Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 4kvL5VQvbKv/VFr8vyavv245SQHBCxWCbYDJkOAZQ1Q=
Subject key identifier: 2D:CE:92:02:CB:70:99:D3:CD:91:44:6E:97:9E:44:83:9E:88:75:DE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 343E9D77247599A77368A983DFF54DA70F8353A1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Fri 01 Aug 2025 06:31:53 +0000
ROA not before: Fri 01 Aug 2025 06:26:53 +0000
ROA not after: Fri 31 Jul 2026 06:31:53 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.188.0/24 maxlen: 24
143.14.199.0/24 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.49.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
162.141.104.0/23 maxlen: 24
167.148.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3e:9d:77:24:75:99:a7:73:68:a9:83:df:f5:4d:a7:0f:83:53:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 1 06:26:53 2025 GMT
Not After : Jul 31 06:31:53 2026 GMT
Subject: CN=2DCE9202CB7099D3CD91446E979E44839E8875DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:99:59:88:1b:23:e9:e1:d8:e9:15:4e:b8:33:
f3:8f:5d:c4:e2:71:4b:eb:16:bd:fb:6e:a3:c1:a7:
9e:70:4e:c0:97:03:85:1f:3a:32:21:b8:95:71:ed:
0b:f4:c9:15:f6:00:63:97:f4:67:a1:69:0d:40:e6:
ec:75:f1:28:3b:00:88:b9:ef:b3:c1:11:44:06:59:
17:13:e6:96:9b:5d:d7:a0:22:d5:8b:14:01:75:de:
f7:bb:0b:3e:46:ef:30:8d:b2:0d:9c:3d:d7:ea:f3:
40:25:64:6b:37:72:d1:e4:79:13:21:53:cd:28:c2:
22:83:6b:27:1e:66:8b:5d:ec:fb:2a:eb:ee:ca:24:
bd:57:20:d9:5d:74:c1:07:53:13:4f:b0:e0:e6:a0:
c0:cf:e6:62:fc:c5:7f:3a:0a:ce:9a:69:5e:45:ad:
90:e1:4e:4c:a9:7f:99:bc:8e:d4:d3:8b:e8:0d:41:
eb:36:70:2a:ec:da:12:a1:17:5d:56:e2:a5:0d:90:
2d:ce:5b:45:b1:51:cd:9f:f1:eb:6b:09:66:bc:43:
c0:8a:47:55:8c:85:c5:01:ca:00:b3:cf:b8:39:0a:
e1:4d:3a:57:c3:c9:f6:17:b2:5c:86:fb:23:b7:c2:
92:33:79:ac:19:1c:53:08:11:10:4b:1f:ba:03:bf:
09:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CE:92:02:CB:70:99:D3:CD:91:44:6E:97:9E:44:83:9E:88:75:DE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.68.0/24
143.14.188.0/24
143.14.199.0/24
143.14.252.0/24
146.103.10.0/24
146.103.49.0/24
150.241.209.0/24
162.141.96.0/24
162.141.104.0/23
167.148.33.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:f7:3f:9a:92:42:85:07:f7:3f:1d:89:d4:52:bf:0e:63:19:
6d:36:3e:20:13:01:7d:52:29:f8:03:a7:76:af:58:ba:00:ff:
35:9b:e5:af:29:41:b9:0f:d7:2b:cb:9a:7e:96:a6:29:f0:fb:
3c:49:a8:0c:f6:ab:27:e0:1e:f1:0a:45:87:70:4f:1c:4a:c6:
c6:f1:0d:d9:27:18:1d:19:a4:69:bc:64:6c:05:a4:bf:a5:b2:
c8:48:9a:a7:32:a0:87:a2:87:06:a9:7f:9e:a4:88:dc:73:69:
44:47:ab:f8:e5:9b:79:2f:a2:54:c8:42:1a:8d:23:7f:6e:15:
79:b6:77:47:67:e5:4b:fd:89:46:0d:b5:d4:54:78:48:2f:fb:
65:36:e4:5e:b8:b0:85:d6:4d:15:4e:28:41:59:9c:31:31:bc:
2a:2c:11:96:0f:2f:fd:fa:22:68:b0:e5:f7:8f:22:88:14:1c:
40:bb:d2:f9:f5:e8:78:d5:7a:4a:c6:56:af:20:72:5f:8a:2c:
c6:37:b3:4c:08:58:e1:66:fe:9b:3e:5b:ea:5b:65:ad:62:b4:
70:09:c4:c1:de:27:6c:62:f2:2d:70:dd:1e:54:cb:41:2d:1b:
2b:65:6a:a3:40:25:87:a3:a0:8a:12:72:35:13:1f:b0:58:5e:
06:60:73:f3
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUND6ddyR1madzaKmD3/VNpw+DU6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDEwNjI2NTNaFw0yNjA3MzEwNjMxNTNaMDMxMTAvBgNV
BAMTKDJEQ0U5MjAyQ0I3MDk5RDNDRDkxNDQ2RTk3OUU0NDgzOUU4ODc1REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBmVmIGyPp4djpFU64M/OPXcTi
cUvrFr37bqPBp55wTsCXA4UfOjIhuJVx7Qv0yRX2AGOX9GehaQ1A5ux18Sg7AIi5
77PBEUQGWRcT5pabXdegItWLFAF13ve7Cz5G7zCNsg2cPdfq80AlZGs3ctHkeRMh
U80owiKDayceZotd7Psq6+7KJL1XINlddMEHUxNPsODmoMDP5mL8xX86Cs6aaV5F
rZDhTkypf5m8jtTTi+gNQes2cCrs2hKhF11W4qUNkC3OW0WxUc2f8etrCWa8Q8CK
R1WMhcUBygCzz7g5CuFNOlfDyfYXslyG+yO3wpIzeawZHFMIERBLH7oDvwn9AgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQULc6SAstwmdPNkURul55Eg56Idd4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBABgPmkD
BACPDkQDBACPDrwDBACPDscDBACPDvwDBACSZwoDBACSZzEDBACW8dEDBACijWAD
BAGijWgDBACnlCEwDQYJKoZIhvcNAQELBQADggEBAD/3P5qSQoUH9z8didRSvw5j
GW02PiATAX1SKfgDp3avWLoA/zWb5a8pQbkP1yvLmn6Wpinw+zxJqAz2qyfgHvEK
RYdwTxxKxsbxDdknGB0ZpGm8ZGwFpL+lsshImqcyoIeihwapf56kiNxzaURHq/jl
m3kvolTIQhqNI39uFXm2d0dn5Uv9iUYNtdRUeEgv+2U25F64sIXWTRVOKEFZnDEx
vCosEZYPL/36Imiw5fePIogUHEC70vn16HjVekrGVq8gcl+KLMY3s0wIWOFm/ps+
W+pbZa1itHAJxMHeJ2xi8i1w3R5Uy0EtGytlaqNAJYejoIoScjUTH7BYXgZgc/M=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:57:13 2025 by rpki-client