Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: KM9kCEiKxXpG0x+1bMixuCBXpP9NBi8CRpgvXu4M8K8=
Subject key identifier: EA:7B:F8:4E:C1:5C:E2:E8:A0:B9:AD:7C:EF:B6:B6:92:D3:EB:53:E8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0F3AF13DDD9FBA54BAAC27174C76FF5DABD4C224
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Sun 25 May 2025 14:48:35 +0000
ROA not before: Sun 25 May 2025 14:43:35 +0000
ROA not after: Sun 24 May 2026 14:48:35 +0000
asID: 16509
IP address blocks: 91.124.42.0/24 maxlen: 24
91.124.43.0/24 maxlen: 24
91.124.117.0/24 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
92.113.212.0/24 maxlen: 24
92.113.213.0/24 maxlen: 24
92.113.214.0/24 maxlen: 24
95.134.143.0/24 maxlen: 24
95.135.200.0/24 maxlen: 24
95.135.201.0/24 maxlen: 24
95.135.202.0/24 maxlen: 24
95.135.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3a:f1:3d:dd:9f:ba:54:ba:ac:27:17:4c:76:ff:5d:ab:d4:c2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 25 14:43:35 2025 GMT
Not After : May 24 14:48:35 2026 GMT
Subject: CN=EA7BF84EC15CE2E8A0B9AD7CEFB6B692D3EB53E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:d8:3b:06:c2:fc:0f:f6:77:41:40:ad:36:
49:1a:32:c7:83:84:ee:4e:a5:eb:ae:16:d5:ce:ae:
85:74:65:26:88:03:de:48:38:b3:93:6c:ab:df:4e:
73:2c:63:dd:af:6b:10:13:cd:cb:de:9a:3f:a6:18:
e8:ed:02:58:3b:7e:04:d4:64:bc:29:26:e8:29:6b:
90:f9:56:6a:9d:bf:1d:dd:d6:f0:b6:8b:6d:17:08:
1e:83:2c:12:23:29:6d:3a:1e:65:2c:ed:e7:a2:68:
0d:8a:2b:e4:e2:b5:a2:e1:a8:92:21:82:a3:94:bf:
77:7e:da:98:4a:a4:dc:eb:82:ce:8f:31:d5:4d:b5:
76:1b:5f:b1:57:64:48:d7:5e:78:b2:ed:bd:f1:4c:
6c:c0:85:fc:a9:89:0b:b3:06:dc:8b:da:d5:5c:ba:
61:3b:af:3c:64:fd:8a:7f:82:87:4c:f8:d0:a7:de:
bc:65:6b:54:8d:eb:2d:74:09:40:97:11:56:a7:91:
78:5f:0b:fb:b5:49:e5:e4:0e:76:f3:64:2c:4d:ea:
50:9d:e6:c4:e1:dd:ef:24:98:80:6b:99:3b:08:6a:
61:d5:42:ba:ee:04:2b:40:e0:c8:7c:7d:a8:48:55:
04:42:de:97:b9:e0:c0:63:8c:b7:0b:f6:19:d6:48:
ec:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7B:F8:4E:C1:5C:E2:E8:A0:B9:AD:7C:EF:B6:B6:92:D3:EB:53:E8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.42.0/23
91.124.117.0/24
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
92.113.212.0-92.113.214.255
95.134.143.0/24
95.135.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:a6:6c:a9:4b:31:01:7e:34:10:6c:fe:8e:d5:e1:0d:68:ca:
e1:d5:00:17:b9:d0:bb:17:f0:32:e7:f2:eb:70:e3:b5:ee:2e:
72:1f:59:46:70:49:b1:fc:20:b1:81:fc:5b:84:a9:1e:17:6b:
57:28:96:03:15:5a:c2:b5:21:fd:1b:52:ca:9a:11:ea:fd:da:
5b:9a:29:3f:65:61:15:8d:37:57:29:b4:6b:62:4f:84:8f:33:
23:e0:bc:9f:21:80:e0:78:53:7d:39:3a:ff:93:f1:d3:00:03:
78:21:72:af:43:a0:cb:d0:b4:fe:94:5b:2f:63:8d:c8:00:19:
5e:ee:7c:04:70:d9:5d:c4:bb:2f:cc:75:71:95:12:5b:f0:3b:
8e:45:4f:9d:b9:32:aa:9a:a9:21:aa:8e:b8:c6:38:a2:27:6c:
3d:d8:75:c2:24:7a:a8:d6:e4:7b:fd:a1:24:df:78:f5:59:f1:
8a:29:09:c7:0c:68:ef:a3:c0:30:20:e5:4a:aa:1d:84:18:20:
6e:31:1c:05:ef:d2:cd:9f:b6:7a:de:69:14:1d:52:9c:55:43:
ff:33:76:37:7b:bf:0b:f6:3f:e5:ae:5d:20:49:4a:f5:77:c1:
1e:de:4a:e3:96:e3:61:a1:60:63:0d:26:ce:0f:21:4c:b8:46:
62:97:09:6d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIUDzrxPd2fulS6rCcXTHb/XavUwiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjUxNDQzMzVaFw0yNjA1MjQxNDQ4MzVaMDMxMTAvBgNV
BAMTKEVBN0JGODRFQzE1Q0UyRThBMEI5QUQ3Q0VGQjZCNjkyRDNFQjUzRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx99g7BsL8D/Z3QUCtNkkaMseD
hO5OpeuuFtXOroV0ZSaIA95IOLOTbKvfTnMsY92vaxATzcvemj+mGOjtAlg7fgTU
ZLwpJugpa5D5Vmqdvx3d1vC2i20XCB6DLBIjKW06HmUs7eeiaA2KK+TitaLhqJIh
gqOUv3d+2phKpNzrgs6PMdVNtXYbX7FXZEjXXniy7b3xTGzAhfypiQuzBtyL2tVc
umE7rzxk/Yp/godM+NCn3rxla1SN6y10CUCXEVankXhfC/u1SeXkDnbzZCxN6lCd
5sTh3e8kmIBrmTsIamHVQrruBCtA4Mh8fahIVQRC3pe54MBjjLcL9hnWSOwfAgMB
AAGjggJhMIICXTAdBgNVHQ4EFgQU6nv4TsFc4uigua1877a2ktPrU+gwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdwYIKwYBBQUHAQcBAf8EaDBmMGQEAgABMF4DBAFbfCoD
BABbfHUDBABbfIMDBABbfIUDBABbfNkDBABccDMDBABccD0DBABccD8DBAFccEow
DAMEAFxxMQMEAVxxNDAMAwQCXHHUAwQAXHHWAwQAX4aPAwQCX4fIMA0GCSqGSIb3
DQEBCwUAA4IBAQCrpmypSzEBfjQQbP6O1eENaMrh1QAXudC7F/Ay5/LrcOO17i5y
H1lGcEmx/CCxgfxbhKkeF2tXKJYDFVrCtSH9G1LKmhHq/dpbmik/ZWEVjTdXKbRr
Yk+EjzMj4LyfIYDgeFN9OTr/k/HTAAN4IXKvQ6DL0LT+lFsvY43IABle7nwEcNld
xLsvzHVxlRJb8DuORU+duTKqmqkhqo64xjiiJ2w92HXCJHqo1uR7/aEk33j1WfGK
KQnHDGjvo8AwIOVKqh2EGCBuMRwF79LNn7Z63mkUHVKcVUP/M3Y3e78L9j/lrl0g
SUr1d8Ee3krjluNhoWBjDSbODyFMuEZilwlt
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:25 2025 by rpki-client