Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 4USek/BpinI7eU0KhzW5sGDl036IPUPmRuB+OF9lX0Y=
Subject key identifier: BD:7C:89:42:12:75:9C:B6:93:38:C4:C9:48:C5:16:FF:FF:D2:4D:20
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 06907C97732244C647CF0443699EE922CB60E7A5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Fri 01 May 2026 00:08:33 +0000
ROA not before: Fri 01 May 2026 00:03:33 +0000
ROA not after: Fri 30 Apr 2027 00:08:33 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
143.14.231.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
155.117.5.0/24 maxlen: 24
155.117.127.0/24 maxlen: 24
155.117.210.0/24 maxlen: 24
155.117.212.0/23 maxlen: 23
155.117.233.0/24 maxlen: 24
155.117.234.0/24 maxlen: 24
162.141.71.0/24 maxlen: 24
167.148.125.0/24 maxlen: 24
167.148.193.0/24 maxlen: 24
168.222.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:90:7c:97:73:22:44:c6:47:cf:04:43:69:9e:e9:22:cb:60:e7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 1 00:03:33 2026 GMT
Not After : Apr 30 00:08:33 2027 GMT
Subject: CN=BD7C894212759CB69338C4C948C516FFFFD24D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:50:55:64:ae:16:d2:e3:51:da:1d:4b:bf:
0e:15:e9:fd:d6:27:11:23:d4:9a:c7:a3:68:40:c4:
f7:66:44:a5:2a:5d:7c:0a:11:98:6a:cf:87:05:f0:
b8:d3:f7:cc:0a:26:ac:20:e7:31:fb:9f:1c:7b:68:
2a:17:09:1a:d3:53:71:5b:81:e0:9c:bd:37:2c:f9:
2b:67:fc:95:87:35:3b:78:4f:38:7f:cd:e5:90:e6:
f8:15:51:bc:dd:d9:d8:6a:db:0a:d0:4c:9f:fc:fd:
56:34:a7:90:4e:1e:90:c8:3c:4b:af:82:fc:5c:16:
91:e5:82:99:69:29:e1:52:44:af:6d:f4:48:a5:7d:
13:fb:4c:6d:cf:d4:1f:23:02:06:88:10:07:67:22:
29:2f:6b:1e:52:ed:5b:8a:b0:e2:73:06:0a:67:8d:
bd:0a:3c:b0:88:6a:7f:31:cd:78:67:8b:16:c4:c1:
3f:02:07:a4:81:43:d2:b7:87:6d:a9:b7:c6:43:78:
94:41:01:72:97:69:d6:75:d2:04:9d:a7:d8:d4:cd:
4d:6a:5f:46:ca:9c:1c:d1:cb:6f:2b:81:21:53:28:
8e:94:a8:fc:05:6e:ce:50:34:cb:02:0f:67:ee:89:
aa:c9:dc:8a:1e:f6:3f:76:33:0a:43:ce:15:8a:f8:
a2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7C:89:42:12:75:9C:B6:93:38:C4:C9:48:C5:16:FF:FF:D2:4D:20
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
143.14.231.0/24
146.103.10.0/24
148.135.192.0/24
155.117.5.0/24
155.117.127.0/24
155.117.210.0/24
155.117.212.0/23
155.117.233.0-155.117.234.255
162.141.71.0/24
167.148.125.0/24
167.148.193.0/24
168.222.49.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:7e:58:18:36:92:aa:06:18:0d:65:49:19:f4:10:4c:f2:7f:
a0:d1:ae:4b:a5:2f:68:b1:4d:82:f3:77:ca:a7:7c:f5:3b:2f:
c1:4d:6f:ff:d8:d3:4a:58:4c:f3:84:18:55:f0:7e:cf:d4:00:
6e:d0:fe:56:18:40:e3:f0:f0:03:fc:8b:42:d9:d3:2e:c8:e7:
65:e1:3b:94:76:e4:21:3d:58:28:2b:8a:b1:2d:ae:3a:c9:44:
d1:fe:bc:7e:39:91:71:e4:49:9b:41:c1:cd:44:d8:5e:35:ba:
c0:dd:06:b4:c1:6d:0b:c0:ec:51:27:23:c3:a8:f3:57:37:6d:
7b:ae:3d:21:e6:d1:7f:24:07:ab:e9:ca:41:9f:ec:75:ab:52:
fd:18:d0:92:c5:1d:a2:14:e5:91:c3:bb:2f:eb:61:47:63:b4:
e7:27:4d:95:c9:bd:94:25:52:c7:4b:fc:62:ef:3c:26:bf:ac:
7e:cd:34:4a:b4:0f:3f:37:5b:81:d6:e5:0e:a7:8d:32:d5:1b:
5f:4c:06:3a:d1:0e:95:1e:ea:07:b7:21:bb:ba:f8:c7:dc:d9:
da:13:8f:19:f6:ac:04:78:c9:2e:de:22:27:d0:6c:ea:4b:45:
50:39:54:79:88:71:f0:79:04:df:7c:e8:bd:2b:1c:55:c8:aa:
b1:13:67:cb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUBpB8l3MiRMZHzwRDaZ7pIstg56UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDEwMDAzMzNaFw0yNzA0MzAwMDA4MzNaMDMxMTAvBgNV
BAMTKEJEN0M4OTQyMTI3NTlDQjY5MzM4QzRDOTQ4QzUxNkZGRkZEMjREMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCus1BVZK4W0uNR2h1Lvw4V6f3W
JxEj1JrHo2hAxPdmRKUqXXwKEZhqz4cF8LjT98wKJqwg5zH7nxx7aCoXCRrTU3Fb
geCcvTcs+Stn/JWHNTt4Tzh/zeWQ5vgVUbzd2dhq2wrQTJ/8/VY0p5BOHpDIPEuv
gvxcFpHlgplpKeFSRK9t9EilfRP7TG3P1B8jAgaIEAdnIikvax5S7VuKsOJzBgpn
jb0KPLCIan8xzXhnixbEwT8CB6SBQ9K3h22pt8ZDeJRBAXKXadZ10gSdp9jUzU1q
X0bKnBzRy28rgSFTKI6UqPwFbs5QNMsCD2fuiarJ3Ioe9j92MwpDzhWK+KI1AgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUvXyJQhJ1nLaTOMTJSMUW///STSAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBABgPmkD
BACPDucDBACSZwoDBACUh8ADBACbdQUDBACbdX8DBACbddIDBAGbddQwDAMEAJt1
6QMEAJt16gMEAKKNRwMEAKeUfQMEAKeUwQMEAKjeMTANBgkqhkiG9w0BAQsFAAOC
AQEAtH5YGDaSqgYYDWVJGfQQTPJ/oNGuS6UvaLFNgvN3yqd89TsvwU1v/9jTSlhM
84QYVfB+z9QAbtD+VhhA4/DwA/yLQtnTLsjnZeE7lHbkIT1YKCuKsS2uOslE0f68
fjmRceRJm0HBzUTYXjW6wN0GtMFtC8DsUScjw6jzVzdte649IebRfyQHq+nKQZ/s
datS/RjQksUdohTlkcO7L+thR2O05ydNlcm9lCVSx0v8Yu88Jr+sfs00SrQPPzdb
gdblDqeNMtUbX0wGOtEOlR7qB7chu7r4x9zZ2hOPGfasBHjJLt4iJ9Bs6ktFUDlU
eYhx8HkE33zovSscVciqsRNnyw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:48 2026 by rpki-client