Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: MQx2Op2W71DSezXlfxRFK2dt8q3SnsIOyWPfrUy4g24=
Subject key identifier: CF:79:04:FE:57:3E:5F:8D:A0:C0:B6:50:23:94:AC:C2:CE:3B:BE:F1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7990992AD4F2BBCB089BB8FDB34F85FE810AF48E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Wed 25 Mar 2026 11:21:24 +0000
ROA not before: Wed 25 Mar 2026 11:16:24 +0000
ROA not after: Wed 24 Mar 2027 11:21:24 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.15.0/24 maxlen: 24
82.22.18.0/24 maxlen: 24
82.22.25.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.81.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.29.126.0/24 maxlen: 24
82.38.2.0/24 maxlen: 24
82.38.32.0/24 maxlen: 24
82.38.82.0/24 maxlen: 24
82.38.124.0/22 maxlen: 24
82.38.140.0/22 maxlen: 24
82.38.152.0/22 maxlen: 24
82.38.156.0/22 maxlen: 24
82.38.160.0/22 maxlen: 24
82.38.164.0/22 maxlen: 24
82.38.224.0/22 maxlen: 24
82.38.228.0/22 maxlen: 24
82.38.232.0/22 maxlen: 24
82.38.236.0/22 maxlen: 24
82.38.240.0/22 maxlen: 24
82.38.244.0/22 maxlen: 24
82.38.248.0/22 maxlen: 24
82.38.252.0/22 maxlen: 24
82.39.108.0/24 maxlen: 24
82.39.138.0/24 maxlen: 24
82.39.156.0/22 maxlen: 24
82.39.176.0/22 maxlen: 24
82.39.180.0/22 maxlen: 24
82.39.216.0/22 maxlen: 24
82.39.221.0/24 maxlen: 24
82.39.224.0/22 maxlen: 24
82.40.0.0/22 maxlen: 24
82.40.4.0/22 maxlen: 24
82.40.8.0/22 maxlen: 24
82.40.12.0/22 maxlen: 24
82.40.16.0/22 maxlen: 24
82.41.44.0/22 maxlen: 24
82.41.52.0/22 maxlen: 24
82.41.68.0/22 maxlen: 24
82.41.80.0/22 maxlen: 24
82.41.88.0/22 maxlen: 24
82.41.100.0/22 maxlen: 24
82.41.104.0/22 maxlen: 24
82.41.108.0/22 maxlen: 24
82.41.124.0/22 maxlen: 24
82.41.134.0/24 maxlen: 24
82.41.148.0/22 maxlen: 24
82.41.152.0/22 maxlen: 24
82.41.160.0/22 maxlen: 24
82.41.164.0/22 maxlen: 24
82.41.172.0/22 maxlen: 24
82.41.176.0/22 maxlen: 24
82.41.184.0/22 maxlen: 24
82.41.188.0/22 maxlen: 24
82.41.204.0/22 maxlen: 24
82.41.212.0/22 maxlen: 24
82.41.224.0/22 maxlen: 24
82.41.228.0/22 maxlen: 24
2a13:9500:138::/48 maxlen: 48
2a13:9500:143::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:90:99:2a:d4:f2:bb:cb:08:9b:b8:fd:b3:4f:85:fe:81:0a:f4:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 11:16:24 2026 GMT
Not After : Mar 24 11:21:24 2027 GMT
Subject: CN=CF7904FE573E5F8DA0C0B6502394ACC2CE3BBEF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:40:24:15:62:fc:43:1a:c5:93:48:33:3d:51:
ed:1b:97:eb:18:82:ea:94:91:f0:0f:96:5e:30:0c:
b3:a8:44:e5:17:4f:eb:ac:72:b3:82:92:59:52:69:
f5:3b:28:54:57:5f:fa:2c:c7:16:08:9b:10:71:07:
29:b8:89:2d:8b:52:a0:35:0a:22:b7:20:79:fe:b3:
2b:0f:d8:99:80:03:5d:1b:15:35:e6:e6:74:10:42:
b9:b9:25:9b:da:fc:fa:a8:ef:dc:c5:89:de:99:6c:
c5:70:1a:57:51:dc:fc:93:eb:94:59:90:d9:fa:94:
47:a5:11:44:b7:09:2d:4b:ee:c4:49:bf:ad:7e:7b:
7b:63:67:9d:bb:ca:26:2c:46:aa:e5:c4:ad:3e:50:
50:48:52:64:d0:b8:a0:95:34:35:ea:8b:79:49:48:
8f:cb:f6:ae:14:56:81:14:7e:22:96:e5:09:f6:eb:
6f:18:ce:ed:11:97:66:a0:ec:c2:f9:3c:d6:54:80:
6f:bd:63:3a:c2:8f:da:0b:0c:7c:fc:5f:fe:6b:08:
25:4c:e5:b3:ec:74:f9:83:b8:15:a0:dd:30:34:46:
ea:93:d6:00:5e:0d:12:fd:e0:37:bb:58:95:32:2d:
b9:7e:21:0c:c6:a1:35:24:83:23:46:b4:ef:56:10:
92:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:79:04:FE:57:3E:5F:8D:A0:C0:B6:50:23:94:AC:C2:CE:3B:BE:F1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.15.0/24
82.22.18.0/24
82.22.25.0/24
82.22.118.0/24
82.24.96.0/22
82.25.146.0/23
82.26.81.0/24
82.26.176.0/20
82.29.126.0/24
82.38.2.0/24
82.38.32.0/24
82.38.82.0/24
82.38.124.0/22
82.38.140.0/22
82.38.152.0-82.38.167.255
82.38.224.0/19
82.39.108.0/24
82.39.138.0/24
82.39.156.0/22
82.39.176.0/21
82.39.216.0/22
82.39.221.0/24
82.39.224.0/22
82.40.0.0-82.40.19.255
82.41.44.0/22
82.41.52.0/22
82.41.68.0/22
82.41.80.0/22
82.41.88.0/22
82.41.100.0-82.41.111.255
82.41.124.0/22
82.41.134.0/24
82.41.148.0-82.41.155.255
82.41.160.0/21
82.41.172.0-82.41.179.255
82.41.184.0/21
82.41.204.0/22
82.41.212.0/22
82.41.224.0/21
IPv6:
2a13:9500:138::/48
2a13:9500:143::/48
Signature Algorithm: sha256WithRSAEncryption
8b:89:42:56:78:fd:ae:c7:01:23:45:3f:d1:db:4e:60:75:09:
7f:fd:55:fe:bc:d0:15:7f:df:a5:ad:5f:d7:02:0b:25:1c:7f:
7c:97:40:9c:46:01:86:3e:e9:c9:89:20:20:c2:0e:f9:67:60:
35:db:9d:3c:95:5e:d0:43:3d:b1:46:2a:58:5e:c7:66:2a:1e:
03:a3:77:76:de:3c:08:43:96:80:0a:82:52:e0:1a:fe:3a:25:
e8:58:6f:1f:0d:7b:f5:64:78:7d:58:a6:82:57:36:28:a2:49:
19:f7:b2:3d:91:e6:77:08:1d:91:b2:db:5f:54:31:bf:d9:62:
ee:d2:24:21:51:7e:bf:a9:22:82:73:3e:93:c5:9f:02:83:40:
c3:4f:4a:8e:ee:38:9b:d9:b4:ae:8c:ee:d2:a9:79:2f:6f:a4:
b4:43:09:33:69:90:35:ba:a9:6f:3b:45:ed:8c:c3:1f:fc:35:
28:ae:42:83:57:ce:09:53:a6:87:f4:34:92:cd:f0:76:d9:a1:
5b:8a:50:13:84:9d:d1:ac:a4:1a:d8:9d:9d:4d:11:b8:06:66:
ac:73:a4:24:02:70:31:6e:30:22:7d:d9:f7:8b:0c:c5:55:51:
f5:92:bf:a4:dd:44:35:92:67:16:bf:21:98:15:c5:3d:cf:36:
7a:c4:16:3e
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIUeZCZKtTyu8sIm7j9s0+F/oEK9I4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjUxMTE2MjRaFw0yNzAzMjQxMTIxMjRaMDMxMTAvBgNV
BAMTKENGNzkwNEZFNTczRTVGOERBMEMwQjY1MDIzOTRBQ0MyQ0UzQkJFRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtQCQVYvxDGsWTSDM9Ue0bl+sY
guqUkfAPll4wDLOoROUXT+uscrOCkllSafU7KFRXX/osxxYImxBxBym4iS2LUqA1
CiK3IHn+sysP2JmAA10bFTXm5nQQQrm5JZva/Pqo79zFid6ZbMVwGldR3PyT65RZ
kNn6lEelEUS3CS1L7sRJv61+e3tjZ527yiYsRqrlxK0+UFBIUmTQuKCVNDXqi3lJ
SI/L9q4UVoEUfiKW5Qn2628Yzu0Rl2ag7ML5PNZUgG+9YzrCj9oLDHz8X/5rCCVM
5bPsdPmDuBWg3TA0RuqT1gBeDRL94De7WJUyLbl+IQzGoTUkgyNGtO9WEJIrAgMB
AAGjggM+MIIDOjAdBgNVHQ4EFgQUz3kE/lc+X42gwLZQI5Ssws47vvEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFSBggrBgEFBQcBBwEB/wSCAUEwggE9MIIBHwQCAAEw
ggEXAwQAUhWLAwQAUhYPAwQAUhYSAwQAUhYZAwQAUhZ2AwQCUhhgAwQBUhmSAwQA
UhpRAwQEUhqwAwQAUh1+AwQAUiYCAwQAUiYgAwQAUiZSAwQCUiZ8AwQCUiaMMAwD
BANSJpgDBANSJqADBAVSJuADBABSJ2wDBABSJ4oDBAJSJ5wDBANSJ7ADBAJSJ9gD
BABSJ90DBAJSJ+AwCwMDA1IoAwQCUigQAwQCUiksAwQCUik0AwQCUilEAwQCUilQ
AwQCUilYMAwDBAJSKWQDBARSKWADBAJSKXwDBABSKYYwDAMEAlIplAMEAlIpmAME
A1IpoDAMAwQCUimsAwQCUimwAwQDUim4AwQCUinMAwQCUinUAwQDUingMBgEAgAC
MBIDBwAqE5UAATgDBwAqE5UAAUMwDQYJKoZIhvcNAQELBQADggEBAIuJQlZ4/a7H
ASNFP9HbTmB1CX/9Vf680BV/36WtX9cCCyUcf3yXQJxGAYY+6cmJICDCDvlnYDXb
nTyVXtBDPbFGKlhex2YqHgOjd3bePAhDloAKglLgGv46JehYbx8Ne/VkeH1YpoJX
NiiiSRn3sj2R5ncIHZGy219UMb/ZYu7SJCFRfr+pIoJzPpPFnwKDQMNPSo7uOJvZ
tK6M7tKpeS9vpLRDCTNpkDW6qW87Re2Mwx/8NSiuQoNXzglTpof0NJLN8HbZoVuK
UBOEndGspBrYnZ1NEbgGZqxzpCQCcDFuMCJ92feLDMVVUfWSv6TdRDWSZxa/IZgV
xT3PNnrEFj4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:34:31 2026 by rpki-client