Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: X2Bc72TmDpdgLVNDdyxBsgsHkKGR5xGk4fHcHidTdOo=
Subject key identifier: ED:FD:FF:07:22:E1:58:CE:67:D1:9C:16:70:C1:9A:2F:3B:8A:68:0A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3CF3EA9C95EDCE2C2DE3D2517704AF5A5470F490
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Fri 22 Aug 2025 10:59:53 +0000
ROA not before: Fri 22 Aug 2025 10:54:53 +0000
ROA not after: Fri 21 Aug 2026 10:59:53 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.68.0/24 maxlen: 24
143.14.188.0/24 maxlen: 24
143.14.199.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
143.14.252.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
155.117.6.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
162.141.17.0/24 maxlen: 24
162.141.96.0/24 maxlen: 24
162.141.104.0/23 maxlen: 24
162.141.136.0/24 maxlen: 24
162.141.137.0/24 maxlen: 24
167.148.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f3:ea:9c:95:ed:ce:2c:2d:e3:d2:51:77:04:af:5a:54:70:f4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 22 10:54:53 2025 GMT
Not After : Aug 21 10:59:53 2026 GMT
Subject: CN=EDFDFF0722E158CE67D19C1670C19A2F3B8A680A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:fd:48:ae:3e:66:eb:97:ea:a8:54:87:ba:
9f:20:df:ab:44:93:c5:86:e6:63:af:34:f3:2e:af:
aa:a8:f9:b0:f3:82:56:fc:6c:90:2f:5f:ba:48:b6:
cf:16:32:53:88:56:44:77:d5:b0:c5:21:1f:8c:be:
b6:53:b7:48:5b:e5:8a:67:7b:80:32:76:94:8d:36:
bf:61:18:ec:e4:2e:da:3a:6a:6b:12:f1:4d:59:d9:
68:f0:11:6a:d8:eb:b0:5c:c4:79:e0:42:33:74:5c:
67:76:3c:10:6c:f5:8c:b9:99:51:c4:03:71:ed:4d:
97:49:f7:58:f8:2a:17:85:60:b3:d3:ad:03:f8:7b:
26:80:9f:6a:b8:a9:7e:4f:35:98:e6:94:62:6d:72:
3e:e9:ec:8e:99:ea:76:7f:cb:c6:44:bc:25:8d:2b:
57:da:7b:76:5c:8d:73:d8:cc:d7:2e:21:06:b1:f1:
6d:dd:e8:18:01:9d:2e:b2:59:20:0f:aa:13:20:83:
22:aa:82:9e:69:a2:36:02:b3:31:0a:9e:65:82:fc:
75:63:21:1e:d3:6c:fb:f0:9d:c8:05:9b:34:71:f7:
9a:5d:48:97:8b:0b:ee:a9:2e:27:99:c9:70:62:0f:
23:54:63:06:b2:e1:20:63:c3:d6:66:9f:fa:c8:cd:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FD:FF:07:22:E1:58:CE:67:D1:9C:16:70:C1:9A:2F:3B:8A:68:0A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.68.0/24
143.14.188.0/24
143.14.199.0/24
143.14.231.0/24
143.14.252.0/24
146.103.10.0/24
150.241.209.0/24
155.117.6.0/24
155.117.212.0/23
162.141.17.0/24
162.141.96.0/24
162.141.104.0/23
162.141.136.0/23
167.148.33.0/24
Signature Algorithm: sha256WithRSAEncryption
16:3e:cb:db:ab:be:02:4e:9a:ab:3b:77:51:16:b7:42:6b:71:
8f:48:aa:70:7f:dd:f7:85:67:34:2e:b5:01:b0:f2:e7:a6:d7:
ec:8f:fc:f4:9a:5e:ce:bf:28:98:f0:ea:8e:3c:7f:25:17:b4:
19:6d:a2:22:42:bc:ab:52:b5:2b:65:43:93:b1:25:b7:1e:81:
f9:23:9b:08:9e:39:e9:f9:f4:a5:fc:a9:73:42:63:76:b8:4e:
ec:2b:79:85:2d:34:9e:33:6f:46:fc:cb:32:b2:df:ef:11:e4:
36:ea:6a:70:b5:c5:d6:78:af:c4:46:d8:01:72:e9:17:02:4b:
95:ad:fd:8b:be:30:77:26:2f:58:f4:f8:9e:cc:84:dc:4a:a2:
f4:78:3a:3b:fa:ce:23:0d:b1:c0:37:11:56:5a:b1:4f:eb:8f:
e3:06:16:f3:df:62:9b:4d:a7:24:12:4f:58:65:c6:a6:79:77:
3e:da:3a:84:a4:48:07:17:fb:72:cf:c4:b2:b0:6b:8f:77:ef:
d6:f0:28:1d:71:ff:0f:48:d6:eb:6f:d6:23:6b:65:6a:0c:ac:
9f:7d:29:d3:f0:ed:3b:3c:fc:82:a8:44:aa:d6:2c:57:65:88:
c6:c6:87:1f:cd:87:10:74:0a:b8:f7:fd:83:61:d2:ed:00:22:
52:6e:85:ae
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUPPPqnJXtziwt49JRdwSvWlRw9JAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjIxMDU0NTNaFw0yNjA4MjExMDU5NTNaMDMxMTAvBgNV
BAMTKEVERkRGRjA3MjJFMTU4Q0U2N0QxOUMxNjcwQzE5QTJGM0I4QTY4MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQpP1Irj5m65fqqFSHup8g36tE
k8WG5mOvNPMur6qo+bDzglb8bJAvX7pIts8WMlOIVkR31bDFIR+MvrZTt0hb5Ypn
e4AydpSNNr9hGOzkLto6amsS8U1Z2WjwEWrY67BcxHngQjN0XGd2PBBs9Yy5mVHE
A3HtTZdJ91j4KheFYLPTrQP4eyaAn2q4qX5PNZjmlGJtcj7p7I6Z6nZ/y8ZEvCWN
K1fae3ZcjXPYzNcuIQax8W3d6BgBnS6yWSAPqhMggyKqgp5pojYCszEKnmWC/HVj
IR7TbPvwncgFmzRx95pdSJeLC+6pLieZyXBiDyNUYway4SBjw9Zmn/rIzaMlAgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQU7f3/ByLhWM5n0ZwWcMGaLzuKaAowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBABgPmkD
BACPDkQDBACPDrwDBACPDscDBACPDucDBACPDvwDBACSZwoDBACW8dEDBACbdQYD
BAGbddQDBACijREDBACijWADBAGijWgDBAGijYgDBACnlCEwDQYJKoZIhvcNAQEL
BQADggEBABY+y9urvgJOmqs7d1EWt0JrcY9IqnB/3feFZzQutQGw8uem1+yP/PSa
Xs6/KJjw6o48fyUXtBltoiJCvKtStStlQ5OxJbcegfkjmwieOen59KX8qXNCY3a4
TuwreYUtNJ4zb0b8yzKy3+8R5DbqanC1xdZ4r8RG2AFy6RcCS5Wt/Yu+MHcmL1j0
+J7MhNxKovR4Ojv6ziMNscA3EVZasU/rj+MGFvPfYptNpyQST1hlxqZ5dz7aOoSk
SAcX+3LPxLKwa49379bwKB1x/w9I1utv1iNrZWoMrJ99KdPw7Ts8/IKoRKrWLFdl
iMbGhx/NhxB0Crj3/YNh0u0AIlJuha4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:50:28 2025 by rpki-client