Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: aCa/BofDxQZwzSN/O8GgIkHK1Iu4vzr1onNY+jWBxAU=
Subject key identifier: B3:39:23:C1:C0:89:E3:64:3F:52:E0:F6:B2:69:8F:91:4B:6F:86:82
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 12ED86CB8087801A1F72C24B91EAC982DF35B483
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Wed 13 Aug 2025 15:33:52 +0000
ROA not before: Wed 13 Aug 2025 15:28:52 +0000
ROA not after: Wed 12 Aug 2026 15:33:52 +0000
asID: 16509
IP address blocks: 181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 13:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ed:86:cb:80:87:80:1a:1f:72:c2:4b:91:ea:c9:82:df:35:b4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 13 15:28:52 2025 GMT
Not After : Aug 12 15:33:52 2026 GMT
Subject: CN=B33923C1C089E3643F52E0F6B2698F914B6F8682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:64:42:c8:8a:c2:6d:5a:01:5f:5b:ed:3f:
08:c6:98:55:ad:f7:49:40:9e:f5:9d:9a:80:ef:3c:
70:21:7d:f0:47:ef:21:c3:b1:04:aa:83:0a:ee:00:
db:12:60:0f:49:fb:dd:75:d7:2c:b3:6e:c7:67:37:
8c:2f:f9:80:39:23:5a:7f:b8:86:d2:e5:f8:b5:7f:
33:64:ff:47:75:41:dc:76:86:fe:72:4a:b5:f1:58:
85:b1:b9:c5:eb:c9:6d:44:c9:2e:ad:97:9f:cb:54:
cc:1e:25:58:8c:8d:a5:c7:98:21:40:f9:7e:e4:55:
bf:eb:61:88:4d:9f:67:4d:c9:24:3a:f8:5c:c8:e2:
63:0d:4a:94:8d:ab:c2:21:d5:26:72:57:66:3b:e0:
86:4b:46:e4:30:83:41:09:26:9d:be:08:bb:e1:ce:
11:39:8c:d2:65:2e:20:64:9c:b8:64:49:f3:6d:02:
b8:de:c9:a3:43:49:9c:f0:81:1a:43:7f:3d:6b:af:
c4:79:e6:25:49:68:11:b7:57:49:94:af:60:0b:b2:
7d:45:69:e1:3d:94:f1:18:6c:b4:f7:aa:a5:72:cd:
4a:77:65:21:29:7b:53:3c:d0:1c:fd:ac:94:c5:6f:
06:9e:38:65:99:57:49:3c:2a:ef:7f:be:6a:cd:8b:
a5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:23:C1:C0:89:E3:64:3F:52:E0:F6:B2:69:8F:91:4B:6F:86:82
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f0:f5:80:0b:4a:83:58:a7:ed:7e:07:5b:e6:0e:2b:ec:bf:
3f:6a:1e:6e:93:1f:25:ac:80:61:d1:2a:0e:a3:41:65:55:46:
fc:17:5d:4c:3f:04:b3:31:c2:7e:e6:88:fc:eb:c9:33:d2:c1:
2f:e4:3c:ab:55:8d:dd:f2:f1:77:4f:56:29:61:10:1c:04:49:
a8:b4:1f:78:8b:2d:3d:67:8b:98:e1:03:af:b0:d6:12:9f:1c:
20:94:a8:91:60:94:4f:d3:f2:cd:bb:2d:50:d5:34:8a:a2:fb:
02:3f:6f:25:fa:9f:dc:9b:fa:3f:00:04:3a:23:3c:f6:cf:33:
e0:15:d7:ec:5e:8d:92:a2:62:ad:16:fe:42:21:13:46:d4:bb:
88:dd:22:f6:ef:51:7c:5e:0e:14:94:60:bb:7c:09:86:df:58:
38:77:13:47:e0:25:9e:29:d7:92:01:d5:11:4f:f5:29:6e:0e:
cd:32:84:99:8c:59:3e:9f:5f:8b:27:0c:17:06:35:62:d7:90:
6b:f7:16:1d:c5:f9:0d:f2:a1:60:69:59:59:8e:da:c8:1e:48:
c7:6f:b8:30:2c:97:f1:9c:41:6c:23:6d:fb:c3:5a:92:ff:f4:
d8:ba:a4:69:d6:9d:83:d5:c0:b1:c5:8d:54:03:85:7d:08:4f:
ea:28:cb:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEu2Gy4CHgBofcsJLkerJgt81tIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MTMxNTI4NTJaFw0yNjA4MTIxNTMzNTJaMDMxMTAvBgNV
BAMTKEIzMzkyM0MxQzA4OUUzNjQzRjUyRTBGNkIyNjk4RjkxNEI2Rjg2ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp9mRCyIrCbVoBX1vtPwjGmFWt
90lAnvWdmoDvPHAhffBH7yHDsQSqgwruANsSYA9J+9111yyzbsdnN4wv+YA5I1p/
uIbS5fi1fzNk/0d1Qdx2hv5ySrXxWIWxucXryW1EyS6tl5/LVMweJViMjaXHmCFA
+X7kVb/rYYhNn2dNySQ6+FzI4mMNSpSNq8Ih1SZyV2Y74IZLRuQwg0EJJp2+CLvh
zhE5jNJlLiBknLhkSfNtArjeyaNDSZzwgRpDfz1rr8R55iVJaBG3V0mUr2ALsn1F
aeE9lPEYbLT3qqVyzUp3ZSEpe1M80Bz9rJTFbwaeOGWZV0k8Ku9/vmrNi6U5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUszkjwcCJ42Q/UuD2smmPkUtvhoIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAC11l4D
BAC11m4DBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8DBAC/Zd8D
BADVbakwDQYJKoZIhvcNAQELBQADggEBAE7w9YALSoNYp+1+B1vmDivsvz9qHm6T
HyWsgGHRKg6jQWVVRvwXXUw/BLMxwn7miPzryTPSwS/kPKtVjd3y8XdPVilhEBwE
Sai0H3iLLT1ni5jhA6+w1hKfHCCUqJFglE/T8s27LVDVNIqi+wI/byX6n9yb+j8A
BDojPPbPM+AV1+xejZKiYq0W/kIhE0bUu4jdIvbvUXxeDhSUYLt8CYbfWDh3E0fg
JZ4p15IB1RFP9SluDs0yhJmMWT6fX4snDBcGNWLXkGv3Fh3F+Q3yoWBpWVmO2sge
SMdvuDAsl/GcQWwjbfvDWpL/9Ni6pGnWnYPVwLHFjVQDhX0IT+ooy7M=
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:37:13 2025 by rpki-client