Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: Q8m1R8C/8YT9tmcfrfFEa/EXHF4JnFx91eVHRUZ0xJo=
Subject key identifier: 99:53:4F:ED:D1:8F:16:54:02:25:C2:7B:9E:2A:5D:07:A0:B3:CF:93
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 67D605A50CAA008F04BFEF92388DE0F415E79BC2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
Signing time: Tue 24 Mar 2026 11:51:47 +0000
ROA not before: Tue 24 Mar 2026 11:46:47 +0000
ROA not after: Tue 23 Mar 2027 11:51:47 +0000
asID: 16276
IP address blocks: 2.58.172.0/24 maxlen: 24
89.19.44.0/24 maxlen: 24
181.41.194.0/24 maxlen: 24
191.101.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d6:05:a5:0c:aa:00:8f:04:bf:ef:92:38:8d:e0:f4:15:e7:9b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 24 11:46:47 2026 GMT
Not After : Mar 23 11:51:47 2027 GMT
Subject: CN=99534FEDD18F16540225C27B9E2A5D07A0B3CF93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3e:cc:59:4f:63:69:e4:c1:8e:91:e7:15:fa:
08:7f:ec:d1:f9:f5:ae:8f:b6:02:26:af:44:7f:e8:
7e:7a:bc:99:eb:8a:fe:b1:90:5c:61:a4:fd:20:55:
b3:f1:b2:40:5a:50:af:6d:5d:1a:45:bb:00:d2:51:
0f:40:8c:92:56:44:ff:2b:a3:91:58:fb:be:6c:4c:
72:e3:f8:37:5f:79:e3:50:61:71:70:bc:c2:c4:17:
79:53:d0:71:7e:09:c2:45:33:0f:86:a9:c5:6a:22:
b0:10:dd:34:a6:94:28:54:30:b1:ad:19:10:44:e9:
62:ef:6b:4d:b8:76:f3:a7:4c:b2:e6:ce:00:11:f7:
be:a3:c3:d6:0c:d5:36:91:44:25:a7:bb:6f:87:e4:
2d:ee:79:53:59:be:37:c6:48:24:89:f9:d5:91:26:
c2:68:e1:90:8b:a6:ea:09:71:3a:05:fc:e5:37:e1:
77:a4:ac:6e:45:76:71:80:86:53:d0:b0:86:76:ed:
e5:d3:18:58:44:55:de:e4:af:22:47:36:d0:d5:12:
67:7b:96:d1:a8:90:f7:fd:9d:ba:72:c2:9a:da:6c:
41:c6:44:7c:65:dd:26:f2:57:2c:37:01:6e:a0:01:
55:29:92:cb:a8:ed:38:38:cc:85:33:7a:de:60:3c:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:53:4F:ED:D1:8F:16:54:02:25:C2:7B:9E:2A:5D:07:A0:B3:CF:93
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
89.19.44.0/24
181.41.194.0/24
191.101.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:90:7d:0b:bb:b4:a8:11:87:a8:fd:0d:db:5c:f9:61:92:93:
80:e8:42:0e:68:fd:e5:a7:c5:0d:db:38:4e:4f:96:b0:3c:c8:
8f:9c:6f:92:0b:b3:cd:50:51:43:75:ef:b8:7e:4f:91:a8:5f:
38:f6:30:81:18:65:3e:27:d6:3b:48:5e:6c:0f:3b:6c:4c:39:
8c:47:0e:ae:4f:c0:fc:13:0e:bb:95:b6:9c:34:e8:41:d6:0c:
83:cb:be:a5:0a:c2:48:fd:f8:86:c0:f7:49:34:4f:b6:83:63:
98:1a:d4:2e:15:5c:ff:61:40:ed:96:9d:51:82:a4:49:51:8f:
7a:b8:27:9e:3f:b3:30:04:3d:e0:29:93:57:e9:84:72:b9:d5:
46:84:2d:5e:ea:75:8f:0d:6c:ab:a1:16:7c:0a:6d:8c:91:36:
22:ae:f1:a8:0a:5e:ea:a6:3b:40:49:d4:03:aa:0d:9a:65:90:
b3:b8:a9:6d:9a:1a:b3:0a:e7:ef:69:1f:6f:54:ce:ab:b8:d3:
31:dc:1c:9f:0e:85:10:30:48:ce:90:a8:20:68:8f:ff:79:a4:
33:3f:0e:cd:1b:a0:11:c9:f5:10:13:4a:32:6a:66:e8:48:12:
c9:79:72:16:22:6f:c9:ef:db:e5:bc:ce:64:c7:45:ba:11:96:
0a:a1:77:da
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUZ9YFpQyqAI8Ev++SOI3g9BXnm8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjQxMTQ2NDdaFw0yNzAzMjMxMTUxNDdaMDMxMTAvBgNV
BAMTKDk5NTM0RkVERDE4RjE2NTQwMjI1QzI3QjlFMkE1RDA3QTBCM0NGOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTPsxZT2Np5MGOkecV+gh/7NH5
9a6PtgImr0R/6H56vJnriv6xkFxhpP0gVbPxskBaUK9tXRpFuwDSUQ9AjJJWRP8r
o5FY+75sTHLj+DdfeeNQYXFwvMLEF3lT0HF+CcJFMw+GqcVqIrAQ3TSmlChUMLGt
GRBE6WLva024dvOnTLLmzgAR976jw9YM1TaRRCWnu2+H5C3ueVNZvjfGSCSJ+dWR
JsJo4ZCLpuoJcToF/OU34XekrG5FdnGAhlPQsIZ27eXTGFhEVd7kryJHNtDVEmd7
ltGokPf9nbpywprabEHGRHxl3SbyVyw3AW6gAVUpksuo7Tg4zIUzet5gPDs1AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUmVNP7dGPFlQCJcJ7nipdB6Czz5MwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAACOqwD
BABZEywDBAC1KcIDBAC/ZZYwDQYJKoZIhvcNAQELBQADggEBAFyQfQu7tKgRh6j9
Ddtc+WGSk4DoQg5o/eWnxQ3bOE5PlrA8yI+cb5ILs81QUUN177h+T5GoXzj2MIEY
ZT4n1jtIXmwPO2xMOYxHDq5PwPwTDruVtpw06EHWDIPLvqUKwkj9+IbA90k0T7aD
Y5ga1C4VXP9hQO2WnVGCpElRj3q4J54/szAEPeApk1fphHK51UaELV7qdY8NbKuh
FnwKbYyRNiKu8agKXuqmO0BJ1AOqDZplkLO4qW2aGrMK5+9pH29Uzqu40zHcHJ8O
hRAwSM6QqCBoj/95pDM/Ds0boBHJ9RATSjJqZuhIEsl5chYib8nv2+W8zmTHRboR
lgqhd9o=
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:25:21 2026 by rpki-client