Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 8v8AQNl4OKs40cgs2pfKT2G/SWoJuf+3OZgbgL+/WNM=
Subject key identifier: 2F:C5:5E:6C:FF:F7:74:24:B9:FC:DF:D5:83:60:DE:E1:3D:A8:44:6D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2A7C7ED14970055813D48D652CD95016E28B0C13
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Sat 01 Nov 2025 00:09:08 +0000
ROA not before: Sat 01 Nov 2025 00:04:08 +0000
ROA not after: Sat 31 Oct 2026 00:09:08 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
140.150.153.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
162.141.71.0/24 maxlen: 24
162.141.104.0/23 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:7c:7e:d1:49:70:05:58:13:d4:8d:65:2c:d9:50:16:e2:8b:0c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 1 00:04:08 2025 GMT
Not After : Oct 31 00:09:08 2026 GMT
Subject: CN=2FC55E6CFFF77424B9FCDFD58360DEE13DA8446D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:e6:56:f1:6f:14:60:0d:09:0c:d9:b1:31:
03:24:3d:10:8b:a1:8b:37:1c:8b:57:26:e5:7a:75:
c0:2b:ab:0c:08:a0:76:c7:c5:33:8f:35:de:79:d4:
0b:23:e2:35:e8:c9:1c:23:21:2c:c9:b7:49:74:89:
f4:8c:67:bd:21:ef:c1:9d:b5:64:dc:b5:c4:be:56:
e0:46:21:45:4b:71:7f:6e:9a:49:b7:8c:a6:55:5a:
b9:da:a4:44:c2:ac:23:6e:27:39:e3:a6:d3:03:5b:
66:69:6c:78:83:10:e5:64:f5:84:5a:5c:41:06:7d:
73:11:84:ab:98:5b:e5:bd:8a:87:a9:00:d4:e8:98:
a4:48:db:68:33:1a:34:91:0f:72:e0:1c:4d:5f:6e:
40:a0:58:26:45:fe:7c:05:c5:54:89:0c:cc:c2:2b:
66:79:08:76:42:6a:05:2d:82:47:8d:74:b4:4e:b8:
1c:0d:2c:d5:6b:5e:92:c7:9b:64:7b:b7:1e:86:cc:
82:c5:a3:9c:18:6f:3b:ac:78:5f:88:a1:4d:d4:f9:
95:99:d0:f9:5d:c7:db:1a:3d:a3:ba:a2:31:20:0f:
4c:70:93:d6:78:e9:d2:fa:a0:ae:08:f1:d2:9c:81:
80:ba:bc:af:54:7c:91:14:0e:39:ce:5f:ae:2e:69:
2d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C5:5E:6C:FF:F7:74:24:B9:FC:DF:D5:83:60:DE:E1:3D:A8:44:6D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
140.150.153.0/24
143.14.59.0/24
143.14.68.0/24
143.14.231.0/24
143.14.252.0/24
146.103.10.0/24
150.241.209.0/24
155.117.212.0/23
162.141.71.0/24
162.141.104.0/23
167.148.125.0/24
167.148.193.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:0a:1a:34:18:11:fd:85:70:e9:92:b3:8c:23:00:a4:16:41:
47:a1:f2:b9:df:22:61:89:64:6b:f0:80:65:97:ed:68:95:04:
7e:79:97:da:72:41:0b:39:bd:54:fa:da:d5:7f:66:63:39:64:
5f:cd:4d:bb:30:99:77:63:9d:1f:d0:1a:f0:a2:13:52:e8:22:
10:57:18:43:56:cf:0c:63:6f:e7:43:01:95:4e:04:e7:7e:ec:
48:95:47:60:f1:c0:d6:e8:fa:f0:48:d0:7d:8f:10:d7:af:af:
18:a8:38:47:03:0f:69:85:54:42:cd:3a:2d:45:3d:94:bf:c0:
2f:40:99:d9:80:73:f6:7d:f0:5f:11:26:3c:62:6f:fa:ef:1f:
8f:46:61:89:c2:c6:cc:0c:7f:d2:09:de:58:4a:99:00:82:de:
30:7a:46:60:aa:2d:22:0c:eb:74:fa:00:72:b9:5d:f3:6f:f8:
ff:2e:09:92:78:4a:e5:33:00:bb:94:5b:fa:1a:c7:c7:a7:cf:
8c:23:8b:28:56:b4:c3:f4:49:50:1f:80:af:cf:32:dd:e3:47:
f0:76:74:f6:37:fc:fc:90:91:51:9a:20:b1:ea:08:60:ab:80:
f9:0c:d5:1b:78:cb:31:bc:b7:ce:8c:2c:96:53:1c:c2:e4:45:
22:33:81:4a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUKnx+0UlwBVgT1I1lLNlQFuKLDBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDEwMDA0MDhaFw0yNjEwMzEwMDA5MDhaMDMxMTAvBgNV
BAMTKDJGQzU1RTZDRkZGNzc0MjRCOUZDREZENTgzNjBERUUxM0RBODQ0NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzbeZW8W8UYA0JDNmxMQMkPRCL
oYs3HItXJuV6dcArqwwIoHbHxTOPNd551Asj4jXoyRwjISzJt0l0ifSMZ70h78Gd
tWTctcS+VuBGIUVLcX9umkm3jKZVWrnapETCrCNuJznjptMDW2ZpbHiDEOVk9YRa
XEEGfXMRhKuYW+W9ioepANTomKRI22gzGjSRD3LgHE1fbkCgWCZF/nwFxVSJDMzC
K2Z5CHZCagUtgkeNdLROuBwNLNVrXpLHm2R7tx6GzILFo5wYbzuseF+IoU3U+ZWZ
0Pldx9saPaO6ojEgD0xwk9Z46dL6oK4I8dKcgYC6vK9UfJEUDjnOX64uaS0nAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUL8VebP/3dCS5/N/Vg2De4T2oRG0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBABgPmkD
BACMlpkDBACPDjsDBACPDkQDBACPDucDBACPDvwDBACSZwoDBACW8dEDBAGbddQD
BACijUcDBAGijWgDBACnlH0DBACnlMEwDQYJKoZIhvcNAQELBQADggEBAF0KGjQY
Ef2FcOmSs4wjAKQWQUeh8rnfImGJZGvwgGWX7WiVBH55l9pyQQs5vVT62tV/ZmM5
ZF/NTbswmXdjnR/QGvCiE1LoIhBXGENWzwxjb+dDAZVOBOd+7EiVR2DxwNbo+vBI
0H2PENevrxioOEcDD2mFVELNOi1FPZS/wC9AmdmAc/Z98F8RJjxib/rvH49GYYnC
xswMf9IJ3lhKmQCC3jB6RmCqLSIM63T6AHK5XfNv+P8uCZJ4SuUzALuUW/oax8en
z4wjiyhWtMP0SVAfgK/PMt3jR/B2dPY3/PyQkVGaILHqCGCrgPkM1Rt4yzG8t86M
LJZTHMLkRSIzgUo=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:36:52 2025 by rpki-client