Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: JsXK6mL5JZoXUa5lujBXUmJqWOjeMmr576YMD710YF8=
Subject key identifier: 16:4B:41:28:64:FF:5B:56:EA:29:EE:C1:5D:60:84:40:D9:CE:67:EA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2BC0E6A5728C0E7130247ED9BA2BA8D0FE2A0E40
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Tue 17 Feb 2026 10:35:21 +0000
ROA not before: Tue 17 Feb 2026 10:30:21 +0000
ROA not after: Tue 16 Feb 2027 10:35:21 +0000
asID: 16509
IP address blocks: 82.21.28.0/22 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:110::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:c0:e6:a5:72:8c:0e:71:30:24:7e:d9:ba:2b:a8:d0:fe:2a:0e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 17 10:30:21 2026 GMT
Not After : Feb 16 10:35:21 2027 GMT
Subject: CN=164B412864FF5B56EA29EEC15D608440D9CE67EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:29:28:22:69:a3:b4:25:9d:88:d6:fd:e7:d9:
55:85:cc:2a:4a:a2:55:12:1f:73:a9:fd:63:c2:0f:
4b:66:eb:95:d4:e9:b4:4e:17:75:b1:46:27:b5:98:
1c:db:93:10:31:34:9b:58:aa:14:1a:1b:ee:52:9d:
b6:61:77:3b:2f:98:41:fe:da:41:b6:4a:9d:d1:14:
78:26:c6:02:b2:4d:0e:b6:4d:7a:74:c4:18:ac:4c:
6e:61:e2:02:a5:ec:54:69:4a:17:97:d4:a7:2b:6d:
d5:ff:91:7c:c8:27:18:93:89:ba:92:f5:d1:df:0a:
e3:99:ae:90:b5:30:d3:68:8d:ae:51:ca:c7:94:4a:
b2:d5:f5:13:86:1c:7e:bf:5a:59:64:16:27:71:cc:
b0:44:67:1a:fe:ae:8a:79:ae:de:45:af:c1:70:1f:
df:ab:8f:1c:08:ef:93:27:db:ea:af:02:b7:aa:ad:
f0:e1:f1:b1:98:cb:57:b7:6b:45:1f:27:ea:73:74:
7a:3d:80:38:79:db:9d:24:9d:12:d3:68:7e:85:1b:
03:e1:bb:ce:f5:af:23:e4:a4:11:92:10:d6:79:a5:
a1:4b:f1:03:34:50:53:59:60:60:3d:5b:60:80:57:
bc:e3:30:57:71:54:22:f5:70:79:ad:79:49:05:37:
1a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4B:41:28:64:FF:5B:56:EA:29:EE:C1:5D:60:84:40:D9:CE:67:EA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.39.223.0/24
82.41.200.0/24
178.83.112.0/22
IPv6:
2a13:9500:110::/48
2a13:9500:13a::/48
Signature Algorithm: sha256WithRSAEncryption
27:d3:f3:76:fd:19:ec:20:98:af:c1:ef:66:6b:4d:06:05:aa:
2c:b9:7c:b2:6d:58:84:12:10:bb:bd:97:61:35:9b:a2:a5:93:
e0:11:29:3a:dd:07:15:70:e5:0c:2b:97:c4:31:64:68:c7:65:
45:40:38:db:6d:f3:21:94:88:98:02:4b:2b:75:fa:6e:c4:17:
a4:4a:f5:46:12:f1:cf:df:9a:80:6c:29:21:a3:5e:e3:68:d1:
ee:3e:2a:63:94:e6:72:66:57:d2:15:f8:cf:a1:af:71:8e:ab:
64:4e:2d:12:c5:9d:1f:09:58:a4:cc:f1:2f:91:fd:75:89:3b:
ef:24:4f:ec:8f:c2:8e:b4:f2:79:fe:d8:c6:7d:22:94:f8:a0:
c7:56:94:fd:4d:53:61:5e:03:67:0c:9d:d6:dd:dd:85:e6:cf:
99:7a:06:a4:3b:86:7e:a1:cd:e9:a0:2a:2f:12:8b:0e:41:8e:
88:69:26:0e:34:b7:1f:08:ca:27:4b:8f:5f:d4:06:c0:bd:a3:
b2:bd:84:c7:1e:10:d5:7b:ab:b4:86:e7:fc:77:95:c0:3d:82:
b5:10:e1:21:b4:c6:36:9b:bc:a9:59:7c:36:eb:87:85:de:38:
5e:d7:5f:87:df:20:3d:31:3f:be:bb:9d:2e:09:07:9c:62:00:
69:50:98:41
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUK8DmpXKMDnEwJH7Zuiuo0P4qDkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTcxMDMwMjFaFw0yNzAyMTYxMDM1MjFaMDMxMTAvBgNV
BAMTKDE2NEI0MTI4NjRGRjVCNTZFQTI5RUVDMTVENjA4NDQwRDlDRTY3RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtKSgiaaO0JZ2I1v3n2VWFzCpK
olUSH3Op/WPCD0tm65XU6bROF3WxRie1mBzbkxAxNJtYqhQaG+5SnbZhdzsvmEH+
2kG2Sp3RFHgmxgKyTQ62TXp0xBisTG5h4gKl7FRpSheX1KcrbdX/kXzIJxiTibqS
9dHfCuOZrpC1MNNoja5RyseUSrLV9ROGHH6/WllkFidxzLBEZxr+rop5rt5Fr8Fw
H9+rjxwI75Mn2+qvAreqrfDh8bGYy1e3a0UfJ+pzdHo9gDh5250knRLTaH6FGwPh
u871ryPkpBGSENZ5paFL8QM0UFNZYGA9W2CAV7zjMFdxVCL1cHmteUkFNxq/AgMB
AAGjggJuMIICajAdBgNVHQ4EFgQUFktBKGT/W1bqKe7BXWCEQNnOZ+owHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYMGCCsGAQUFBwEHAQH/BHQwcjBWBAIAATBQAwQCUhUc
AwQAUhhMAwQAUhhkAwQAUhqaAwQAUhrJAwQAUh0AMAwDBAFSHQIDBABSHQQDBABS
HWYDBAFSHWgDBABSJ98DBABSKcgDBAKyU3AwGAQCAAIwEgMHACoTlQABEAMHACoT
lQABOjANBgkqhkiG9w0BAQsFAAOCAQEAJ9Pzdv0Z7CCYr8HvZmtNBgWqLLl8sm1Y
hBIQu72XYTWboqWT4BEpOt0HFXDlDCuXxDFkaMdlRUA4223zIZSImAJLK3X6bsQX
pEr1RhLxz9+agGwpIaNe42jR7j4qY5TmcmZX0hX4z6GvcY6rZE4tEsWdHwlYpMzx
L5H9dYk77yRP7I/CjrTyef7Yxn0ilPigx1aU/U1TYV4DZwyd1t3dhebPmXoGpDuG
fqHN6aAqLxKLDkGOiGkmDjS3HwjKJ0uPX9QGwL2jsr2Exx4Q1XurtIbn/HeVwD2C
tRDhIbTGNpu8qVl8NuuHhd44Xtdfh98gPTE/vrudLgkHnGIAaVCYQQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:48:02 2026 by rpki-client