Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: /6dXHXPFwkGyKBU6KopYZ4Dt+aCmzDrH9hFdDSSa15U=
Subject key identifier: 18:AE:EB:9A:9A:C4:4F:23:45:DA:F8:02:D8:BA:A8:E2:88:12:AB:3A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4F1F69201D881CC2870A823081B5A913742F8777
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Fri 05 Jun 2026 07:04:45 +0000
ROA not before: Fri 05 Jun 2026 06:59:45 +0000
ROA not after: Fri 04 Jun 2027 07:04:45 +0000
asID: 16509
IP address blocks: 82.21.0.0/24 maxlen: 24
82.23.172.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.44.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
82.47.152.0/22 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
84.75.132.0/23 maxlen: 24
178.83.182.0/23 maxlen: 24
178.83.230.0/23 maxlen: 24
178.83.232.0/24 maxlen: 24
2a13:9500:110::/48 maxlen: 48
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
2a13:9500:176::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:1f:69:20:1d:88:1c:c2:87:0a:82:30:81:b5:a9:13:74:2f:87:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 5 06:59:45 2026 GMT
Not After : Jun 4 07:04:45 2027 GMT
Subject: CN=18AEEB9A9AC44F2345DAF802D8BAA8E28812AB3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:66:e8:7b:26:4e:91:52:7c:02:7f:0a:1b:84:
3f:36:3a:18:80:81:d6:37:7b:2c:a0:54:11:77:46:
b1:74:8d:ce:28:c9:eb:a4:04:e1:e2:2f:5b:9d:29:
55:fd:35:19:5a:f4:63:33:bf:37:d4:0c:bd:1b:75:
c7:79:be:12:42:90:c6:aa:20:70:13:5d:d6:72:af:
53:eb:ba:e9:33:5d:e4:c6:05:b3:e3:80:f0:20:9b:
86:b0:e5:39:63:73:46:da:6d:aa:9b:43:1d:23:67:
c5:6b:54:41:7c:3f:85:2a:18:20:46:77:1b:f7:f7:
b5:e8:9d:10:0d:5f:e2:01:03:ef:c6:ec:dd:67:f4:
55:62:d5:b6:89:cb:34:37:9b:2c:55:1a:93:3d:e3:
52:67:ca:3d:01:12:c7:45:e0:ef:02:85:4c:0f:a7:
aa:51:d8:f4:d6:af:e7:49:8c:dc:52:70:b0:ee:a6:
b6:44:aa:78:51:44:e0:b1:20:ce:ef:1b:6e:2a:73:
b7:a7:49:b9:01:48:9b:40:7b:61:24:c6:31:c1:34:
61:33:79:61:6a:3d:03:26:ce:8b:f4:82:0a:1d:d0:
4c:b9:47:16:08:8d:7e:fd:ec:4c:95:02:c1:a6:1a:
d6:67:16:4f:90:4c:f3:1f:d0:51:52:bc:36:89:26:
cf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AE:EB:9A:9A:C4:4F:23:45:DA:F8:02:D8:BA:A8:E2:88:12:AB:3A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/24
82.23.172.0/24
82.24.76.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.44.0/24
82.29.102.0/24
82.29.104.0/23
82.41.200.0/24
82.47.64.0/19
82.47.152.0/22
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
84.75.132.0/23
178.83.182.0/23
178.83.230.0-178.83.232.255
IPv6:
2a13:9500:110::/48
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
2a13:9500:176::/48
Signature Algorithm: sha256WithRSAEncryption
a8:e5:51:a5:c3:99:ab:be:49:03:8c:58:53:2e:8c:fd:2c:9a:
5d:72:9f:bf:a0:a3:a7:a6:9e:b0:b5:9a:57:89:bb:c7:36:78:
b6:06:21:57:c5:b8:de:22:88:a0:69:09:2b:4d:7e:bb:45:8c:
fe:62:fd:67:a8:71:dd:5d:43:b1:49:90:53:37:72:d4:c7:cc:
d3:17:ed:45:37:c4:d4:a7:f5:54:37:44:ab:48:63:bc:be:de:
4c:14:c6:16:e9:ec:6a:bd:d3:9d:9a:15:9d:bc:aa:b2:b7:6a:
a5:64:7c:8c:cf:6f:eb:a4:0d:01:91:42:91:c8:6a:73:4a:0e:
34:50:4d:fa:fe:32:5e:9c:68:b0:2e:b3:1f:98:49:9b:03:72:
70:a2:93:11:a5:c8:76:40:be:ee:86:95:9f:70:46:96:56:25:
88:e3:3e:e1:d8:36:44:09:70:4a:42:0a:d2:01:15:0d:59:e2:
c3:7c:f4:7b:01:64:21:8a:93:5c:88:14:17:b0:36:46:ea:95:
01:f6:a3:25:52:60:03:47:0f:4c:f4:fc:1f:ab:2a:b7:33:73:
68:60:19:d1:2d:30:93:ec:7b:71:59:dc:51:11:6a:1f:d9:5e:
c7:14:88:cb:1f:be:08:f8:04:b6:2c:01:d1:d7:1b:e3:af:b5:
56:dc:5e:be
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIUTx9pIB2IHMKHCoIwgbWpE3Qvh3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDUwNjU5NDVaFw0yNzA2MDQwNzA0NDVaMDMxMTAvBgNV
BAMTKDE4QUVFQjlBOUFDNDRGMjM0NURBRjgwMkQ4QkFBOEUyODgxMkFCM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Zuh7Jk6RUnwCfwobhD82OhiA
gdY3eyygVBF3RrF0jc4oyeukBOHiL1udKVX9NRla9GMzvzfUDL0bdcd5vhJCkMaq
IHATXdZyr1PruukzXeTGBbPjgPAgm4aw5Tljc0babaqbQx0jZ8VrVEF8P4UqGCBG
dxv397XonRANX+IBA+/G7N1n9FVi1baJyzQ3myxVGpM941Jnyj0BEsdF4O8ChUwP
p6pR2PTWr+dJjNxScLDuprZEqnhRROCxIM7vG24qc7enSbkBSJtAe2EkxjHBNGEz
eWFqPQMmzov0ggod0Ey5RxYIjX797EyVAsGmGtZnFk+QTPMf0FFSvDaJJs+xAgMB
AAGjggMUMIIDEDAdBgNVHQ4EFgQUGK7rmprETyNF2vgC2Lqo4ogSqzowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEoBggrBgEFBQcBBwEB/wSCARcwggETMIHbBAIAATCB
1AMEAFIVAAMEAFIXrAMEAFIYTAMEAFIamgMEAFIayQMEAFIdADAMAwQBUh0CAwQA
Uh0EAwQAUh0sAwQAUh1mAwQBUh1oAwQAUinIAwQFUi9AAwQCUi+YAwQBVEsSAwQA
VEsiMAwDBAJUSyQDBABUSyYwDAMEAFRLKQMEAFRLKgMEAFRLMDAMAwQBVEsyAwQB
VEs0AwQAVEs3MAwDBABUSz0DBAFUS0AwDAMEAFRLQwMEAFRLRgMEBVRLYAMEAVRL
hAMEAbJTtjAMAwQBslPmAwQAslPoMDMEAgACMC0DBwAqE5UAARADBwEqE5UAASYD
BwAqE5UAAToDBwAqE5UAAVcDBwAqE5UAAXYwDQYJKoZIhvcNAQELBQADggEBAKjl
UaXDmau+SQOMWFMujP0sml1yn7+go6emnrC1mleJu8c2eLYGIVfFuN4iiKBpCStN
frtFjP5i/Weocd1dQ7FJkFM3ctTHzNMX7UU3xNSn9VQ3RKtIY7y+3kwUxhbp7Gq9
052aFZ28qrK3aqVkfIzPb+ukDQGRQpHIanNKDjRQTfr+Ml6caLAusx+YSZsDcnCi
kxGlyHZAvu6GlZ9wRpZWJYjjPuHYNkQJcEpCCtIBFQ1Z4sN89HsBZCGKk1yIFBew
NkbqlQH2oyVSYANHD0z0/B+rKrczc2hgGdEtMJPse3FZ3FERah/ZXscUiMsfvgj4
BLYsAdHXG+OvtVbcXr4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:43:03 2026 by rpki-client