Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: UtCl061B/MNJdmd5JNRXnPIqvbYlbFJpGCyWBjeSkxA=
Subject key identifier: 69:DB:5C:9C:B8:5A:8F:43:EB:1D:46:76:07:6A:EA:8F:E1:DA:46:47
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 320FA951866A848940F9647A1E21DB8704F46273
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Mon 04 Aug 2025 00:01:19 +0000
ROA not before: Sun 03 Aug 2025 23:56:19 +0000
ROA not after: Mon 03 Aug 2026 00:01:19 +0000
asID: 16509
IP address blocks: 82.21.28.0/22 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.157.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:0f:a9:51:86:6a:84:89:40:f9:64:7a:1e:21:db:87:04:f4:62:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 3 23:56:19 2025 GMT
Not After : Aug 3 00:01:19 2026 GMT
Subject: CN=69DB5C9CB85A8F43EB1D4676076AEA8FE1DA4647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:41:aa:30:93:1e:8d:35:43:e3:b9:88:d7:0d:
ae:f6:a8:3d:93:c2:ff:3b:35:a3:dc:c3:f5:05:a6:
9a:3a:47:fe:8a:84:09:92:53:6a:3e:d5:0c:9f:34:
a0:50:36:00:16:d4:0d:7f:1a:18:4c:6a:b6:42:c1:
2f:be:fa:ee:3e:8a:4a:00:e4:54:dc:04:90:af:e1:
22:f3:42:14:3a:83:02:12:f9:2f:4d:e9:d7:14:7b:
e1:da:9f:59:46:5b:f1:76:e6:ef:bc:17:91:a7:61:
7b:97:98:0e:f7:b9:e4:4d:42:31:94:f5:9c:33:ff:
09:d3:84:ad:7d:26:f2:53:f1:e8:5f:58:8a:a9:36:
a8:e9:7d:19:61:b7:8f:ed:c6:a9:16:fd:7b:9e:01:
df:a3:2b:9c:f6:e0:84:26:d7:e0:22:47:38:3d:43:
c1:77:92:17:54:35:88:02:d5:2c:d8:ff:8a:f9:6f:
84:37:80:58:28:10:0f:4e:f7:18:e9:b7:9b:19:24:
29:d4:75:d1:36:d4:9a:7c:b3:06:60:3c:00:73:8d:
e2:be:46:92:1a:39:e5:e5:b5:4e:12:c5:80:d4:12:
d4:7d:3f:c8:f2:60:65:83:ad:3d:a9:7f:fe:85:cf:
6c:e1:78:b6:cf:ef:cd:7b:51:4f:0f:cc:4d:df:56:
38:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DB:5C:9C:B8:5A:8F:43:EB:1D:46:76:07:6A:EA:8F:E1:DA:46:47
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.24.100.0/24
82.26.154.0/24
82.26.157.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
27:54:62:4c:ab:47:16:a5:14:bc:90:ae:9a:d8:be:4a:76:43:
1e:6b:45:e5:fe:03:7f:ee:11:20:03:30:76:f1:61:24:dd:d6:
27:2b:40:92:6a:25:fc:8e:97:71:ad:4f:22:dd:48:3f:3f:23:
bb:61:2e:73:87:20:6e:d5:6c:e6:78:68:2c:1f:07:f2:cd:7f:
a8:44:9c:db:c7:c5:8d:12:f2:26:e2:ef:84:3e:51:c6:e9:9c:
87:76:7c:1e:4e:a9:6c:85:b3:07:fa:04:a5:4c:57:e9:d8:aa:
4b:ca:b8:01:8f:dd:f0:18:1d:33:4c:78:36:64:13:d5:89:d3:
3a:35:85:50:5a:57:18:87:4f:1b:8a:30:51:b7:94:d0:1c:30:
63:be:69:bb:ce:f9:bc:16:ab:fa:7e:f8:36:40:3a:3a:03:3f:
35:22:aa:ae:ff:5a:0d:a2:c8:c7:ce:60:3f:cb:d4:39:bc:bc:
3a:ad:37:31:21:be:d6:9a:24:72:28:b4:ee:c7:c9:f9:3d:bf:
b2:1a:2c:f4:b3:07:8c:d9:43:cb:a8:79:6f:62:79:7d:5a:88:
d5:7f:58:5c:ef:f8:4d:1f:80:77:a5:5d:b0:52:89:ce:c2:11:
2d:25:ff:7b:a0:c0:c1:e3:a9:8f:97:bb:3a:b5:c9:cc:2e:26:
20:ee:30:b7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMg+pUYZqhIlA+WR6HiHbhwT0YnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDMyMzU2MTlaFw0yNjA4MDMwMDAxMTlaMDMxMTAvBgNV
BAMTKDY5REI1QzlDQjg1QThGNDNFQjFENDY3NjA3NkFFQThGRTFEQTQ2NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Qaowkx6NNUPjuYjXDa72qD2T
wv87NaPcw/UFppo6R/6KhAmSU2o+1QyfNKBQNgAW1A1/GhhMarZCwS+++u4+ikoA
5FTcBJCv4SLzQhQ6gwIS+S9N6dcUe+Han1lGW/F25u+8F5GnYXuXmA73ueRNQjGU
9Zwz/wnThK19JvJT8ehfWIqpNqjpfRlht4/txqkW/XueAd+jK5z24IQm1+AiRzg9
Q8F3khdUNYgC1SzY/4r5b4Q3gFgoEA9O9xjpt5sZJCnUddE21Jp8swZgPABzjeK+
RpIaOeXltU4SxYDUEtR9P8jyYGWDrT2pf/6Fz2zheLbP7817UU8PzE3fVjhbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUadtcnLhaj0PrHUZ2B2rqj+HaRkcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAJSFRwD
BABSGGQDBABSGpoDBABSGp0DBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFId
ZgMEAVIdaDANBgkqhkiG9w0BAQsFAAOCAQEAJ1RiTKtHFqUUvJCumti+SnZDHmtF
5f4Df+4RIAMwdvFhJN3WJytAkmol/I6Xca1PIt1IPz8ju2Euc4cgbtVs5nhoLB8H
8s1/qESc28fFjRLyJuLvhD5Rxumch3Z8Hk6pbIWzB/oEpUxX6diqS8q4AY/d8Bgd
M0x4NmQT1YnTOjWFUFpXGIdPG4owUbeU0BwwY75pu875vBar+n74NkA6OgM/NSKq
rv9aDaLIx85gP8vUOby8Oq03MSG+1pokcii07sfJ+T2/shos9LMHjNlDy6h5b2J5
fVqI1X9YXO/4TR+Ad6VdsFKJzsIRLSX/e6DAweOpj5e7OrXJzC4mIO4wtw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:20 2025 by rpki-client