Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: KYbBlnygaKSoFLqYnxCtrFyG2PqJmWA+if/AidLrM+s=
Subject key identifier: 92:02:32:8C:CD:AE:1E:E0:14:57:95:D2:C3:6E:95:0C:DD:77:63:40
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2447A1F0C9454F7D7082091088999ED3DC96E179
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Sat 07 Jun 2025 00:00:35 +0000
ROA not before: Fri 06 Jun 2025 23:55:35 +0000
ROA not after: Sat 06 Jun 2026 00:00:35 +0000
asID: 16509
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:47:a1:f0:c9:45:4f:7d:70:82:09:10:88:99:9e:d3:dc:96:e1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 6 23:55:35 2025 GMT
Not After : Jun 6 00:00:35 2026 GMT
Subject: CN=9202328CCDAE1EE0145795D2C36E950CDD776340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:82:e2:7f:47:90:4f:51:82:d9:bf:34:fb:7c:
a0:fd:a0:9f:39:de:db:e7:22:ab:f0:7a:97:77:22:
bb:8f:83:2d:e0:f5:5b:dc:9d:55:15:80:bb:4f:0c:
6f:82:df:36:64:5b:21:9f:e3:0b:c5:34:97:03:87:
eb:97:8d:96:2d:c3:14:54:b8:7d:dc:c8:1c:67:e4:
5d:cb:bb:c1:36:c8:fe:90:85:74:df:5b:47:4f:66:
0f:1d:97:f4:b4:a5:f3:47:1f:fc:8c:9f:53:03:d6:
e1:f5:35:21:55:c7:3a:b6:a0:8e:6b:82:46:4d:eb:
67:a1:62:24:3d:1b:36:f2:3a:7c:ae:64:de:12:8c:
4e:77:8d:57:79:f0:77:d4:0d:f5:be:62:f2:21:5e:
e5:5d:92:36:05:bd:0f:a5:41:e6:c4:5f:13:c2:b7:
80:a0:5f:b0:6a:bf:af:bf:3c:11:c7:4c:91:44:89:
b8:5b:3c:b3:c1:8c:a5:1d:f7:05:ee:e5:07:14:2f:
43:47:df:0f:34:7d:b5:66:5b:2f:bb:95:fa:f4:0f:
2a:17:38:17:db:2d:45:73:fd:26:0f:76:b3:2c:a1:
10:ed:da:9d:0f:19:2e:40:34:a9:87:64:68:8d:99:
2b:3d:ae:0b:f7:4f:9f:0f:be:04:7d:3e:0c:99:96:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:02:32:8C:CD:AE:1E:E0:14:57:95:D2:C3:6E:95:0C:DD:77:63:40
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
Signature Algorithm: sha256WithRSAEncryption
20:cf:63:bf:32:76:79:78:04:89:b9:a0:ed:21:00:c5:a8:f8:
9d:fc:b8:2d:07:5b:23:0f:27:3f:a3:07:af:0b:6c:4d:ce:93:
37:70:3f:e9:21:55:e1:69:b6:13:29:c2:40:bf:d3:0f:0c:12:
1d:30:e0:45:1a:09:27:4f:da:0b:4c:83:76:bf:6b:6e:cb:94:
73:e5:ba:41:9d:1b:47:b0:4b:aa:82:32:70:3c:a9:49:d8:b0:
b8:49:09:41:00:01:90:e6:9b:63:0e:cb:dd:00:00:05:0a:1f:
3d:53:10:05:65:1f:88:67:de:22:fb:b9:97:02:40:5d:e1:d3:
24:b3:62:f2:37:8a:19:fb:da:ed:1b:7d:9a:85:9c:0b:d2:00:
38:59:78:e7:f1:ae:03:a7:af:90:68:2e:2f:15:45:1a:6b:80:
2f:54:c2:2f:23:ff:38:dc:6a:f7:3d:a2:ad:69:91:65:70:9c:
84:42:e0:24:f9:d7:b4:ad:40:42:b2:fe:19:eb:1d:fb:be:59:
3b:c6:a4:ea:2b:99:36:37:f5:92:6c:78:8e:37:f0:c8:da:5f:
81:eb:b6:ad:08:46:20:4f:5e:53:6a:34:51:43:9a:d3:58:37:
7f:43:67:00:05:3e:96:5b:1f:68:cb:35:5f:71:0c:76:85:84:
1b:99:4a:fd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJEeh8MlFT31wggkQiJme09yW4XkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MDYyMzU1MzVaFw0yNjA2MDYwMDAwMzVaMDMxMTAvBgNV
BAMTKDkyMDIzMjhDQ0RBRTFFRTAxNDU3OTVEMkMzNkU5NTBDREQ3NzYzNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFguJ/R5BPUYLZvzT7fKD9oJ85
3tvnIqvwepd3IruPgy3g9VvcnVUVgLtPDG+C3zZkWyGf4wvFNJcDh+uXjZYtwxRU
uH3cyBxn5F3Lu8E2yP6QhXTfW0dPZg8dl/S0pfNHH/yMn1MD1uH1NSFVxzq2oI5r
gkZN62ehYiQ9GzbyOnyuZN4SjE53jVd58HfUDfW+YvIhXuVdkjYFvQ+lQebEXxPC
t4CgX7Bqv6+/PBHHTJFEibhbPLPBjKUd9wXu5QcUL0NH3w80fbVmWy+7lfr0DyoX
OBfbLUVz/SYPdrMsoRDt2p0PGS5ANKmHZGiNmSs9rgv3T58PvgR9PgyZlq5PAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUkgIyjM2uHuAUV5XSw26VDN13Y0AwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8DBAC/Zd8w
DQYJKoZIhvcNAQELBQADggEBACDPY78ydnl4BIm5oO0hAMWo+J38uC0HWyMPJz+j
B68LbE3OkzdwP+khVeFpthMpwkC/0w8MEh0w4EUaCSdP2gtMg3a/a27LlHPlukGd
G0ewS6qCMnA8qUnYsLhJCUEAAZDmm2MOy90AAAUKHz1TEAVlH4hn3iL7uZcCQF3h
0ySzYvI3ihn72u0bfZqFnAvSADhZeOfxrgOnr5BoLi8VRRprgC9Uwi8j/zjcavc9
oq1pkWVwnIRC4CT517StQEKy/hnrHfu+WTvGpOormTY39ZJseI438MjaX4Hrtq0I
RiBPXlNqNFFDmtNYN39DZwAFPpZbH2jLNV9xDHaFhBuZSv0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:04:10 2025 by rpki-client