Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: VuYsz8GUdZ/w2yaL1bEmY0StdwrrjVmo6XkqnWqcBsc=
Subject key identifier: BF:E4:C0:9C:E1:DE:12:1C:2E:02:06:38:02:98:31:21:2B:78:C0:87
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0ED84F3C3E3AA54F1B07C79A6D048713C8337BC1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Sun 07 Jun 2026 23:23:40 +0000
ROA not before: Sun 07 Jun 2026 23:18:40 +0000
ROA not after: Sun 06 Jun 2027 23:23:40 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.59.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
155.117.5.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.180.0/23 maxlen: 23
155.117.197.0/24 maxlen: 24
155.117.233.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
168.222.43.0/24 maxlen: 24
168.222.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:d8:4f:3c:3e:3a:a5:4f:1b:07:c7:9a:6d:04:87:13:c8:33:7b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 7 23:18:40 2026 GMT
Not After : Jun 6 23:23:40 2027 GMT
Subject: CN=BFE4C09CE1DE121C2E020638029831212B78C087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f3:20:5e:de:0c:65:ab:01:66:bd:08:e2:04:
98:9b:d7:25:f6:eb:ee:dd:cc:f4:57:01:b1:93:4e:
77:a3:1f:78:be:12:f8:c6:cb:f2:06:6b:b8:ef:18:
64:93:f6:a1:5d:10:d8:30:6e:37:ba:0b:62:e9:e1:
b2:04:a7:2f:19:f2:ac:f0:70:77:e5:11:c3:50:02:
c3:5e:e2:16:fb:fa:32:dc:d5:3c:b3:d5:20:7d:ea:
3f:53:39:02:6a:12:f5:d9:10:0a:56:f3:a8:90:29:
0d:96:e6:cf:78:c0:59:08:80:e6:1e:51:5d:e1:6c:
43:43:21:c6:d4:a7:f8:7c:e6:ae:b0:6f:f4:4f:53:
83:d4:14:fd:6d:53:64:36:a2:39:be:93:f7:5a:7c:
b6:db:bd:69:9f:a7:c2:bc:03:78:2b:10:84:fb:79:
fb:33:5f:ef:94:45:6d:d8:c9:c4:91:a5:4c:3f:6a:
02:da:ab:21:bd:ea:ad:89:3d:f4:9e:dc:e8:2f:f2:
26:cc:29:a0:23:4b:3a:40:ad:5a:75:87:27:e0:7d:
12:7c:1c:3a:e0:35:a0:c2:59:48:33:f6:94:e1:f3:
39:1d:04:18:09:ec:51:d5:3a:ec:6c:eb:33:e8:78:
1e:8b:80:7e:c1:5e:15:d5:f8:64:01:09:c2:9a:17:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E4:C0:9C:E1:DE:12:1C:2E:02:06:38:02:98:31:21:2B:78:C0:87
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.59.0/24
143.14.231.0/24
146.103.10.0/24
148.135.192.0/24
155.117.5.0-155.117.6.255
155.117.13.0/24
155.117.127.0/24
155.117.180.0/23
155.117.197.0/24
155.117.233.0-155.117.234.255
162.141.71.0/24
167.148.125.0/24
167.148.193.0/24
168.222.43.0/24
168.222.49.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ba:e6:16:d2:0a:6f:78:d6:e0:a8:ed:27:e6:9e:ce:98:b8:
3a:7f:8f:91:b0:c3:0b:1c:c5:d6:ba:bd:7b:2a:34:aa:4b:2f:
33:9c:66:33:b0:b3:b2:42:8b:3c:b0:32:29:9b:85:9a:9c:8f:
c0:04:b1:f9:f9:f0:0a:41:9b:43:c8:e0:c1:38:e0:ff:7c:cc:
74:6b:b8:7c:51:4f:a4:e0:23:7c:03:34:5d:e2:03:57:d5:81:
b7:6c:d9:b6:b3:b0:5f:d6:2e:b6:1e:c6:42:80:15:83:f6:b2:
b7:cd:82:34:d4:e6:59:b2:2b:0f:7e:c1:9e:83:3b:f1:34:ae:
b5:7e:4e:3b:b6:6d:f5:1f:f6:72:dc:0b:2f:cb:72:35:af:87:
eb:00:ca:33:e7:52:e0:8b:c8:41:62:e8:d3:a2:d7:3e:76:29:
98:3c:fa:f1:87:a9:57:e4:bd:a2:85:9d:2c:9a:e8:ed:84:50:
07:75:69:7b:9a:f4:3d:fe:57:01:01:18:9e:ae:cf:d0:02:d9:
ad:65:42:83:b3:34:d9:fb:4c:74:23:4e:5e:81:39:f5:75:72:
ec:41:e5:3b:ba:00:b0:56:10:4b:63:e9:44:91:66:21:e6:af:
4b:0b:00:c7:3a:22:c7:a6:bf:ba:c5:c9:05:af:50:9f:2c:13:
60:8c:1d:15
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIUDthPPD46pU8bB8eabQSHE8gze8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDcyMzE4NDBaFw0yNzA2MDYyMzIzNDBaMDMxMTAvBgNV
BAMTKEJGRTRDMDlDRTFERTEyMUMyRTAyMDYzODAyOTgzMTIxMkI3OEMwODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh8yBe3gxlqwFmvQjiBJib1yX2
6+7dzPRXAbGTTnejH3i+EvjGy/IGa7jvGGST9qFdENgwbje6C2Lp4bIEpy8Z8qzw
cHflEcNQAsNe4hb7+jLc1Tyz1SB96j9TOQJqEvXZEApW86iQKQ2W5s94wFkIgOYe
UV3hbENDIcbUp/h85q6wb/RPU4PUFP1tU2Q2ojm+k/dafLbbvWmfp8K8A3grEIT7
efszX++URW3YycSRpUw/agLaqyG96q2JPfSe3Ogv8ibMKaAjSzpArVp1hyfgfRJ8
HDrgNaDCWUgz9pTh8zkdBBgJ7FHVOuxs6zPoeB6LgH7BXhXV+GQBCcKaF2lDAgMB
AAGjggJ0MIICcDAdBgNVHQ4EFgQUv+TAnOHeEhwuAgY4ApgxISt4wIcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYkGCCsGAQUFBwEHAQH/BHoweDB2BAIAATBwAwQAYD5p
AwQAjw47AwQAjw7nAwQAkmcKAwQAlIfAMAwDBACbdQUDBACbdQYDBACbdQ0DBACb
dX8DBAGbdbQDBACbdcUwDAMEAJt16QMEAJt16gMEAKKNRwMEAKeUfQMEAKeUwQME
AKjeKwMEAKjeMTANBgkqhkiG9w0BAQsFAAOCAQEAA7rmFtIKb3jW4KjtJ+aezpi4
On+PkbDDCxzF1rq9eyo0qksvM5xmM7CzskKLPLAyKZuFmpyPwASx+fnwCkGbQ8jg
wTjg/3zMdGu4fFFPpOAjfAM0XeIDV9WBt2zZtrOwX9Yuth7GQoAVg/ayt82CNNTm
WbIrD37BnoM78TSutX5OO7Zt9R/2ctwLL8tyNa+H6wDKM+dS4IvIQWLo06LXPnYp
mDz68YepV+S9ooWdLJro7YRQB3Vpe5r0Pf5XAQEYnq7P0ALZrWVCg7M02ftMdCNO
XoE59XVy7EHlO7oAsFYQS2PpRJFmIeavSwsAxzoix6a/usXJBa9QnywTYIwdFQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:46:36 2026 by rpki-client