Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: +HCqRKFEv6c3Rhw+/31y5Bw2vY0AihX4TGp1KyAFZFI=
Subject key identifier: 7C:42:0B:79:6B:58:5C:2B:11:C0:06:2B:35:0C:E9:71:69:E5:2F:71
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0C8B7F57483F2B56C1D8A76920FCDC19680DB0C6
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Fri 06 Jun 2025 05:38:57 +0000
ROA not before: Fri 06 Jun 2025 05:33:57 +0000
ROA not after: Fri 05 Jun 2026 05:38:57 +0000
asID: 16509
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
167.148.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 12:32:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:8b:7f:57:48:3f:2b:56:c1:d8:a7:69:20:fc:dc:19:68:0d:b0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 05:33:57 2025 GMT
Not After : Jun 5 05:38:57 2026 GMT
Subject: CN=7C420B796B585C2B11C0062B350CE97169E52F71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:01:d3:6c:79:a2:ba:50:b5:a0:b5:3c:32:83:
93:5e:b1:7b:3e:d3:fb:bd:8e:ba:f8:4e:2e:36:71:
46:72:92:88:8e:2f:92:81:c5:8d:31:34:90:b8:17:
56:5f:f4:8a:7f:58:3e:2f:4e:fe:ec:1c:92:54:2e:
23:54:87:19:bc:e9:de:87:2a:45:87:b4:0c:7d:95:
f3:46:8a:9d:42:9b:ec:52:d6:c1:65:f5:32:06:1f:
86:b7:cd:28:81:f7:78:67:08:ce:71:e8:62:48:76:
b7:05:cb:0b:16:9d:96:7c:ba:90:60:db:2f:cb:35:
d3:18:ee:d2:98:a5:21:3b:48:6a:c6:c6:f3:b5:30:
13:65:65:4a:cc:cf:63:f7:86:23:25:b7:4b:b3:08:
f6:c8:ee:bd:cc:b1:a5:13:4b:a3:2a:c9:1d:97:15:
55:87:e5:16:d1:f8:f1:85:68:3b:c2:a2:ed:77:67:
94:c0:f0:32:a4:a5:a3:a1:68:ff:19:59:b2:94:eb:
e0:1f:92:88:43:76:c4:8c:ad:5f:90:5a:3f:f5:96:
f0:f3:63:c3:8f:7d:98:2c:fb:84:54:82:cf:ad:e2:
30:34:4b:24:9e:ce:1c:71:90:99:d5:d3:30:58:b5:
98:87:0b:86:a4:f6:33:23:e1:2a:cf:b5:fe:14:15:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:42:0B:79:6B:58:5C:2B:11:C0:06:2B:35:0C:E9:71:69:E5:2F:71
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
155.117.187.0/24
167.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c7:61:7e:3b:63:1f:7c:8b:d6:06:17:8e:c7:22:77:93:77:
a8:b6:90:59:4c:56:a5:ba:99:5a:2b:81:23:63:6d:48:85:c4:
d1:04:fc:7c:32:1c:bf:5b:92:eb:46:84:db:a0:30:0c:53:b0:
1c:93:20:ae:09:48:4a:2f:6a:a9:08:3a:cf:6d:e2:83:d9:75:
b9:86:19:fa:bd:ec:a4:60:a7:fb:1c:09:fd:84:63:93:bc:db:
e3:ec:17:38:ae:b3:c8:05:b1:f1:cf:79:c6:3b:04:e0:55:ad:
15:e2:d8:97:8b:5a:25:1c:11:f9:2b:f5:d1:ae:ba:e6:76:af:
a5:87:8b:d6:87:0d:24:65:8d:e6:9b:5b:b1:3a:7e:fa:59:a9:
6c:76:0f:43:92:5f:39:30:a5:af:08:17:6a:85:c3:56:6c:99:
7e:23:63:a5:16:5c:9d:94:04:59:18:31:64:c7:f3:c7:15:89:
c4:ca:32:14:c5:57:e6:f9:91:08:af:f9:16:00:48:1d:02:af:
01:1d:67:e7:36:f5:80:23:67:8e:21:81:e2:06:de:1c:ac:b0:
7a:bf:da:24:28:67:28:58:c1:4a:4a:85:4f:8b:4b:43:5c:62:
fe:f9:16:22:8b:ed:c3:e4:df:b3:e9:25:c3:38:ea:89:c5:5e:
33:94:d9:1c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDIt/V0g/K1bB2KdpIPzcGWgNsMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwNTMzNTdaFw0yNjA2MDUwNTM4NTdaMDMxMTAvBgNV
BAMTKDdDNDIwQjc5NkI1ODVDMkIxMUMwMDYyQjM1MENFOTcxNjlFNTJGNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXAdNseaK6ULWgtTwyg5NesXs+
0/u9jrr4Ti42cUZykoiOL5KBxY0xNJC4F1Zf9Ip/WD4vTv7sHJJULiNUhxm86d6H
KkWHtAx9lfNGip1Cm+xS1sFl9TIGH4a3zSiB93hnCM5x6GJIdrcFywsWnZZ8upBg
2y/LNdMY7tKYpSE7SGrGxvO1MBNlZUrMz2P3hiMlt0uzCPbI7r3MsaUTS6MqyR2X
FVWH5RbR+PGFaDvCou13Z5TA8DKkpaOhaP8ZWbKU6+AfkohDdsSMrV+QWj/1lvDz
Y8OPfZgs+4RUgs+t4jA0SySezhxxkJnV0zBYtZiHC4ak9jMj4SrPtf4UFcRZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUfEILeWtYXCsRwAYrNQzpcWnlL3EwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAJgPtAD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACbdbsDBACnlJAw
DQYJKoZIhvcNAQELBQADggEBAATHYX47Yx98i9YGF47HIneTd6i2kFlMVqW6mVor
gSNjbUiFxNEE/HwyHL9bkutGhNugMAxTsByTIK4JSEovaqkIOs9t4oPZdbmGGfq9
7KRgp/scCf2EY5O82+PsFzius8gFsfHPecY7BOBVrRXi2JeLWiUcEfkr9dGuuuZ2
r6WHi9aHDSRljeabW7E6fvpZqWx2D0OSXzkwpa8IF2qFw1ZsmX4jY6UWXJ2UBFkY
MWTH88cVicTKMhTFV+b5kQiv+RYASB0CrwEdZ+c29YAjZ44hgeIG3hyssHq/2iQo
ZyhYwUpKhU+LS0NcYv75FiKL7cPk37PpJcM46onFXjOU2Rw=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:06:28 2025 by rpki-client