Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: JzANzqWGHuWL1VaCmlZJZeSWqfq+zXWB7sJ4g7nx0Nk=
Subject key identifier: E3:79:65:DC:AF:5F:DC:C6:F2:DE:1C:EB:B5:80:9B:A1:AF:F7:DC:A5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 796FBB686E45A8B98F93ED6AAD64D81BA7CE2D37
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
Signing time: Tue 22 Apr 2025 09:17:18 +0000
ROA not before: Tue 22 Apr 2025 09:12:18 +0000
ROA not after: Tue 21 Apr 2026 09:17:18 +0000
asID: 16276
IP address blocks: 91.124.117.0/24 maxlen: 24
91.124.199.0/24 maxlen: 24
91.124.209.0/24 maxlen: 24
92.113.13.0/24 maxlen: 24
92.113.67.0/24 maxlen: 24
92.113.74.0/24 maxlen: 24
92.113.77.0/24 maxlen: 24
92.113.80.0/24 maxlen: 24
95.135.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:6f:bb:68:6e:45:a8:b9:8f:93:ed:6a:ad:64:d8:1b:a7:ce:2d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 22 09:12:18 2025 GMT
Not After : Apr 21 09:17:18 2026 GMT
Subject: CN=E37965DCAF5FDCC6F2DE1CEBB5809BA1AFF7DCA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:de:3a:1b:ad:66:9c:ec:e1:02:2e:31:b4:
3f:96:61:48:50:60:4f:76:28:5c:f2:e7:04:d8:4b:
f4:2c:47:e1:03:60:ff:b5:5e:99:f8:35:bd:a8:7b:
b9:e9:60:7e:05:12:8d:db:6d:d0:19:bc:69:dc:21:
a0:63:ee:d6:a2:86:1a:81:74:c8:78:7b:bb:6c:fa:
07:8c:e7:46:52:02:6d:92:b1:c9:1a:d1:c1:01:ba:
92:8b:b4:df:8c:6e:3f:15:24:4b:59:03:8f:35:da:
cd:3d:da:a7:f5:0a:f2:a3:11:be:cf:c7:23:48:1c:
9c:a2:16:c4:44:bd:2b:80:59:fa:6f:e4:7b:aa:8b:
6e:bc:09:95:1a:ba:2f:76:53:24:59:4d:10:82:9d:
2c:c8:a4:c9:7b:16:87:5e:58:d6:52:a5:ce:23:39:
19:4c:ea:f1:11:4c:a1:c2:cd:9a:e4:45:30:b6:4f:
74:9c:aa:25:56:3e:bc:12:db:32:00:3a:67:0a:73:
d8:a4:3a:cb:b1:2c:56:c2:d6:c5:07:da:f7:e7:75:
b5:26:0d:61:04:92:13:c4:b2:e8:93:8b:07:cb:b8:
a8:f9:f9:b7:93:2f:08:a5:dd:5f:26:4d:61:f2:27:
f5:e0:ea:4d:57:3a:2e:66:48:70:0b:e0:44:09:97:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:79:65:DC:AF:5F:DC:C6:F2:DE:1C:EB:B5:80:9B:A1:AF:F7:DC:A5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.117.0/24
91.124.199.0/24
91.124.209.0/24
92.113.13.0/24
92.113.67.0/24
92.113.74.0/24
92.113.77.0/24
92.113.80.0/24
95.135.58.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b5:68:1c:a9:5b:a4:69:bb:b7:7b:e8:d6:e3:d5:cd:b8:bc:
c8:a2:46:2d:97:db:1c:24:7d:f5:86:2e:9f:3a:90:c3:22:4d:
7c:53:8e:4c:36:f7:f4:5c:7d:df:06:02:83:74:f2:d1:26:fd:
b6:88:41:7b:3a:f1:a7:67:45:b3:12:a2:44:ba:78:35:da:1c:
15:3c:e1:ba:09:b2:89:b9:fe:dc:dc:d3:5c:4a:7a:07:60:70:
7b:a1:88:36:cd:77:50:d1:31:ec:62:7c:a0:79:92:1b:f7:04:
e3:5f:a3:55:34:29:db:c6:94:76:2f:a8:10:6b:d7:cb:58:c5:
ab:7e:a8:51:87:91:ea:9e:12:1e:9b:8e:9e:b3:8f:80:2c:2d:
a9:5c:9e:61:23:38:45:64:36:b9:21:c0:8a:98:c3:c6:57:e7:
f1:78:15:fd:65:3d:2b:90:49:09:2f:9e:5b:67:1c:b4:82:5d:
73:d4:fa:db:a3:fe:2e:8f:a8:8d:77:b6:bc:fd:bd:1b:11:52:
8b:76:a6:3e:f7:a1:1f:91:2c:f4:b7:5d:5e:0b:2d:29:2e:eb:
fb:7c:91:62:66:4a:6d:8a:cf:55:d4:4d:2c:49:63:e7:12:eb:
7b:62:31:fb:54:1d:a7:af:84:fd:b2:52:4f:b3:84:1b:7a:09:
5e:3b:d5:2f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUeW+7aG5FqLmPk+1qrWTYG6fOLTcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjIwOTEyMThaFw0yNjA0MjEwOTE3MThaMDMxMTAvBgNV
BAMTKEUzNzk2NURDQUY1RkRDQzZGMkRFMUNFQkI1ODA5QkExQUZGN0RDQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa+d46G61mnOzhAi4xtD+WYUhQ
YE92KFzy5wTYS/QsR+EDYP+1Xpn4Nb2oe7npYH4FEo3bbdAZvGncIaBj7taihhqB
dMh4e7ts+geM50ZSAm2Sscka0cEBupKLtN+Mbj8VJEtZA4812s092qf1CvKjEb7P
xyNIHJyiFsREvSuAWfpv5Huqi268CZUaui92UyRZTRCCnSzIpMl7FodeWNZSpc4j
ORlM6vERTKHCzZrkRTC2T3ScqiVWPrwS2zIAOmcKc9ikOsuxLFbC1sUH2vfndbUm
DWEEkhPEsuiTiwfLuKj5+beTLwil3V8mTWHyJ/Xg6k1XOi5mSHAL4EQJlyK7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU43ll3K9f3Mby3hzrtYCboa/33KUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABbfHUD
BABbfMcDBABbfNEDBABccQ0DBABccUMDBABccUoDBABccU0DBABccVADBABfhzow
DQYJKoZIhvcNAQELBQADggEBAFe1aBypW6Rpu7d76Nbj1c24vMiiRi2X2xwkffWG
Lp86kMMiTXxTjkw29/Rcfd8GAoN08tEm/baIQXs68adnRbMSokS6eDXaHBU84boJ
som5/tzc01xKegdgcHuhiDbNd1DRMexifKB5khv3BONfo1U0KdvGlHYvqBBr18tY
xat+qFGHkeqeEh6bjp6zj4AsLalcnmEjOEVkNrkhwIqYw8ZX5/F4Ff1lPSuQSQkv
nltnHLSCXXPU+tuj/i6PqI13trz9vRsRUot2pj73oR+RLPS3XV4LLSku6/t8kWJm
Sm2Kz1XUTSxJY+cS63tiMftUHaevhP2yUk+zhBt6CV471S8=
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:27:13 2025 by rpki-client