Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: P4HYhWzt8ekKvY7K0iYSGC3BRdb2LXX7eTVB9wT0gq4=
Subject key identifier: 48:13:F7:50:99:7A:B5:49:2D:40:BB:7C:D5:CF:46:82:A2:1F:4F:75
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5B8EA7CACDF3D0FD4A6CA5C70DA2F7DA9FF47223
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Tue 09 Jun 2026 09:07:11 +0000
ROA not before: Tue 09 Jun 2026 09:02:11 +0000
ROA not after: Tue 08 Jun 2027 09:07:11 +0000
asID: 16509
IP address blocks: 91.124.28.0/24 maxlen: 24
91.124.34.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
92.113.100.0/24 maxlen: 24
95.135.202.0/24 maxlen: 24
178.92.101.0/24 maxlen: 24
178.94.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:8e:a7:ca:cd:f3:d0:fd:4a:6c:a5:c7:0d:a2:f7:da:9f:f4:72:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 9 09:02:11 2026 GMT
Not After : Jun 8 09:07:11 2027 GMT
Subject: CN=4813F750997AB5492D40BB7CD5CF4682A21F4F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1a:66:da:61:92:bd:0f:df:20:b2:cb:ff:58:
ba:0a:9d:76:3b:d3:47:cc:e4:75:d6:22:e0:f1:a4:
06:9a:9f:fe:8a:09:68:96:52:f9:76:a6:ac:67:11:
14:43:b4:ab:65:98:15:a0:da:c4:d7:d8:a8:23:62:
d7:34:00:64:27:dd:8b:f0:31:80:0e:b1:aa:7d:62:
fe:b6:60:6f:90:98:37:5b:37:5f:e9:32:c7:2e:4f:
0f:aa:e0:3d:b2:a7:6a:0a:f0:98:37:3e:0d:69:c7:
26:e0:d6:3e:8c:cd:de:43:20:f6:62:9f:b7:2a:54:
5c:80:96:be:c8:52:de:ec:d0:f4:7b:a8:51:86:59:
c1:40:f0:ca:52:08:a8:60:9d:87:fc:dc:9b:b3:70:
9d:6c:35:72:99:ee:4c:2e:41:38:1e:05:bc:90:af:
9d:c8:65:26:17:f2:a4:30:58:6e:74:56:53:5e:c2:
71:e3:9d:2d:0a:c5:70:69:5a:41:dd:87:4f:53:75:
31:af:0f:a3:f2:0e:d5:80:f8:b3:da:d7:5e:45:d2:
83:78:3e:2b:c4:ab:89:18:1b:03:c6:8f:ea:fa:cd:
91:b8:bf:2d:32:c1:18:ee:a6:43:ab:1b:57:24:0c:
41:d0:a8:1f:a8:35:60:10:fb:c8:39:2d:50:55:58:
79:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:13:F7:50:99:7A:B5:49:2D:40:BB:7C:D5:CF:46:82:A2:1F:4F:75
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.28.0/24
91.124.34.0/24
91.124.38.0/24
91.124.42.0/24
91.124.122.0/24
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.58.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
92.113.100.0/24
95.135.202.0/24
178.92.101.0/24
178.94.192.0/24
Signature Algorithm: sha256WithRSAEncryption
91:65:56:1b:b2:c9:ef:58:ff:5e:d4:ae:b1:af:bf:c6:1e:2e:
96:49:ee:88:1d:a9:c7:e2:61:ea:3e:a6:c7:64:aa:78:ff:d3:
0d:fe:8c:50:dc:3c:19:8f:de:ea:1f:2c:e0:ac:37:8d:fe:c1:
90:4f:a3:bc:24:84:af:21:72:18:0b:c8:a2:70:5b:97:d7:e9:
15:3c:46:8c:3b:d7:b3:9c:3d:df:8f:3d:99:6c:96:f4:5c:db:
d2:af:ee:cd:97:06:17:88:53:ba:d6:8c:19:3d:12:e3:55:89:
64:59:36:de:41:30:7f:57:40:8a:e5:5b:5d:cd:a5:5e:cf:3b:
7e:18:e1:c2:03:a5:b4:20:20:a0:e0:27:b6:46:76:75:aa:1d:
5a:bc:ba:4d:c5:9a:8e:0a:c9:cb:1a:f0:c1:e0:99:67:8b:e3:
b3:ea:9e:1e:1c:cd:41:b7:38:63:a1:d0:28:20:6e:2b:64:53:
f6:3a:0b:f1:84:b0:71:6e:a3:fb:e6:ca:f4:91:91:03:f4:57:
17:c4:0b:b0:37:aa:0e:4b:b7:e8:7f:60:09:9f:1f:7b:95:49:
0f:ec:df:64:68:4b:8a:95:6f:e0:fa:9e:cd:d5:1b:45:bb:12:
ed:dd:7b:d4:e1:c9:c1:7d:5e:f5:bd:0d:17:a2:ab:3f:73:be:
9f:e8:8f:46
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUW46nys3z0P1KbKXHDaL32p/0ciMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MDkwOTAyMTFaFw0yNzA2MDgwOTA3MTFaMDMxMTAvBgNV
BAMTKDQ4MTNGNzUwOTk3QUI1NDkyRDQwQkI3Q0Q1Q0Y0NjgyQTIxRjRGNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMGmbaYZK9D98gssv/WLoKnXY7
00fM5HXWIuDxpAaan/6KCWiWUvl2pqxnERRDtKtlmBWg2sTX2KgjYtc0AGQn3Yvw
MYAOsap9Yv62YG+QmDdbN1/pMscuTw+q4D2yp2oK8Jg3Pg1pxybg1j6Mzd5DIPZi
n7cqVFyAlr7IUt7s0PR7qFGGWcFA8MpSCKhgnYf83JuzcJ1sNXKZ7kwuQTgeBbyQ
r53IZSYX8qQwWG50VlNewnHjnS0KxXBpWkHdh09TdTGvD6PyDtWA+LPa115F0oN4
PivEq4kYGwPGj+r6zZG4vy0ywRjupkOrG1ckDEHQqB+oNWAQ+8g5LVBVWHn7AgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUSBP3UJl6tUktQLt81c9GgqIfT3UwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgY0GCCsGAQUFBwEHAQH/BH4wfDB6BAIAATB0AwQAW3wc
AwQAW3wiAwQAW3wmAwQAW3wqAwQAW3x6AwQAW3yDAwQAW3yFAwQAW3zZAwQAXHAz
AwQAXHA6AwQAXHA9AwQAXHA/AwQBXHBKMAwDBABccTEDBAFccTQDBABccWQDBABf
h8oDBACyXGUDBACyXsAwDQYJKoZIhvcNAQELBQADggEBAJFlVhuyye9Y/17UrrGv
v8YeLpZJ7ogdqcfiYeo+psdkqnj/0w3+jFDcPBmP3uofLOCsN43+wZBPo7wkhK8h
chgLyKJwW5fX6RU8Row717OcPd+PPZlslvRc29Kv7s2XBheIU7rWjBk9EuNViWRZ
Nt5BMH9XQIrlW13NpV7PO34Y4cIDpbQgIKDgJ7ZGdnWqHVq8uk3Fmo4Kycsa8MHg
mWeL47Pqnh4czUG3OGOh0CggbitkU/Y6C/GEsHFuo/vmyvSRkQP0VxfEC7A3qg5L
t+h/YAmfH3uVSQ/s32RoS4qVb+D6ns3VG0W7Eu3de9ThycF9XvW9DReiqz9zvp/o
j0Y=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:26:31 2026 by rpki-client