Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: gOFf44N+gf/63Dy+oo0mNFlJiwGyzf9fdrTSKyhjA/c=
Subject key identifier: 34:6F:68:C1:C3:0A:24:75:0A:D6:F1:CD:D1:A1:6F:34:67:F5:59:06
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2B09122A27FD4956676020D5E0359DD60E12D219
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Mon 13 Apr 2026 14:34:50 +0000
ROA not before: Mon 13 Apr 2026 14:29:50 +0000
ROA not after: Mon 12 Apr 2027 14:34:50 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.15.0/24 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.51.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.81.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.29.126.0/24 maxlen: 24
82.38.2.0/24 maxlen: 24
82.38.32.0/24 maxlen: 24
82.38.35.0/24 maxlen: 24
82.38.82.0/24 maxlen: 24
82.38.124.0/22 maxlen: 24
82.38.140.0/22 maxlen: 24
82.38.152.0/22 maxlen: 24
82.38.156.0/22 maxlen: 24
82.38.160.0/22 maxlen: 24
82.38.164.0/22 maxlen: 24
82.38.224.0/22 maxlen: 24
82.38.228.0/22 maxlen: 24
82.38.232.0/22 maxlen: 24
82.38.236.0/22 maxlen: 24
82.38.240.0/22 maxlen: 24
82.38.244.0/22 maxlen: 24
82.38.248.0/22 maxlen: 24
82.38.252.0/22 maxlen: 24
82.39.108.0/24 maxlen: 24
82.39.138.0/24 maxlen: 24
82.39.156.0/22 maxlen: 24
82.39.176.0/22 maxlen: 24
82.39.180.0/22 maxlen: 24
82.39.216.0/22 maxlen: 24
82.39.221.0/24 maxlen: 24
82.39.224.0/22 maxlen: 24
82.40.0.0/22 maxlen: 24
82.40.4.0/22 maxlen: 24
82.40.8.0/22 maxlen: 24
82.40.12.0/22 maxlen: 24
82.40.16.0/22 maxlen: 24
82.41.44.0/22 maxlen: 24
82.41.52.0/22 maxlen: 24
82.41.68.0/22 maxlen: 24
82.41.80.0/22 maxlen: 24
82.41.88.0/22 maxlen: 24
82.41.100.0/22 maxlen: 24
82.41.104.0/22 maxlen: 24
82.41.108.0/22 maxlen: 24
82.41.124.0/22 maxlen: 24
82.41.134.0/24 maxlen: 24
82.41.148.0/22 maxlen: 24
82.41.152.0/22 maxlen: 24
82.41.160.0/22 maxlen: 24
82.41.164.0/22 maxlen: 24
82.41.172.0/22 maxlen: 24
82.41.176.0/22 maxlen: 24
82.41.184.0/22 maxlen: 24
82.41.188.0/22 maxlen: 24
82.41.204.0/22 maxlen: 24
82.41.212.0/22 maxlen: 24
82.41.224.0/22 maxlen: 24
82.41.228.0/22 maxlen: 24
2a13:9500:138::/48 maxlen: 48
2a13:9500:143::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:09:12:2a:27:fd:49:56:67:60:20:d5:e0:35:9d:d6:0e:12:d2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 13 14:29:50 2026 GMT
Not After : Apr 12 14:34:50 2027 GMT
Subject: CN=346F68C1C30A24750AD6F1CDD1A16F3467F55906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:18:87:bd:a9:cd:58:d4:09:80:c8:d2:0b:b0:
e8:7f:04:b0:df:d9:ee:6d:58:15:38:10:dc:44:22:
1d:e1:09:79:19:5e:26:4d:c1:26:07:10:21:ff:62:
38:9e:d4:42:1b:2c:ea:4e:70:ad:d0:18:19:d7:7b:
75:68:98:a5:98:f5:e8:bd:0d:9e:61:50:de:2b:fc:
89:a9:3e:f8:2a:da:f4:a7:8d:a7:2c:22:b6:8b:da:
bf:e5:bb:c8:72:57:33:d8:e2:e5:cb:2a:3e:7a:82:
70:85:6b:f1:48:cc:81:9d:ea:78:1b:07:1b:18:30:
ba:a5:81:21:de:08:68:27:7a:e2:04:91:9a:05:8c:
57:6a:00:e7:7a:cf:47:5c:9d:36:dd:36:54:39:47:
49:ba:89:22:4b:df:84:5a:7d:c7:38:08:08:c0:31:
6a:c2:5c:39:0e:90:58:6f:54:7d:a7:3d:5d:9a:b0:
3a:b8:db:82:e1:49:d7:5f:e2:5a:04:57:c4:2d:3d:
be:ed:5e:22:48:27:02:d8:4f:0d:6c:bd:6e:cd:71:
00:e9:f0:3c:4b:66:a0:a5:93:5a:b4:76:bc:2f:d4:
2f:36:7e:ad:05:68:d8:6d:1b:a0:fd:a5:b0:ef:41:
7a:a0:64:d0:c4:6b:c0:71:4f:ef:ba:aa:8a:9a:66:
c4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6F:68:C1:C3:0A:24:75:0A:D6:F1:CD:D1:A1:6F:34:67:F5:59:06
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.15.0/24
82.22.18.0/24
82.22.25.0/24
82.22.51.0/24
82.22.118.0/24
82.24.96.0/22
82.25.146.0/23
82.26.81.0/24
82.26.176.0/20
82.29.126.0/24
82.38.2.0/24
82.38.32.0/24
82.38.35.0/24
82.38.82.0/24
82.38.124.0/22
82.38.140.0/22
82.38.152.0-82.38.167.255
82.38.224.0/19
82.39.108.0/24
82.39.138.0/24
82.39.156.0/22
82.39.176.0/21
82.39.216.0/22
82.39.221.0/24
82.39.224.0/22
82.40.0.0-82.40.19.255
82.41.44.0/22
82.41.52.0/22
82.41.68.0/22
82.41.80.0/22
82.41.88.0/22
82.41.100.0-82.41.111.255
82.41.124.0/22
82.41.134.0/24
82.41.148.0-82.41.155.255
82.41.160.0/21
82.41.172.0-82.41.179.255
82.41.184.0/21
82.41.204.0/22
82.41.212.0/22
82.41.224.0/21
IPv6:
2a13:9500:138::/48
2a13:9500:143::/48
Signature Algorithm: sha256WithRSAEncryption
39:09:ce:ec:be:20:da:7a:58:ce:de:cf:01:d1:96:0c:dd:88:
a3:b7:b4:f1:ae:b0:35:37:30:3e:f0:e3:be:a6:10:de:ee:a7:
93:46:39:df:f9:cf:7a:69:96:94:64:79:d7:e8:00:61:11:bb:
ef:d4:1d:fb:85:04:1f:bd:70:79:c5:98:18:87:dc:c5:e7:c6:
6c:f7:94:a8:c0:8b:63:e0:a0:49:ea:1a:51:8c:a3:41:19:58:
dd:20:2a:24:b8:97:40:10:49:f1:9e:a9:e9:7b:9e:6b:34:63:
45:3e:c0:85:c6:53:d2:7d:a4:b7:36:57:1f:7f:bd:c7:54:5c:
12:cb:97:41:d4:77:19:3f:79:9f:a3:b9:04:76:f5:2c:a0:a4:
6c:6d:14:b1:b7:37:ac:e3:c4:6d:72:31:12:4f:c1:6f:90:8f:
e2:04:56:80:de:8e:28:12:72:81:41:e7:9e:46:92:35:9b:42:
37:47:9d:22:99:59:8c:96:f0:fb:2f:f0:34:88:e7:f5:1b:ef:
8d:a6:22:76:0f:27:34:35:50:db:b0:ef:27:2f:ea:22:41:b2:
ef:8b:af:39:ee:bb:d2:9e:9e:83:c2:08:f6:58:2c:2b:05:fc:
35:69:a3:da:9a:50:96:28:7a:a5:4a:78:42:7e:4e:13:2d:0b:
f0:02:4b:47
-----BEGIN CERTIFICATE-----
MIIGQDCCBSigAwIBAgIUKwkSKif9SVZnYCDV4DWd1g4S0hkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTMxNDI5NTBaFw0yNzA0MTIxNDM0NTBaMDMxMTAvBgNV
BAMTKDM0NkY2OEMxQzMwQTI0NzUwQUQ2RjFDREQxQTE2RjM0NjdGNTU5MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRGIe9qc1Y1AmAyNILsOh/BLDf
2e5tWBU4ENxEIh3hCXkZXiZNwSYHECH/Yjie1EIbLOpOcK3QGBnXe3VomKWY9ei9
DZ5hUN4r/ImpPvgq2vSnjacsIraL2r/lu8hyVzPY4uXLKj56gnCFa/FIzIGd6ngb
BxsYMLqlgSHeCGgneuIEkZoFjFdqAOd6z0dcnTbdNlQ5R0m6iSJL34Rafcc4CAjA
MWrCXDkOkFhvVH2nPV2asDq424LhSddf4loEV8QtPb7tXiJIJwLYTw1svW7NcQDp
8DxLZqClk1q0drwv1C82fq0FaNhtG6D9pbDvQXqgZNDEa8BxT++6qoqaZsRfAgMB
AAGjggNKMIIDRjAdBgNVHQ4EFgQUNG9owcMKJHUK1vHN0aFvNGf1WQYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFeBggrBgEFBQcBBwEB/wSCAU0wggFJMIIBKwQCAAEw
ggEjAwQAUhWLAwQAUhYPAwQAUhYSAwQAUhYZAwQAUhYzAwQAUhZ2AwQCUhhgAwQB
UhmSAwQAUhpRAwQEUhqwAwQAUh1+AwQAUiYCAwQAUiYgAwQAUiYjAwQAUiZSAwQC
UiZ8AwQCUiaMMAwDBANSJpgDBANSJqADBAVSJuADBABSJ2wDBABSJ4oDBAJSJ5wD
BANSJ7ADBAJSJ9gDBABSJ90DBAJSJ+AwCwMDA1IoAwQCUigQAwQCUiksAwQCUik0
AwQCUilEAwQCUilQAwQCUilYMAwDBAJSKWQDBARSKWADBAJSKXwDBABSKYYwDAME
AlIplAMEAlIpmAMEA1IpoDAMAwQCUimsAwQCUimwAwQDUim4AwQCUinMAwQCUinU
AwQDUingMBgEAgACMBIDBwAqE5UAATgDBwAqE5UAAUMwDQYJKoZIhvcNAQELBQAD
ggEBADkJzuy+INp6WM7ezwHRlgzdiKO3tPGusDU3MD7w476mEN7up5NGOd/5z3pp
lpRkedfoAGERu+/UHfuFBB+9cHnFmBiH3MXnxmz3lKjAi2PgoEnqGlGMo0EZWN0g
KiS4l0AQSfGeqel7nms0Y0U+wIXGU9J9pLc2Vx9/vcdUXBLLl0HUdxk/eZ+juQR2
9SygpGxtFLG3N6zjxG1yMRJPwW+Qj+IEVoDejigScoFB555GkjWbQjdHnSKZWYyW
8Psv8DSI5/Ub742mInYPJzQ1UNuw7ycv6iJBsu+Lrznuu9KenoPCCPZYLCsF/DVp
o9qaUJYoeqVKeEJ+ThMtC/ACS0c=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:45 2026 by rpki-client