Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: CRoRlgEaoig1kcDu9FAbj6Z2hslnJkNjsk2iRwhvevE=
Subject key identifier: 29:05:E1:FC:66:DF:EC:CC:10:50:89:69:76:50:FC:A5:8C:30:BE:68
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 57D6A6874903BC8F83511E8CA7F0660B75213F81
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Sun 01 Mar 2026 00:15:17 +0000
ROA not before: Sun 01 Mar 2026 00:10:17 +0000
ROA not after: Sun 28 Feb 2027 00:15:17 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
147.79.31.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
155.117.5.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
155.117.233.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
168.222.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:d6:a6:87:49:03:bc:8f:83:51:1e:8c:a7:f0:66:0b:75:21:3f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 00:10:17 2026 GMT
Not After : Feb 28 00:15:17 2027 GMT
Subject: CN=2905E1FC66DFECCC105089697650FCA58C30BE68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:ec:cc:b7:34:41:5c:40:35:74:0a:4b:e5:
ea:5d:08:ab:95:c9:5e:0b:0a:37:34:2e:3d:64:ee:
ba:e8:e7:33:42:d1:77:14:8c:01:ea:94:4a:4e:ea:
cc:7e:27:ae:5f:a9:42:da:80:93:c9:aa:17:65:2e:
35:5e:68:03:f0:16:ac:e8:e7:dc:af:c6:fc:7a:26:
2b:fc:1f:95:ff:f3:b6:7d:6e:16:b5:e2:e9:ec:f4:
6a:bb:7f:2b:bc:29:2d:be:72:93:7d:6a:a4:e8:86:
ea:68:29:54:87:11:b1:d6:59:d2:1f:83:71:37:0d:
96:e4:3a:b3:81:32:42:37:64:cb:46:0e:b0:79:e1:
a3:c8:e7:4f:3a:4e:db:0f:17:81:3b:3f:9d:3a:e6:
88:a8:70:c9:7e:53:f3:54:5b:29:b1:d4:3e:45:f6:
8c:ba:58:f2:c8:38:95:0f:b2:b2:19:ab:e1:f8:1d:
16:43:1b:55:f5:72:6a:7c:1f:8b:ab:94:7a:5a:9e:
b2:12:20:2b:31:99:9e:57:24:91:2c:ac:af:44:fb:
6a:93:01:20:e8:ec:1a:20:81:5e:53:c0:af:1d:64:
15:d8:0f:7f:8a:af:2c:fd:10:c8:ac:d6:54:1d:4b:
9b:c3:f9:0d:3e:12:a8:0f:08:42:02:cb:ab:86:9b:
f1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:E1:FC:66:DF:EC:CC:10:50:89:69:76:50:FC:A5:8C:30:BE:68
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.231.0/24
146.103.10.0/24
147.79.31.0/24
148.135.192.0/24
155.117.5.0/24
155.117.212.0/23
155.117.233.0-155.117.234.255
162.141.71.0/24
167.148.125.0/24
167.148.193.0/24
168.222.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e2:bc:a2:e2:4a:29:ef:9a:e7:7e:a8:cc:c1:93:0c:c2:b7:
6f:0a:bb:27:39:36:98:9d:6d:29:29:46:44:50:37:7c:58:98:
cb:7a:a3:af:1a:0a:21:a1:3c:75:96:0b:07:db:17:f7:75:0b:
56:aa:29:21:36:5c:93:61:ef:87:fb:30:63:7d:10:25:01:a7:
23:5c:b5:5b:ea:7f:3e:6c:9e:0c:22:87:1d:f7:9b:6c:fd:38:
f1:b7:af:c3:ea:e9:de:7a:fb:ec:27:7b:3f:d8:c5:70:f0:19:
fd:e1:54:8d:5c:e2:84:0d:12:36:f5:65:03:56:0a:7a:fc:73:
d3:d1:c9:de:02:29:a6:7f:73:9b:b2:4d:14:b4:f6:27:be:40:
ee:83:11:18:91:d1:eb:ad:9d:7b:b8:64:53:6b:9b:c8:6b:18:
0d:e8:b5:71:cf:ef:ac:65:0b:4e:5d:8e:df:c3:10:0a:04:08:
8e:47:36:10:83:de:09:2d:60:76:7a:f7:7b:ba:4c:2b:f4:74:
f8:e3:10:15:e1:ff:f5:a7:6b:a5:f6:46:4a:7d:bb:72:39:ff:
ec:30:11:18:2b:ff:db:99:d2:f7:24:31:a0:1d:5a:3c:8d:8d:
c5:bf:cc:78:7d:ec:c6:f0:5f:01:2b:82:b2:f0:48:cd:65:b5:
b6:0b:98:64
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUV9amh0kDvI+DUR6Mp/BmC3UhP4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEwMDEwMTdaFw0yNzAyMjgwMDE1MTdaMDMxMTAvBgNV
BAMTKDI5MDVFMUZDNjZERkVDQ0MxMDUwODk2OTc2NTBGQ0E1OEMzMEJFNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGdOzMtzRBXEA1dApL5epdCKuV
yV4LCjc0Lj1k7rro5zNC0XcUjAHqlEpO6sx+J65fqULagJPJqhdlLjVeaAPwFqzo
59yvxvx6Jiv8H5X/87Z9bha14uns9Gq7fyu8KS2+cpN9aqTohupoKVSHEbHWWdIf
g3E3DZbkOrOBMkI3ZMtGDrB54aPI5086TtsPF4E7P5065oiocMl+U/NUWymx1D5F
9oy6WPLIOJUPsrIZq+H4HRZDG1X1cmp8H4urlHpanrISICsxmZ5XJJEsrK9E+2qT
ASDo7BoggV5TwK8dZBXYD3+Kryz9EMis1lQdS5vD+Q0+EqgPCEICy6uGm/EHAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUKQXh/Gbf7MwQUIlpdlD8pYwwvmgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBABgPmkD
BACPDucDBACSZwoDBACTTx8DBACUh8ADBACbdQUDBAGbddQwDAMEAJt16QMEAJt1
6gMEAKKNRwMEAKeUfQMEAKeUwQMEAKjeMTANBgkqhkiG9w0BAQsFAAOCAQEAS+K8
ouJKKe+a536ozMGTDMK3bwq7Jzk2mJ1tKSlGRFA3fFiYy3qjrxoKIaE8dZYLB9sX
93ULVqopITZck2Hvh/swY30QJQGnI1y1W+p/PmyeDCKHHfebbP048bevw+rp3nr7
7Cd7P9jFcPAZ/eFUjVzihA0SNvVlA1YKevxz09HJ3gIppn9zm7JNFLT2J75A7oMR
GJHR662de7hkU2ubyGsYDei1cc/vrGULTl2O38MQCgQIjkc2EIPeCS1gdnr3e7pM
K/R0+OMQFeH/9adrpfZGSn27cjn/7DARGCv/25nS9yQxoB1aPI2Nxb/MeH3sxvBf
ASuCsvBIzWW1tguYZA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:06 2026 by rpki-client