Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: dTq8alNFUk/lkGLz05k0H+mDYjxkwSfHwt3F2IVHqN8=
Subject key identifier: F5:39:16:7C:67:32:E0:07:D3:BD:09:F7:C9:24:BC:AF:1A:30:85:7C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 465BD159BE5245B6DD681ACD6BD9DD57AF026615
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
Signing time: Thu 19 Mar 2026 17:04:27 +0000
ROA not before: Thu 19 Mar 2026 16:59:27 +0000
ROA not after: Thu 18 Mar 2027 17:04:27 +0000
asID: 16509
IP address blocks: 96.62.208.0/22 maxlen: 22
140.233.128.0/19 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.194.0/24 maxlen: 24
143.14.227.0/24 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
147.79.25.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.186.0/24 maxlen: 24
155.117.0.0/24 maxlen: 24
155.117.13.0/24 maxlen: 24
155.117.60.0/24 maxlen: 24
155.117.185.0/24 maxlen: 24
155.117.187.0/24 maxlen: 24
155.117.203.0/24 maxlen: 24
162.141.159.0/24 maxlen: 24
162.141.180.0/24 maxlen: 24
168.222.64.0/20 maxlen: 24
168.222.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:5b:d1:59:be:52:45:b6:dd:68:1a:cd:6b:d9:dd:57:af:02:66:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 19 16:59:27 2026 GMT
Not After : Mar 18 17:04:27 2027 GMT
Subject: CN=F539167C6732E007D3BD09F7C924BCAF1A30857C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:eb:01:40:d6:ee:5e:bd:05:57:eb:90:54:0e:
21:57:bf:a2:03:d4:01:d3:2a:ae:b3:70:ff:a6:b4:
3a:69:d4:12:0f:2d:b4:db:68:75:ba:1b:a1:0a:2c:
37:6a:55:10:70:55:43:c3:93:b5:fb:09:37:4a:fc:
4a:11:63:9d:10:2b:44:2d:42:b7:b9:88:72:ee:7b:
da:96:e6:e5:57:a7:61:3f:54:6d:ea:45:7b:1e:70:
53:c9:8a:d7:ce:56:2b:96:f8:69:b1:5f:1e:98:ee:
3e:e5:65:79:c8:08:b4:06:fd:f9:bd:ce:96:b3:c4:
6f:a8:4e:ec:33:2f:c9:2f:40:f3:4e:61:de:c4:e6:
fd:c3:25:b6:8b:aa:2f:a7:10:81:9b:31:82:2c:4e:
3c:43:03:8d:e0:e8:d6:66:b5:fa:30:77:07:10:40:
f3:35:f4:bd:5d:7f:80:48:d9:7d:70:36:65:37:5a:
e7:41:3e:a2:0d:ed:28:bc:cf:5f:38:04:f2:bf:d1:
9a:d9:b8:71:d2:27:40:ef:e5:1c:4c:0f:c1:c3:ff:
0a:56:91:81:a1:35:94:ac:7f:45:24:29:d7:c7:1f:
d2:e0:a6:3a:e9:6d:e8:a0:4b:55:38:20:53:8a:45:
79:a3:96:44:b8:c3:74:1e:f4:35:67:54:9e:bf:0c:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:39:16:7C:67:32:E0:07:D3:BD:09:F7:C9:24:BC:AF:1A:30:85:7C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.208.0/22
140.233.128.0/19
143.14.187.0/24
143.14.194.0/24
143.14.227.0/24
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
147.79.25.0/24
148.135.180.0/24
148.135.186.0/24
155.117.0.0/24
155.117.13.0/24
155.117.60.0/24
155.117.185.0/24
155.117.187.0/24
155.117.203.0/24
162.141.159.0/24
162.141.180.0/24
168.222.64.0/20
168.222.121.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8e:1b:3c:cc:e8:98:cc:5d:44:7e:83:30:df:23:1a:87:20:
23:be:54:91:e7:82:d6:ab:1b:9c:09:a6:71:47:f0:97:37:3c:
bd:c3:2d:6f:1d:f7:5a:b3:6d:9a:b2:75:25:ef:3e:1e:0c:2a:
22:21:1a:73:ba:fb:de:ff:d2:d8:74:83:d2:69:ef:9a:05:a0:
81:c3:07:01:b6:35:16:d9:0d:4d:2b:8f:76:2f:12:d1:5b:b0:
7c:af:68:f0:52:55:46:47:ac:d7:17:8d:34:1c:95:15:03:df:
4c:70:51:af:00:cf:9a:25:5b:84:0d:ea:1d:56:11:c7:7d:31:
28:61:a6:d8:c6:6a:99:10:4c:d2:da:1b:da:d4:cb:56:8c:17:
db:e2:f4:8a:1f:58:84:db:39:d4:22:1e:e8:f8:1b:b4:ac:0f:
b6:d4:a3:12:11:75:07:1b:46:6c:39:82:bc:40:8d:d9:af:9f:
9c:9d:ee:4a:86:0b:00:7e:48:8f:3c:8e:48:48:8a:12:6b:af:
e1:8a:64:ef:9a:f6:8a:48:22:eb:73:f9:d2:40:8a:83:66:08:
c5:45:7f:35:a2:77:a5:d6:6a:a5:33:2e:bd:f1:bc:1e:a3:68:
b4:f6:cf:65:de:1e:66:37:70:28:cd:37:c5:96:c4:4f:b7:07:
8b:d2:bd:52
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIURlvRWb5SRbbdaBrNa9ndV68CZhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMTkxNjU5MjdaFw0yNzAzMTgxNzA0MjdaMDMxMTAvBgNV
BAMTKEY1MzkxNjdDNjczMkUwMDdEM0JEMDlGN0M5MjRCQ0FGMUEzMDg1N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl6wFA1u5evQVX65BUDiFXv6ID
1AHTKq6zcP+mtDpp1BIPLbTbaHW6G6EKLDdqVRBwVUPDk7X7CTdK/EoRY50QK0Qt
Qre5iHLue9qW5uVXp2E/VG3qRXsecFPJitfOViuW+GmxXx6Y7j7lZXnICLQG/fm9
zpazxG+oTuwzL8kvQPNOYd7E5v3DJbaLqi+nEIGbMYIsTjxDA43g6NZmtfowdwcQ
QPM19L1df4BI2X1wNmU3WudBPqIN7Si8z184BPK/0ZrZuHHSJ0Dv5RxMD8HD/wpW
kYGhNZSsf0UkKdfHH9LgpjrpbeigS1U4IFOKRXmjlkS4w3Qe9DVnVJ6/DPnVAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU9TkWfGcy4AfTvQn3ySS8rxowhXwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMIGEBAIAATB+AwQC
YD7QAwQFjOmAAwQAjw67AwQAjw7CAwQAjw7jAwQBkd9AAwQAkmc8AwQBkmc+AwQA
k08ZAwQAlIe0AwQAlIe6AwQAm3UAAwQAm3UNAwQAm3U8AwQAm3W5AwQAm3W7AwQA
m3XLAwQAoo2fAwQAoo20AwQEqN5AAwQAqN55MA0GCSqGSIb3DQEBCwUAA4IBAQA/
jhs8zOiYzF1EfoMw3yMahyAjvlSR54LWqxucCaZxR/CXNzy9wy1vHfdas22asnUl
7z4eDCoiIRpzuvve/9LYdIPSae+aBaCBwwcBtjUW2Q1NK492LxLRW7B8r2jwUlVG
R6zXF400HJUVA99McFGvAM+aJVuEDeodVhHHfTEoYabYxmqZEEzS2hva1MtWjBfb
4vSKH1iE2znUIh7o+Bu0rA+21KMSEXUHG0ZsOYK8QI3Zr5+cne5KhgsAfkiPPI5I
SIoSa6/himTvmvaKSCLrc/nSQIqDZgjFRX81onel1mqlMy698bweo2i09s9l3h5m
N3AozTfFlsRPtweL0r1S
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:31:11 2026 by rpki-client