Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: ckT6+1WsYjAUezFdYcsqWomBHrAqM3io/QX0nLyuhcY=
Subject key identifier: 52:FD:9D:DB:C7:79:D8:DF:99:79:5D:26:F1:71:B5:13:F7:F1:03:E2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4913EBC9BEA5FE876B251ED94546DFAC9A5F8FD9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Sat 04 Apr 2026 04:49:28 +0000
ROA not before: Sat 04 Apr 2026 04:44:28 +0000
ROA not after: Sat 03 Apr 2027 04:49:28 +0000
asID: 16509
IP address blocks: 96.62.208.0/22 maxlen: 22
140.150.156.0/24 maxlen: 24
140.233.128.0/19 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:13:eb:c9:be:a5:fe:87:6b:25:1e:d9:45:46:df:ac:9a:5f:8f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 4 04:44:28 2026 GMT
Not After : Apr 3 04:49:28 2027 GMT
Subject: CN=52FD9DDBC779D8DF99795D26F171B513F7F103E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f5:37:28:58:59:f7:e3:5e:98:86:c4:8d:ac:
5e:94:2e:7a:c6:1b:3e:74:3e:d6:68:38:23:c1:5a:
ea:7f:0d:e8:c5:2b:58:27:74:a1:20:69:09:88:8a:
15:cb:37:12:2b:ee:ef:2e:ef:65:6e:c6:e0:55:e8:
b9:63:1e:9c:eb:7e:87:22:3e:8b:f2:e5:4d:02:61:
20:4d:bc:c5:fd:78:71:35:16:37:11:b1:bc:59:c0:
4c:60:c2:fb:45:c8:fa:77:66:7e:00:f7:e2:a5:ae:
d1:5b:79:a0:c4:cb:3d:59:de:ec:c9:81:80:88:59:
5e:b2:1e:61:8c:f1:8c:cb:c2:08:13:08:4b:c9:3d:
d7:27:de:4e:bb:3e:e3:e3:c7:7d:44:03:6a:ab:67:
ce:21:b3:17:0b:4a:4b:4a:6b:8f:b6:2d:50:17:f6:
33:cc:a7:bc:79:73:4a:bd:8e:4c:65:18:4b:f2:6f:
31:b3:a2:1c:c2:5b:20:46:25:d2:d4:a5:3b:36:7a:
e3:d8:25:05:62:a4:1f:11:8c:8c:28:5b:1f:9d:4f:
88:28:f5:c0:1e:2e:4f:9b:65:cc:41:57:85:ff:41:
9e:f8:30:3a:7e:cc:3e:a1:30:7c:4e:70:66:a9:73:
dc:0a:9f:49:cf:9b:09:e7:63:e6:55:8b:7a:00:0a:
24:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FD:9D:DB:C7:79:D8:DF:99:79:5D:26:F1:71:B5:13:F7:F1:03:E2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.150.156.0/24
140.233.128.0/19
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:0a:04:d2:f4:78:1e:32:54:11:5e:0d:52:f6:3b:50:b1:14:
a9:09:89:3b:cc:fb:6c:be:6e:59:07:05:15:1a:26:18:a4:26:
e4:5e:79:60:19:30:a9:8c:7a:77:c8:b0:6e:4f:07:ef:09:81:
e7:ee:23:ad:88:f9:34:4a:cd:8f:74:a9:b2:58:27:e9:75:b3:
56:09:8d:d6:7c:b2:40:94:d4:be:fc:d4:63:68:8e:a7:00:99:
bf:df:06:87:bf:87:7a:b0:ec:f8:a7:7e:06:31:c8:54:ec:bb:
86:04:9b:e2:58:81:a2:f8:03:43:95:3c:dc:08:21:ab:8e:ef:
5b:28:8f:97:57:ad:e6:59:e0:0a:42:5d:3c:5c:3c:7d:61:ed:
f5:0d:00:3b:e3:fd:5c:50:9b:c4:89:eb:4a:cf:f1:6e:36:91:
11:51:83:74:f2:e3:90:12:61:e5:a2:c3:63:86:48:c5:b0:2d:
0c:95:2b:ed:95:da:57:90:e1:5f:44:01:ed:b5:03:67:05:06:
6a:45:74:f6:80:14:02:e3:0d:42:9b:73:c7:fb:b0:f0:10:46:
ad:0b:20:90:f9:c3:2c:fc:c3:c8:23:91:3d:ad:65:58:f8:77:
98:c3:43:92:87:79:ce:ca:e6:2b:21:84:d0:04:ac:17:c5:ff:
cf:4b:ff:02
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIUSRPryb6l/odrJR7ZRUbfrJpfj9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MDQwNDQ0MjhaFw0yNzA0MDMwNDQ5MjhaMDMxMTAvBgNV
BAMTKDUyRkQ5RERCQzc3OUQ4REY5OTc5NUQyNkYxNzFCNTEzRjdGMTAzRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCH9TcoWFn3416YhsSNrF6ULnrG
Gz50PtZoOCPBWup/DejFK1gndKEgaQmIihXLNxIr7u8u72VuxuBV6LljHpzrfoci
Povy5U0CYSBNvMX9eHE1FjcRsbxZwExgwvtFyPp3Zn4A9+KlrtFbeaDEyz1Z3uzJ
gYCIWV6yHmGM8YzLwggTCEvJPdcn3k67PuPjx31EA2qrZ84hsxcLSktKa4+2LVAX
9jPMp7x5c0q9jkxlGEvybzGzohzCWyBGJdLUpTs2euPYJQVipB8RjIwoWx+dT4go
9cAeLk+bZcxBV4X/QZ74MDp+zD6hMHxOcGapc9wKn0nPmwnnY+ZVi3oACiRJAgMB
AAGjggJwMIICbDAdBgNVHQ4EFgQUUv2d28d52N+ZeV0m8XG1E/fxA+IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYUGCCsGAQUFBwEHAQH/BHYwdDByBAIAATBsAwQCYD7Q
AwQAjJacAwQFjOmAAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+AwQAk08ZAwQAlIe0
AwQAlIe6AwQAm3UAAwQAm3U8AwQAm3W5AwQAm3W7AwQAm3XLAwQAoo2fAwQAoo20
AwQAqN55MA0GCSqGSIb3DQEBCwUAA4IBAQB6CgTS9HgeMlQRXg1S9jtQsRSpCYk7
zPtsvm5ZBwUVGiYYpCbkXnlgGTCpjHp3yLBuTwfvCYHn7iOtiPk0Ss2PdKmyWCfp
dbNWCY3WfLJAlNS+/NRjaI6nAJm/3waHv4d6sOz4p34GMchU7LuGBJviWIGi+AND
lTzcCCGrju9bKI+XV63mWeAKQl08XDx9Ye31DQA74/1cUJvEietKz/FuNpERUYN0
8uOQEmHlosNjhkjFsC0MlSvtldpXkOFfRAHttQNnBQZqRXT2gBQC4w1Cm3PH+7Dw
EEatCyCQ+cMs/MPII5E9rWVY+HeYw0OSh3nOyuYrIYTQBKwXxf/PS/8C
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:52 2026 by rpki-client