Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: Jnt98so5OdUKYXBYKfBXxCflNN/qmlm1KRFync3BF/0=
Subject key identifier: 76:51:1A:1B:79:5A:E4:EB:E1:9B:14:62:B7:EB:37:53:61:AB:A3:63
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 607E08E3D89ACD1E2D8C4CF7F2908963F2F7D9CC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
Signing time: Sun 15 Jun 2025 00:00:22 +0000
ROA not before: Sat 14 Jun 2025 23:55:22 +0000
ROA not after: Sun 14 Jun 2026 00:00:22 +0000
asID: 16509
IP address blocks: 181.214.110.0/24 maxlen: 24
181.214.236.0/23 maxlen: 24
181.215.206.0/23 maxlen: 24
185.135.159.0/24 maxlen: 24
185.137.12.0/24 maxlen: 24
185.137.13.0/24 maxlen: 24
185.141.166.0/24 maxlen: 24
191.96.204.0/24 maxlen: 24
191.101.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 01:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:7e:08:e3:d8:9a:cd:1e:2d:8c:4c:f7:f2:90:89:63:f2:f7:d9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 14 23:55:22 2025 GMT
Not After : Jun 14 00:00:22 2026 GMT
Subject: CN=76511A1B795AE4EBE19B1462B7EB375361ABA363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:c8:8d:14:90:c2:a6:5b:43:97:90:b5:26:
f7:91:49:fb:4f:68:4c:b9:23:a8:ad:39:41:9f:6b:
00:94:2d:0f:cb:4f:49:7b:e2:80:25:dc:29:a8:ea:
0a:09:c4:ca:61:91:a5:b1:38:a4:c2:7f:8c:f8:66:
88:fa:00:b6:dc:28:3e:0b:63:55:91:06:c1:2e:8c:
82:00:e8:73:5e:a9:e9:e1:10:af:7d:ab:92:a5:26:
af:61:68:ed:17:fc:9e:51:d3:fd:6c:91:46:8b:76:
13:cd:0e:06:9f:05:30:f7:1d:1a:44:bd:4d:fe:27:
96:8b:26:75:cf:6b:cc:35:da:a0:d5:bf:d3:33:91:
7c:52:4f:7f:82:03:41:90:77:8d:0f:fb:a1:73:e8:
30:ab:7f:d5:56:7d:42:98:ff:e4:29:b2:d5:35:ad:
f2:7f:63:30:27:a5:03:37:ef:a2:89:7a:cb:07:63:
1a:7b:60:b7:64:50:18:81:26:b8:f1:f3:fb:1c:50:
92:b7:00:77:f8:3a:b1:39:9e:a4:35:56:73:38:25:
69:22:1b:7a:ec:45:a5:c8:e9:91:82:df:03:1c:60:
67:91:de:d4:00:56:95:6f:76:74:c7:77:2d:45:40:
a1:b4:de:7a:8c:8a:d3:76:be:c5:4f:f3:61:48:07:
7c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:1A:1B:79:5A:E4:EB:E1:9B:14:62:B7:EB:37:53:61:AB:A3:63
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.110.0/24
181.214.236.0/23
181.215.206.0/23
185.135.159.0/24
185.137.12.0/23
185.141.166.0/24
191.96.204.0/24
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
48:c8:34:5a:21:5a:53:7d:91:e0:34:bc:be:94:13:7c:3c:ef:
85:fd:cd:59:0c:19:f9:d3:41:a7:a7:09:7d:16:ec:6e:8c:5a:
aa:6a:c0:f1:08:94:5e:97:e0:a4:73:7c:88:22:2e:a2:e9:74:
50:bc:86:dd:a7:8b:c6:8e:c0:d0:02:ae:c4:a0:ba:16:34:3a:
b1:3e:00:37:00:83:fe:93:34:d5:c7:32:f4:b2:eb:99:24:3d:
91:e8:b2:49:b1:ef:bb:80:62:73:d2:97:68:f2:c5:8f:b0:32:
72:77:8a:bd:2f:d6:c7:b8:f4:29:8b:22:42:cb:53:78:6a:84:
73:2e:1e:63:24:ac:35:cc:5a:bd:1c:93:09:cb:46:e7:18:d6:
2b:cb:b7:fd:da:90:7f:49:e9:e9:f2:ee:aa:de:cd:1b:e7:1a:
6d:ef:51:bd:4d:ac:66:2b:51:c4:b3:b9:ed:6d:4a:84:13:32:
09:b3:82:20:19:4e:0d:e8:d2:e0:84:68:ef:d2:82:63:ab:d9:
8b:43:17:4b:9e:b8:8b:07:3a:1e:38:ac:1d:5b:7b:2f:69:7e:
c9:e3:4b:08:d8:46:f0:06:69:5e:a1:80:aa:36:d6:60:a2:65:
6c:06:d4:2e:6a:3d:40:02:e4:36:71:ce:f9:b4:6a:e3:84:26:
b6:d8:1d:9e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUYH4I49iazR4tjEz38pCJY/L32cwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MTQyMzU1MjJaFw0yNjA2MTQwMDAwMjJaMDMxMTAvBgNV
BAMTKDc2NTExQTFCNzk1QUU0RUJFMTlCMTQ2MkI3RUIzNzUzNjFBQkEzNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6wciNFJDCpltDl5C1JveRSftP
aEy5I6itOUGfawCULQ/LT0l74oAl3Cmo6goJxMphkaWxOKTCf4z4Zoj6ALbcKD4L
Y1WRBsEujIIA6HNeqenhEK99q5KlJq9haO0X/J5R0/1skUaLdhPNDgafBTD3HRpE
vU3+J5aLJnXPa8w12qDVv9MzkXxST3+CA0GQd40P+6Fz6DCrf9VWfUKY/+QpstU1
rfJ/YzAnpQM376KJessHYxp7YLdkUBiBJrjx8/scUJK3AHf4OrE5nqQ1VnM4JWki
G3rsRaXI6ZGC3wMcYGeR3tQAVpVvdnTHdy1FQKG03nqMitN2vsVP82FIB3zdAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUdlEaG3la5OvhmxRit+s3U2Gro2MwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAC11m4D
BAG11uwDBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8wDQYJKoZI
hvcNAQELBQADggEBAEjINFohWlN9keA0vL6UE3w874X9zVkMGfnTQaenCX0W7G6M
WqpqwPEIlF6X4KRzfIgiLqLpdFC8ht2ni8aOwNACrsSguhY0OrE+ADcAg/6TNNXH
MvSy65kkPZHoskmx77uAYnPSl2jyxY+wMnJ3ir0v1se49CmLIkLLU3hqhHMuHmMk
rDXMWr0ckwnLRucY1ivLt/3akH9J6eny7qrezRvnGm3vUb1NrGYrUcSzue1tSoQT
MgmzgiAZTg3o0uCEaO/SgmOr2YtDF0ueuIsHOh44rB1bey9pfsnjSwjYRvAGaV6h
gKo21mCiZWwG1C5qPUAC5DZxzvm0auOEJrbYHZ4=
-----END CERTIFICATE-----
Generated at Sat Jun 28 16:39:29 2025 by rpki-client