Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: A3SwGCE3IGlEQyZszmGCSCvlG45bZW/6qr6w1rVEG1A=
Subject key identifier: D9:9E:17:74:8F:58:2F:2B:66:81:89:AA:A7:74:5E:3F:D5:36:B1:ED
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5E503AB694A41648EB7EB01CC47F554F16709750
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Thu 09 Oct 2025 10:23:55 +0000
ROA not before: Thu 09 Oct 2025 10:18:55 +0000
ROA not after: Thu 08 Oct 2026 10:23:55 +0000
asID: 16509
IP address blocks: 179.61.253.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.110.0/24 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
191.101.223.0/24 maxlen: 24
213.109.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:50:3a:b6:94:a4:16:48:eb:7e:b0:1c:c4:7f:55:4f:16:70:97:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 9 10:18:55 2025 GMT
Not After : Oct 8 10:23:55 2026 GMT
Subject: CN=D99E17748F582F2B668189AAA7745E3FD536B1ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:e6:98:98:86:04:66:9f:b2:24:63:95:2e:
b0:6a:9c:27:8e:a1:92:3a:81:2e:be:dc:48:26:d7:
be:0f:6c:56:1d:10:df:2c:b3:6b:ad:04:98:ac:61:
48:92:29:71:f5:99:d9:c8:3f:c6:3f:54:f5:1a:26:
de:f0:da:ee:c3:3f:ae:40:d0:08:3f:3d:b5:13:a1:
9b:02:3b:cb:0b:91:1d:f0:74:78:a8:fc:a9:f2:63:
3f:30:d1:9f:b6:f3:92:ff:3e:5b:f7:74:eb:99:58:
ec:0b:aa:51:f6:68:11:39:f6:5f:9a:fe:ea:56:0d:
17:b7:22:3c:e3:24:a2:13:f7:bc:74:f0:1d:bd:99:
1b:6e:3b:b7:cc:ed:eb:3e:58:08:f7:8f:3f:62:f1:
6a:21:09:e9:a2:1c:9d:63:bd:56:18:7c:a5:e5:72:
b6:cc:28:bc:36:39:69:04:a4:c6:80:1a:c5:bf:9b:
4e:d2:f2:18:bc:83:09:19:4d:f1:49:e0:93:59:f4:
b5:6f:f4:6b:de:08:b3:36:37:7c:4f:8f:e7:01:aa:
fd:ac:7f:9f:8d:a5:68:97:fb:ce:ce:86:fa:38:da:
a1:a0:aa:3a:75:ea:e5:01:1f:f5:f0:74:53:48:21:
10:1c:a0:6c:e3:bd:28:be:6a:6b:e4:b2:1a:82:4a:
5c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9E:17:74:8F:58:2F:2B:66:81:89:AA:A7:74:5E:3F:D5:36:B1:ED
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.253.0/24
181.214.94.0/24
181.214.110.0/24
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
191.101.223.0/24
213.109.169.0/24
Signature Algorithm: sha256WithRSAEncryption
88:07:21:dd:90:a2:8d:b4:39:62:d6:34:08:a5:ca:d9:aa:32:
5a:40:e1:79:a3:57:fc:ee:fd:dc:bf:19:a7:02:80:28:da:46:
40:16:d2:ef:2b:15:ca:61:52:80:0b:b2:25:53:b0:01:d6:a6:
ab:83:b5:2d:9c:dc:7f:df:dc:2c:60:42:31:6f:75:b3:04:cd:
ee:7c:91:b7:78:81:4f:f7:78:5f:78:09:c4:1c:09:34:28:2c:
4e:9c:fb:8f:22:3e:a7:6f:ef:ef:54:9c:53:20:88:c4:c2:3f:
51:6d:bb:f2:b9:04:f6:cd:dd:e5:b5:37:ea:66:9b:70:46:18:
3a:a0:55:1d:57:94:68:9e:ee:d7:1c:3c:11:30:dd:d7:d0:ed:
d2:17:51:86:73:7f:89:7b:39:5a:cb:30:1d:61:98:b7:9c:88:
7d:47:f3:20:92:72:35:d0:2f:94:8b:04:7f:93:20:29:8d:bf:
fb:a8:b3:50:df:fa:d5:f1:1c:f9:f7:a0:74:3f:df:0b:ec:33:
c3:6a:83:3f:e3:e3:d0:a0:97:54:1b:ca:6b:ac:b8:24:4a:9a:
7d:34:a2:42:2a:63:2e:d7:f8:09:82:9a:b9:3d:28:bd:ef:25:
b1:9c:48:b6:09:95:a7:73:2b:7f:b2:18:d4:a1:ab:d5:e8:18:
5e:80:b3:83
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUXlA6tpSkFkjrfrAcxH9VTxZwl1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMDkxMDE4NTVaFw0yNjEwMDgxMDIzNTVaMDMxMTAvBgNV
BAMTKEQ5OUUxNzc0OEY1ODJGMkI2NjgxODlBQUE3NzQ1RTNGRDUzNkIxRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh6uaYmIYEZp+yJGOVLrBqnCeO
oZI6gS6+3Egm174PbFYdEN8ss2utBJisYUiSKXH1mdnIP8Y/VPUaJt7w2u7DP65A
0Ag/PbUToZsCO8sLkR3wdHio/KnyYz8w0Z+285L/Plv3dOuZWOwLqlH2aBE59l+a
/upWDRe3IjzjJKIT97x08B29mRtuO7fM7es+WAj3jz9i8WohCemiHJ1jvVYYfKXl
crbMKLw2OWkEpMaAGsW/m07S8hi8gwkZTfFJ4JNZ9LVv9GveCLM2N3xPj+cBqv2s
f5+NpWiX+87Ohvo42qGgqjp16uUBH/XwdFNIIRAcoGzjvSi+amvkshqCSlxDAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQU2Z4XdI9YLytmgYmqp3ReP9U2se0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBACzPf0D
BAC11l4DBAC11m4DBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8D
BAC/Zd8DBADVbakwDQYJKoZIhvcNAQELBQADggEBAIgHId2Qoo20OWLWNAilytmq
MlpA4XmjV/zu/dy/GacCgCjaRkAW0u8rFcphUoALsiVTsAHWpquDtS2c3H/f3Cxg
QjFvdbMEze58kbd4gU/3eF94CcQcCTQoLE6c+48iPqdv7+9UnFMgiMTCP1Ftu/K5
BPbN3eW1N+pmm3BGGDqgVR1XlGie7tccPBEw3dfQ7dIXUYZzf4l7OVrLMB1hmLec
iH1H8yCScjXQL5SLBH+TICmNv/uos1Df+tXxHPn3oHQ/3wvsM8Nqgz/j49Cgl1Qb
ymusuCRKmn00okIqYy7X+AmCmrk9KL3vJbGcSLYJladzK3+yGNShq9XoGF6As4M=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:12:02 2025 by rpki-client