Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: MdjSCRcbRAtahxlrcuuvcN1wyX2KpWycxhccJfWWS+w=
Subject key identifier: 34:D4:6D:26:E0:54:EA:1F:2C:5F:58:38:AD:7C:B9:25:2D:78:1B:2C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5AFBCB6E9E7C877CBB05C8CC1766BA72A088CC1D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Mon 04 Aug 2025 04:18:44 +0000
ROA not before: Mon 04 Aug 2025 04:13:44 +0000
ROA not after: Mon 03 Aug 2026 04:18:44 +0000
asID: 16509
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:fb:cb:6e:9e:7c:87:7c:bb:05:c8:cc:17:66:ba:72:a0:88:cc:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 4 04:13:44 2025 GMT
Not After : Aug 3 04:18:44 2026 GMT
Subject: CN=34D46D26E054EA1F2C5F5838AD7CB9252D781B2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:4f:0f:c0:79:18:34:be:66:7a:1f:ad:6e:
03:4e:c8:00:ab:a2:d0:cb:96:be:77:09:4e:4b:63:
41:80:e4:27:08:36:b7:30:03:31:7e:7d:e4:2c:67:
01:8d:d8:32:16:1f:c0:90:1f:10:c8:e1:a0:99:f0:
1d:34:33:c6:c8:cc:bf:f1:7b:77:49:ba:3c:d6:7c:
bb:18:e8:17:c1:df:bd:64:d5:a4:bc:31:e4:e3:21:
91:16:16:43:94:a9:28:cd:ac:82:23:bf:21:c4:5a:
08:ef:7d:b7:f6:7e:f7:97:d3:08:90:3d:38:e7:de:
82:f3:cb:89:de:3e:54:26:5b:3a:1f:11:4c:16:24:
3b:e1:fa:03:0f:94:8d:b1:15:78:48:27:d9:77:ca:
b6:52:f6:09:23:83:b9:b6:2d:db:84:94:16:56:47:
9d:81:61:ae:8b:25:0b:da:40:ca:f0:96:f2:7c:27:
01:27:25:14:d1:63:c2:66:bb:f3:86:de:a5:21:5e:
5b:eb:1f:7e:9e:7e:14:54:f3:ba:b9:78:c9:7d:f5:
cf:c0:8b:d0:50:88:2e:9e:31:87:0f:97:13:23:64:
4e:8d:da:a7:a9:f7:32:9f:e4:a5:2b:65:82:f1:58:
78:ae:d7:82:90:e0:40:0d:3e:5b:9e:67:4e:1b:61:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D4:6D:26:E0:54:EA:1F:2C:5F:58:38:AD:7C:B9:25:2D:78:1B:2C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
148.135.180.0/24
148.135.186.0/24
155.117.187.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ae:9e:92:6c:bc:ce:a0:07:80:3d:22:e1:5b:c2:94:21:da:
bc:4e:ce:3d:25:64:6a:dd:59:4b:a0:d9:98:9f:62:3e:83:a6:
38:0e:51:20:dd:c1:5b:ab:a0:4b:68:0a:a3:b1:77:2e:57:d8:
e1:af:99:3a:c6:33:d9:db:4c:11:63:b7:8a:02:c6:59:c3:da:
49:3e:d2:41:7e:c6:3d:4f:68:e0:93:3c:c8:c6:51:3e:8a:8d:
23:07:d6:a4:52:ec:d4:60:a0:fe:0a:c0:f2:6c:35:7a:29:57:
eb:cf:a5:f2:27:70:2e:2e:11:f6:08:f9:a2:44:88:75:dd:1b:
22:40:93:48:5e:8c:e7:de:94:55:22:f3:b1:33:c1:9a:90:d9:
73:bd:6f:d4:f9:02:5f:9c:2f:1d:ae:88:c9:1f:5e:48:01:f5:
09:22:87:13:a3:e0:48:e2:b7:56:a9:ba:ba:94:d1:8c:a6:39:
ae:54:56:e0:3f:26:d4:d2:50:a6:f0:77:b8:7c:2f:79:ed:06:
f2:30:66:f0:c3:be:6d:71:81:fb:ce:8e:d2:fe:a2:b3:51:8e:
3f:99:c9:67:40:9a:aa:67:a2:1f:d3:95:48:9e:d5:e6:4c:44:
64:22:46:ae:1c:af:88:e6:b9:14:e7:be:b4:ea:f8:3a:d5:74:
f7:35:ac:69
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUWvvLbp58h3y7BcjMF2a6cqCIzB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDQwNDEzNDRaFw0yNjA4MDMwNDE4NDRaMDMxMTAvBgNV
BAMTKDM0RDQ2RDI2RTA1NEVBMUYyQzVGNTgzOEFEN0NCOTI1MkQ3ODFCMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEl08PwHkYNL5meh+tbgNOyACr
otDLlr53CU5LY0GA5CcINrcwAzF+feQsZwGN2DIWH8CQHxDI4aCZ8B00M8bIzL/x
e3dJujzWfLsY6BfB371k1aS8MeTjIZEWFkOUqSjNrIIjvyHEWgjvfbf2fveX0wiQ
PTjn3oLzy4nePlQmWzofEUwWJDvh+gMPlI2xFXhIJ9l3yrZS9gkjg7m2LduElBZW
R52BYa6LJQvaQMrwlvJ8JwEnJRTRY8Jmu/OG3qUhXlvrH36efhRU87q5eMl99c/A
i9BQiC6eMYcPlxMjZE6N2qep9zKf5KUrZYLxWHiu14KQ4EANPlueZ04bYWvFAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUNNRtJuBU6h8sX1g4rXy5JS14GywwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAJgPtAD
BAWM6YADBAGR30ADBACSZzwDBAGSZz4DBACUh7QDBACUh7oDBACbdbswDQYJKoZI
hvcNAQELBQADggEBAJCunpJsvM6gB4A9IuFbwpQh2rxOzj0lZGrdWUug2ZifYj6D
pjgOUSDdwVuroEtoCqOxdy5X2OGvmTrGM9nbTBFjt4oCxlnD2kk+0kF+xj1PaOCT
PMjGUT6KjSMH1qRS7NRgoP4KwPJsNXopV+vPpfIncC4uEfYI+aJEiHXdGyJAk0he
jOfelFUi87EzwZqQ2XO9b9T5Al+cLx2uiMkfXkgB9QkihxOj4Ejit1apurqU0Yym
Oa5UVuA/JtTSUKbwd7h8L3ntBvIwZvDDvm1xgfvOjtL+orNRjj+ZyWdAmqpnoh/T
lUie1eZMRGQiRq4cr4jmuRTnvrTq+DrVdPc1rGk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:28 2025 by rpki-client