Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: kvynPR7YdjY21ireEyS76Yyi6oScAfQcDrcVoWuwstk=
Subject key identifier: D7:C1:E7:FE:3E:2A:E5:E4:ED:40:03:E8:18:1D:C7:C5:7E:A9:C7:F7
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 57294EEDBD9C7E49F65EC2B222E4B12DD600D6FB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Tue 24 Mar 2026 05:54:04 +0000
ROA not before: Tue 24 Mar 2026 05:49:04 +0000
ROA not after: Tue 23 Mar 2027 05:54:04 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
155.117.5.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
155.117.233.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
168.222.23.0/24 maxlen: 24
168.222.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:29:4e:ed:bd:9c:7e:49:f6:5e:c2:b2:22:e4:b1:2d:d6:00:d6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 05:49:04 2026 GMT
Not After : Mar 23 05:54:04 2027 GMT
Subject: CN=D7C1E7FE3E2AE5E4ED4003E8181DC7C57EA9C7F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4d:b2:69:ff:3e:b6:51:11:b3:67:f2:ab:5c:
dd:83:a2:1c:3d:c8:87:8d:e7:14:01:7c:fb:1f:6c:
e7:a2:ca:f6:ec:21:58:c1:ca:ab:08:14:90:ea:7f:
d9:59:62:fb:ae:c1:72:87:8d:38:85:62:a9:4d:c8:
7b:75:90:16:36:f0:dc:a6:71:97:40:90:cd:68:9c:
95:3f:24:11:e2:f3:f4:43:61:b0:45:f4:f3:04:2e:
7e:1b:39:ca:83:82:9a:5f:74:a3:92:d3:30:d9:ae:
64:78:5c:56:31:02:b3:19:36:35:60:4a:2d:90:54:
38:1a:5b:09:0b:0f:d9:b8:83:82:5a:c4:29:d5:a7:
47:ae:00:b7:e0:5f:ba:fa:12:5a:55:be:06:37:d9:
41:0d:b4:64:31:cc:dc:e1:cc:b6:91:48:eb:32:6c:
f9:37:cb:9f:0d:73:2a:12:df:34:df:10:f1:a0:67:
2b:4f:f7:aa:3e:4b:cb:c3:6a:0e:88:36:a4:f7:6c:
df:ea:3a:fd:fa:6d:4d:c0:d1:6f:ca:2e:93:86:ca:
2e:15:06:dc:4a:b2:6c:76:83:1e:46:ef:5b:5a:8f:
1f:41:be:b2:53:5f:c0:1c:e9:f6:f4:a3:31:8d:88:
e5:3f:92:ba:b7:c4:11:c5:98:f6:93:fb:37:89:1b:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C1:E7:FE:3E:2A:E5:E4:ED:40:03:E8:18:1D:C7:C5:7E:A9:C7:F7
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.231.0/24
146.103.10.0/24
148.135.192.0/24
155.117.5.0/24
155.117.210.0/24
155.117.212.0/23
155.117.233.0-155.117.234.255
162.141.71.0/24
167.148.125.0/24
167.148.193.0/24
168.222.23.0/24
168.222.49.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3c:4a:a1:bc:19:83:82:3e:dd:56:0e:a8:26:89:81:72:6c:
52:f5:33:91:d1:1a:93:ce:be:1a:57:c8:48:ff:97:ef:ed:6d:
4d:94:f3:3b:c7:af:b9:a0:4a:17:c0:56:74:ea:21:d6:94:ac:
9f:4f:9f:f8:aa:8c:54:87:f9:17:6d:42:f4:93:2d:98:04:2b:
6c:9a:7f:84:38:f4:82:36:25:84:a5:c1:b0:2b:1f:32:a9:6d:
3c:a4:37:39:ee:a9:ef:7f:dd:f2:4b:7c:c8:7c:37:20:ac:e6:
82:a3:e4:a4:df:34:b5:da:f7:3d:ca:41:e0:8a:33:73:84:c9:
5d:06:2a:6f:18:28:c8:b8:a6:a9:eb:cf:54:bb:52:4a:cf:b7:
cb:33:00:98:44:45:15:8c:8e:3a:fa:37:f4:43:86:11:5b:31:
d2:25:ed:2b:a6:5b:73:57:11:04:86:4c:7b:ab:e7:ac:a8:aa:
bb:fd:86:db:19:bb:ee:b4:4e:4b:ab:a5:a2:9c:39:b1:9d:66:
df:db:e3:df:d1:c0:4d:f1:31:b1:5f:58:27:8d:cc:e6:d4:b4:
16:a6:e6:30:b3:8e:a0:19:9b:36:f5:c0:ad:f9:e3:23:c4:d5:
77:af:da:53:0c:2b:08:9a:26:bd:18:a5:4f:ec:37:50:80:5e:
cd:7d:6a:1c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUVylO7b2cfkn2XsKyIuSxLdYA1vswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjQwNTQ5MDRaFw0yNzAzMjMwNTU0MDRaMDMxMTAvBgNV
BAMTKEQ3QzFFN0ZFM0UyQUU1RTRFRDQwMDNFODE4MURDN0M1N0VBOUM3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeTbJp/z62URGzZ/KrXN2Dohw9
yIeN5xQBfPsfbOeiyvbsIVjByqsIFJDqf9lZYvuuwXKHjTiFYqlNyHt1kBY28Nym
cZdAkM1onJU/JBHi8/RDYbBF9PMELn4bOcqDgppfdKOS0zDZrmR4XFYxArMZNjVg
Si2QVDgaWwkLD9m4g4JaxCnVp0euALfgX7r6ElpVvgY32UENtGQxzNzhzLaRSOsy
bPk3y58NcyoS3zTfEPGgZytP96o+S8vDag6INqT3bN/qOv36bU3A0W/KLpOGyi4V
BtxKsmx2gx5G71tajx9BvrJTX8Ac6fb0ozGNiOU/krq3xBHFmPaT+zeJGzcVAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQU18Hn/j4q5eTtQAPoGB3HxX6px/cwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBABgPmkD
BACPDucDBACSZwoDBACUh8ADBACbdQUDBACbddIDBAGbddQwDAMEAJt16QMEAJt1
6gMEAKKNRwMEAKeUfQMEAKeUwQMEAKjeFwMEAKjeMTANBgkqhkiG9w0BAQsFAAOC
AQEAiTxKobwZg4I+3VYOqCaJgXJsUvUzkdEak86+GlfISP+X7+1tTZTzO8evuaBK
F8BWdOoh1pSsn0+f+KqMVIf5F21C9JMtmAQrbJp/hDj0gjYlhKXBsCsfMqltPKQ3
Oe6p73/d8kt8yHw3IKzmgqPkpN80tdr3PcpB4Iozc4TJXQYqbxgoyLimqevPVLtS
Ss+3yzMAmERFFYyOOvo39EOGEVsx0iXtK6Zbc1cRBIZMe6vnrKiqu/2G2xm77rRO
S6ulopw5sZ1m39vj39HATfExsV9YJ43M5tS0FqbmMLOOoBmbNvXArfnjI8TVd6/a
UwwrCJomvRilT+w3UIBezX1qHA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:31:11 2026 by rpki-client