838E7936CFB478CAA1CE6A82CE4F8DED6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ed:ec:50:2d:8d:26:72:d8:8d:3b:1a:9b:e4:
bb:fd:10:f4:dd:8e:59:7e:74:ce:9c:c8:a4:7d:28:
79:b7:90:81:91:dd:97:77:b5:95:c7:c2:fb:d9:d7:
76:4e:04:cf:60:5e:15:1e:79:00:17:4f:ab:70:10:
05:98:c1:e2:be:ee:61:65:be:17:8d:dc:9d:35:fe:
12:14:3b:dc:fe:23:b3:54:30:d3:80:0b:1c:be:c6:
70:ba:dc:7e:e5:a7:37:e3:41:ba:e2:6a:d7:57:14:
90:e8:69:3e:68:74:1f:c6:f6:1c:f0:1a:b2:ca:a8:
b7:97:42:19:5d:b4:6e:89:ca:62:45:9c:6d:1a:12:
ec:06:83:22:b8:bc:75:83:5d:f7:ad:46:e6:4d:13:
3b:b9:00:4c:ec:8f:f4:ab:d3:8a:d2:0d:3d:37:5e:
10:b9:15:23:e9:e7:8d:ed:82:9d:b2:4b:18:1e:b5:
f8:5e:e7:0e:7c:64:33:49:a2:1f:c7:61:dc:e4:5d:
8c:ee:e6:d1:70:7c:8a:38:6e:c5:5e:dc:b7:ba:67:
a9:71:78:b6:95:30:1d:f9:59:81:28:ec:f6:be:63:
14:d5:93:a2:b8:eb:47:f1:33:7e:7b:a5:fb:49:06:
99:94:e2:44:eb:dc:01:9c:11:30:dc:6f:2e:35:32:
7d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:77:CA:58:38:E7:93:6C:FB:47:8C:AA:1C:E6:A8:2C:E4:F8:DE:D6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.168.0-46.203.183.255
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
Signature Algorithm: sha256WithRSAEncryption
9f:c8:e7:54:d8:45:99:79:19:6b:34:23:aa:2a:d0:ce:17:54:
ef:f8:77:d4:e9:dd:06:33:e6:c1:53:0a:d4:07:af:7f:20:f9:
b0:20:f7:c8:ec:7c:d1:bc:ef:dd:b1:da:03:5a:63:ac:0d:e1:
a7:ac:62:cf:eb:86:61:d0:58:f6:ca:7f:80:b0:40:51:19:f6:
70:0b:61:b7:df:3c:1e:9e:14:8f:77:a3:68:d5:bd:0e:b5:07:
f7:c0:23:5f:33:4c:76:e8:09:a2:ea:d5:1e:a4:7e:4d:27:a6:
d4:83:0d:43:74:fc:ba:e9:98:12:1d:49:b5:c5:c3:44:b3:bd:
5e:23:fe:74:fd:e9:62:5f:59:fd:b4:bd:d6:10:f5:da:14:ca:
62:bb:53:71:61:a6:04:74:d8:48:8f:b4:d0:1f:f2:ec:61:19:
5a:e0:01:37:66:fa:98:72:0f:eb:0f:9b:3b:04:c0:c1:cf:f2:
f8:e5:20:f9:dd:79:2d:db:58:f4:c1:4a:a5:29:1e:bd:c5:55:
d6:1a:99:82:75:0a:74:b7:21:5f:89:19:c6:57:de:6c:dd:03:
70:1b:77:c1:b5:67:b2:c2:75:27:94:45:69:35:61:13:38:73:
4a:75:94:b9:c2:ac:23:54:3a:ef:53:e0:09:12:7b:18:58:50:
82:04:01:3b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUPjhVnXFOIp6DUvy/ZZXbnwnthTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMjUwNzQ4MjBaFw0yNTExMjQwNzUzMjBaMDMxMTAvBgNV
BAMTKDNDNzdDQTU4MzhFNzkzNkNGQjQ3OENBQTFDRTZBODJDRTRGOERFRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW7exQLY0mctiNOxqb5Lv9EPTd
jll+dM6cyKR9KHm3kIGR3Zd3tZXHwvvZ13ZOBM9gXhUeeQAXT6twEAWYweK+7mFl
vheN3J01/hIUO9z+I7NUMNOACxy+xnC63H7lpzfjQbriatdXFJDoaT5odB/G9hzw
GrLKqLeXQhldtG6JymJFnG0aEuwGgyK4vHWDXfetRuZNEzu5AEzsj/Sr04rSDT03
XhC5FSPp543tgp2ySxgetfhe5w58ZDNJoh/HYdzkXYzu5tFwfIo4bsVe3Le6Z6lx
eLaVMB35WYEo7Pa+YxTVk6K460fxM357pftJBpmU4kTr3AGcETDcby41Mn05AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUPHfKWDjnk2z7R4yqHOaoLOT43tYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXwYIKwYBBQUHAQcBAf8EUDBOMEwEAgABMEYwDAMEAy7L
qAMEAy7LsAMEAFt8gwMEAFt8hQMEAFt82QMEAFxwMwMEAFxwPQMEAFxwPwMEAVxw
SjAMAwQAXHExAwQBXHE0MA0GCSqGSIb3DQEBCwUAA4IBAQCfyOdU2EWZeRlrNCOq
KtDOF1Tv+HfU6d0GM+bBUwrUB69/IPmwIPfI7HzRvO/dsdoDWmOsDeGnrGLP64Zh
0Fj2yn+AsEBRGfZwC2G33zwenhSPd6No1b0OtQf3wCNfM0x26Ami6tUepH5NJ6bU
gw1DdPy66ZgSHUm1xcNEs71eI/50/eliX1n9tL3WEPXaFMpiu1NxYaYEdNhIj7TQ
H/LsYRla4AE3ZvqYcg/rD5s7BMDBz/L45SD53Xkt21j0wUqlKR69xVXWGpmCdQp0
tyFfiRnGV95s3QNwG3fBtWeywnUnlEVpNWETOHNKdZS5wqwjVDrvU+AJEnsYWFCC
BAE7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:55 2025 by rpki-client