Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: Be3tkb4G1JFm5XN0hTxJ4fxxONxaqBqfJxlWGRnviHQ=
Subject key identifier: C0:34:F6:46:AE:38:92:EC:11:4D:0C:D5:C9:DE:F1:19:50:EE:8E:07
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 41EF993A992D387CCB77D5EE79F592F4686CC4FD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Fri 31 Oct 2025 06:21:36 +0000
ROA not before: Fri 31 Oct 2025 06:16:36 +0000
ROA not after: Fri 30 Oct 2026 06:21:36 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.23.162.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ef:99:3a:99:2d:38:7c:cb:77:d5:ee:79:f5:92:f4:68:6c:c4:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 31 06:16:36 2025 GMT
Not After : Oct 30 06:21:36 2026 GMT
Subject: CN=C034F646AE3892EC114D0CD5C9DEF11950EE8E07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:cd:85:59:ec:49:fa:15:eb:1a:2d:22:0d:
a8:84:c6:22:56:cf:fc:f3:35:78:cb:d4:52:17:c9:
43:b1:98:ae:5a:9b:53:66:d1:d3:53:ef:b7:5d:73:
ee:36:5f:dd:72:81:3a:a3:9b:ae:5e:8f:8c:48:92:
a1:25:4e:9d:cc:7e:2c:0e:6e:6b:d4:76:5a:21:fd:
89:54:d8:93:d5:34:44:38:13:df:c3:f6:cd:0a:2a:
21:4b:cd:21:cc:4a:35:5b:5a:af:b4:70:75:46:c0:
77:fb:11:d5:39:61:1a:d9:cb:d0:f1:5f:e8:9a:05:
7b:cc:68:6c:48:14:65:cd:67:be:ed:d3:d8:cf:88:
09:f7:c3:e4:16:18:bb:01:e9:15:21:56:99:a4:5b:
3a:e6:7f:ba:25:f4:ce:e2:6f:47:96:8c:cb:2c:9f:
2b:f8:78:69:eb:a9:dd:6a:19:1c:29:38:ab:78:d8:
6d:01:a7:5c:e0:16:10:d1:0c:0c:5b:ac:16:1b:58:
25:7f:5c:82:d4:55:e5:e1:51:79:a1:d7:94:c2:99:
48:c3:52:1a:25:0b:2d:a4:a0:d0:d3:29:3f:c3:1f:
60:19:e1:9a:1a:59:39:65:06:03:d7:66:a5:64:06:
76:5f:45:79:8f:1d:6d:c7:77:a8:b0:bc:c0:07:95:
91:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:34:F6:46:AE:38:92:EC:11:4D:0C:D5:C9:DE:F1:19:50:EE:8E:07
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.118.0/24
82.23.162.0/24
82.24.96.0/22
82.25.146.0/23
82.26.176.0/20
Signature Algorithm: sha256WithRSAEncryption
42:85:fa:b4:a8:a2:8f:60:64:d9:87:22:41:93:f3:e3:da:e7:
ed:7e:2c:ad:11:2e:0a:30:e5:06:3e:8b:70:e9:dc:fd:c7:6d:
9f:02:26:e5:af:0d:27:8b:a8:1d:a4:00:79:dc:44:e3:72:be:
c1:e6:1b:fb:aa:ad:3d:15:9e:ba:02:01:67:a5:ef:cb:7d:1a:
ff:88:6d:04:b4:9f:81:05:b9:2a:fd:20:96:ba:4d:a9:99:37:
d2:46:2e:61:40:d7:6d:62:5c:12:66:a1:7b:f2:4a:53:67:64:
99:5b:f5:f0:bd:fa:cd:cd:89:8d:6e:1b:52:ad:9c:f1:ee:06:
32:15:42:a5:7d:90:08:de:66:86:91:0b:d9:81:b7:9e:15:ee:
e8:c1:18:f8:76:06:98:03:08:d4:5c:25:ab:a2:36:a9:05:dd:
53:99:74:ad:a3:85:b8:5d:1b:34:ca:2c:a2:78:6c:ec:ae:5f:
ef:2f:0d:a1:bd:3c:81:6b:71:4a:a8:b0:0a:bb:a6:b5:e7:58:
a7:8e:7a:20:1e:df:b3:63:1f:43:cf:bd:20:c4:21:1b:cd:e3:
b8:ad:b9:d0:24:e6:7c:a5:a6:08:f1:2c:02:ac:e3:fd:95:ff:
58:64:b5:30:43:38:e8:9b:33:f6:0b:ad:c8:94:eb:dc:16:ea:
59:c4:5e:c3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUQe+ZOpktOHzLd9XuefWS9GhsxP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMzEwNjE2MzZaFw0yNjEwMzAwNjIxMzZaMDMxMTAvBgNV
BAMTKEMwMzRGNjQ2QUUzODkyRUMxMTREMENENUM5REVGMTE5NTBFRThFMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Mc2FWexJ+hXrGi0iDaiExiJW
z/zzNXjL1FIXyUOxmK5am1Nm0dNT77ddc+42X91ygTqjm65ej4xIkqElTp3MfiwO
bmvUdloh/YlU2JPVNEQ4E9/D9s0KKiFLzSHMSjVbWq+0cHVGwHf7EdU5YRrZy9Dx
X+iaBXvMaGxIFGXNZ77t09jPiAn3w+QWGLsB6RUhVpmkWzrmf7ol9M7ib0eWjMss
nyv4eGnrqd1qGRwpOKt42G0Bp1zgFhDRDAxbrBYbWCV/XILUVeXhUXmh15TCmUjD
UholCy2koNDTKT/DH2AZ4ZoaWTllBgPXZqVkBnZfRXmPHW3Hd6iwvMAHlZG7AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUwDT2Rq44kuwRTQzVyd7xGVDujgcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABSFYsD
BABSFnYDBABSF6IDBAJSGGADBAFSGZIDBARSGrAwDQYJKoZIhvcNAQELBQADggEB
AEKF+rSooo9gZNmHIkGT8+Pa5+1+LK0RLgow5QY+i3Dp3P3HbZ8CJuWvDSeLqB2k
AHncRONyvsHmG/uqrT0VnroCAWel78t9Gv+IbQS0n4EFuSr9IJa6TamZN9JGLmFA
121iXBJmoXvySlNnZJlb9fC9+s3NiY1uG1KtnPHuBjIVQqV9kAjeZoaRC9mBt54V
7ujBGPh2BpgDCNRcJauiNqkF3VOZdK2jhbhdGzTKLKJ4bOyuX+8vDaG9PIFrcUqo
sAq7prXnWKeOeiAe37NjH0PPvSDEIRvN47itudAk5nylpgjxLAKs4/2V/1hktTBD
OOibM/YLrciU69wW6lnEXsM=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:55 2025 by rpki-client