Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: AdBaVr1tbl/H7jubl563ZNw9deS8EXUg9UjsBxZMuP8=
Subject key identifier: AE:45:43:48:4F:7D:AC:A9:3F:5F:66:92:25:B4:FC:87:E3:D4:0C:3D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 56ED099DB66CF325833C1ECD2A9723BB9DF77886
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Fri 05 Jun 2026 14:15:20 +0000
ROA not before: Fri 05 Jun 2026 14:10:20 +0000
ROA not after: Fri 04 Jun 2027 14:15:20 +0000
asID: 16509
IP address blocks: 181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
2a00:d1a0:10::/48 maxlen: 48
2a00:d1a0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ed:09:9d:b6:6c:f3:25:83:3c:1e:cd:2a:97:23:bb:9d:f7:78:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 5 14:10:20 2026 GMT
Not After : Jun 4 14:15:20 2027 GMT
Subject: CN=AE4543484F7DACA93F5F669225B4FC87E3D40C3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:ab:1e:5c:f9:95:4e:17:cb:fc:b5:97:13:
3d:76:ea:04:10:7c:6c:b9:67:c4:ed:85:e8:b1:00:
64:e9:e1:16:a1:03:78:9f:3a:64:69:0a:b2:19:fd:
a4:a4:0b:b4:5c:b7:d7:f0:ac:5a:ac:9a:b0:7d:00:
57:6f:68:a2:b0:90:d3:37:f4:fe:f2:d5:40:b2:f4:
c3:b2:e9:9c:78:a8:da:e7:8c:ed:c2:d7:37:a7:81:
f8:5a:09:35:bd:0c:61:ea:68:a7:86:44:38:63:11:
87:9b:51:73:ae:de:9a:aa:77:4a:d0:97:37:0d:9a:
80:b9:72:ab:6d:75:e7:03:85:16:18:c9:26:53:9d:
d3:fa:73:c0:29:6e:6f:01:e9:f3:3f:51:30:70:81:
66:6b:2a:d8:f9:7e:9b:ab:ed:e6:76:07:cb:be:c1:
25:d5:0a:13:52:17:93:9d:71:bc:47:ad:80:ce:e2:
b3:17:ec:d8:56:b2:27:e5:08:76:16:25:fd:99:bc:
01:58:97:36:72:cb:1a:f6:6b:45:53:b9:9e:68:56:
28:b1:4e:6f:5f:5e:a7:d1:57:01:91:d0:d1:91:ac:
03:2f:78:5f:e2:e5:3b:95:25:b9:83:3a:40:75:e9:
d8:4b:61:56:0f:b0:5f:f6:ba:0f:93:c8:06:bf:cb:
90:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:45:43:48:4F:7D:AC:A9:3F:5F:66:92:25:B4:FC:87:E3:D4:0C:3D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
IPv6:
2a00:d1a0:10::/47
Signature Algorithm: sha256WithRSAEncryption
97:89:59:0a:6d:4f:e4:65:d6:63:f5:c4:e5:c6:89:c0:36:93:
1a:d5:16:9e:c7:fd:e7:bd:ed:15:ed:03:78:21:7e:5b:89:31:
1a:c7:a7:fe:41:2a:70:98:8b:bd:a1:29:a4:60:b2:72:ce:bf:
b0:63:60:0f:74:5f:d6:4f:22:f8:67:9a:29:7f:e5:7a:75:2c:
25:2f:b4:3a:28:3d:57:82:df:33:5a:c9:f5:17:cb:7d:d1:0c:
25:df:07:b3:8b:29:40:c4:89:68:f0:30:a7:e0:1e:a1:80:90:
05:95:af:3e:53:99:eb:c0:24:86:5c:e4:26:6a:81:1d:10:c8:
a3:3f:47:91:d2:c4:69:cc:18:4e:5f:66:cf:96:76:48:38:25:
32:3e:be:14:89:d5:af:ec:a5:ac:94:11:30:c8:88:3d:4e:b0:
b9:ba:74:49:d4:41:95:a6:c5:56:53:77:bd:b0:1e:66:8e:c4:
dd:98:b2:f8:16:f0:a1:1c:ea:3e:b4:4e:9d:be:ba:b8:6a:c7:
2c:25:ef:5f:3b:56:5d:66:15:eb:22:7f:dd:a1:2e:06:83:f5:
4e:69:f1:5f:11:76:40:07:c7:85:37:88:d0:1c:e6:29:46:93:
01:50:84:4e:76:86:0e:c5:47:c1:3c:3f:72:b4:a3:a9:6f:22:
7b:b0:47:10
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUVu0JnbZs8yWDPB7NKpcju533eIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA2MDUxNDEwMjBaFw0yNzA2MDQxNDE1MjBaMDMxMTAvBgNV
BAMTKEFFNDU0MzQ4NEY3REFDQTkzRjVGNjY5MjI1QjRGQzg3RTNENDBDM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCizqseXPmVThfL/LWXEz126gQQ
fGy5Z8TtheixAGTp4RahA3ifOmRpCrIZ/aSkC7Rct9fwrFqsmrB9AFdvaKKwkNM3
9P7y1UCy9MOy6Zx4qNrnjO3C1zengfhaCTW9DGHqaKeGRDhjEYebUXOu3pqqd0rQ
lzcNmoC5cqttdecDhRYYySZTndP6c8Apbm8B6fM/UTBwgWZrKtj5fpur7eZ2B8u+
wSXVChNSF5OdcbxHrYDO4rMX7NhWsiflCHYWJf2ZvAFYlzZyyxr2a0VTuZ5oViix
Tm9fXqfRVwGR0NGRrAMveF/i5TuVJbmDOkB16dhLYVYPsF/2ug+TyAa/y5DRAgMB
AAGjggI4MIICNDAdBgNVHQ4EFgQUrkVDSE99rKk/X2aSJbT8h+PUDD0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCoEAgABMCQDBAC11l4D
BAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDwQCAAIwCQMHASoA0aAAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAl4lZCm1P5GXWY/XE5caJwDaTGtUWnsf9573tFe0D
eCF+W4kxGsen/kEqcJiLvaEppGCycs6/sGNgD3Rf1k8i+GeaKX/lenUsJS+0Oig9
V4LfM1rJ9RfLfdEMJd8Hs4spQMSJaPAwp+AeoYCQBZWvPlOZ68AkhlzkJmqBHRDI
oz9HkdLEacwYTl9mz5Z2SDglMj6+FInVr+ylrJQRMMiIPU6wubp0SdRBlabFVlN3
vbAeZo7E3Ziy+BbwoRzqPrROnb66uGrHLCXvXztWXWYV6yJ/3aEuBoP1TmnxXxF2
QAfHhTeI0BzmKUaTAVCETnaGDsVHwTw/crSjqW8ie7BHEA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:13:59 2026 by rpki-client