Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: PBbiYfEM4SuKl9CWvxbCRI6+0W6ndQt09qvMhMOewzA=
Subject key identifier: AA:8E:73:4B:D2:4C:5F:F9:A5:8B:27:03:8C:6E:83:FF:5F:6C:FB:6C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 23B14F89FFA8886C73DCCB95B65BA36B9AE31D58
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Thu 19 Mar 2026 08:45:45 +0000
ROA not before: Thu 19 Mar 2026 08:40:45 +0000
ROA not after: Thu 18 Mar 2027 08:45:45 +0000
asID: 16509
IP address blocks: 45.139.182.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.137.13.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:b1:4f:89:ff:a8:88:6c:73:dc:cb:95:b6:5b:a3:6b:9a:e3:1d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 19 08:40:45 2026 GMT
Not After : Mar 18 08:45:45 2027 GMT
Subject: CN=AA8E734BD24C5FF9A58B27038C6E83FF5F6CFB6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e0:d1:9b:1b:68:46:24:95:e9:09:0a:16:83:
8d:f2:c9:99:a0:b1:a8:01:3f:37:aa:0e:06:0d:64:
8b:1b:c0:b5:ad:8d:42:aa:fa:f3:d2:59:fc:5b:92:
17:06:80:ef:b0:0c:b8:ac:cd:e5:cc:6a:4b:54:96:
88:37:5c:ee:3c:42:ed:6e:37:59:80:14:26:69:91:
a3:36:d9:98:a5:08:3b:5d:8a:ad:ee:c1:31:7c:c5:
fc:14:12:2f:75:b1:0d:b8:fc:3b:da:ca:7b:af:17:
f7:79:c9:5b:e4:c1:27:de:e6:dc:21:61:a8:91:90:
c0:65:97:70:3e:67:8b:1b:b3:95:6c:a7:32:a6:ef:
97:0f:40:55:e7:5e:cd:d8:aa:1b:8b:e3:d3:5c:8b:
ee:c4:d0:47:92:03:83:81:c0:6c:5d:ea:f4:32:52:
2e:ff:26:5f:20:29:b0:18:b6:14:d4:6d:bd:b7:5d:
db:e9:44:ce:86:aa:c2:43:14:d4:e4:5b:63:08:4d:
15:dd:3d:16:9c:a8:14:0d:5a:33:eb:47:e0:b6:87:
ca:b6:ce:00:65:4e:5f:c4:be:66:c4:30:ad:ba:41:
be:26:5f:2f:6e:dc:61:86:bc:6e:19:68:b0:dd:68:
4d:d2:78:7c:69:fb:c4:02:1b:0d:06:ab:49:c3:51:
d5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8E:73:4B:D2:4C:5F:F9:A5:8B:27:03:8C:6E:83:FF:5F:6C:FB:6C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/24
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.137.13.0/24
191.96.204.0/24
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:95:d8:0e:26:22:6c:cb:a9:1d:3d:e6:7d:d4:0d:3a:0f:c7:
90:cf:fa:e4:63:26:24:fb:de:c9:73:ef:f1:86:9a:c2:aa:60:
7c:e6:b7:10:d7:95:92:69:5a:83:cc:e7:d6:11:92:84:83:19:
be:1e:72:4c:70:4f:51:8a:a0:eb:66:bc:71:bb:8b:3f:07:b2:
d2:23:21:84:68:9e:d2:4b:c8:66:0a:f8:10:7b:f3:d5:b5:4c:
b3:f2:37:1f:2f:e2:9a:d6:48:84:e0:96:7c:6e:0f:58:80:d5:
a2:db:52:39:15:5e:8c:13:fe:ca:00:3d:18:7d:4d:cc:8d:82:
ba:12:93:1b:96:5c:15:11:de:3f:4f:43:24:4a:6f:86:01:77:
6c:37:7d:be:47:6f:67:fa:15:9f:d6:1d:86:94:b8:49:a4:c8:
cc:88:cb:d4:1c:c6:09:be:84:20:28:40:e8:25:43:80:07:8b:
a3:20:87:05:e3:3e:1c:0d:9c:50:fc:56:14:d8:d5:9d:be:c7:
f5:ff:ab:77:83:47:c9:d0:a9:40:a4:e2:98:dd:d7:26:56:5c:
27:dc:5c:5f:8c:4c:f1:7c:ab:3a:d8:cc:a2:78:a6:9c:45:e6:
37:fa:52:ef:94:3f:92:46:01:d4:55:62:60:95:db:99:06:c6:
cd:3c:68:6a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUI7FPif+oiGxz3MuVtluja5rjHVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMTkwODQwNDVaFw0yNzAzMTgwODQ1NDVaMDMxMTAvBgNV
BAMTKEFBOEU3MzRCRDI0QzVGRjlBNThCMjcwMzhDNkU4M0ZGNUY2Q0ZCNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk4NGbG2hGJJXpCQoWg43yyZmg
sagBPzeqDgYNZIsbwLWtjUKq+vPSWfxbkhcGgO+wDLiszeXMaktUlog3XO48Qu1u
N1mAFCZpkaM22ZilCDtdiq3uwTF8xfwUEi91sQ24/DvaynuvF/d5yVvkwSfe5twh
YaiRkMBll3A+Z4sbs5VspzKm75cPQFXnXs3YqhuL49Nci+7E0EeSA4OBwGxd6vQy
Ui7/Jl8gKbAYthTUbb23XdvpRM6GqsJDFNTkW2MITRXdPRacqBQNWjPrR+C2h8q2
zgBlTl/EvmbEMK26Qb4mXy9u3GGGvG4ZaLDdaE3SeHxp+8QCGw0Gq0nDUdUPAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUqo5zS9JMX/mliycDjG6D/19s+2wwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAAti7YD
BAC11l4DBAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDQYJKoZIhvcNAQEL
BQADggEBABqV2A4mImzLqR095n3UDToPx5DP+uRjJiT73slz7/GGmsKqYHzmtxDX
lZJpWoPM59YRkoSDGb4eckxwT1GKoOtmvHG7iz8HstIjIYRontJLyGYK+BB789W1
TLPyNx8v4prWSITglnxuD1iA1aLbUjkVXowT/soAPRh9TcyNgroSkxuWXBUR3j9P
QyRKb4YBd2w3fb5Hb2f6FZ/WHYaUuEmkyMyIy9Qcxgm+hCAoQOglQ4AHi6MghwXj
PhwNnFD8VhTY1Z2+x/X/q3eDR8nQqUCk4pjd1yZWXCfcXF+MTPF8qzrYzKJ4ppxF
5jf6Uu+UP5JGAdRVYmCV25kGxs08aGo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:00:50 2026 by rpki-client