Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: EvsB2B9ahqYlbcm0Btq3S5n3boz80GxV10CUcxuzUsg=
Subject key identifier: 2F:5E:B9:3B:7F:53:B6:C1:9A:DF:3D:FC:47:76:96:9A:E0:5B:73:D9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 13C81C3271138930F29E6BAE90A36BE54DEB6185
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Mon 29 Sep 2025 06:41:10 +0000
ROA not before: Mon 29 Sep 2025 06:36:10 +0000
ROA not after: Mon 28 Sep 2026 06:41:10 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.23.162.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c8:1c:32:71:13:89:30:f2:9e:6b:ae:90:a3:6b:e5:4d:eb:61:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Sep 29 06:36:10 2025 GMT
Not After : Sep 28 06:41:10 2026 GMT
Subject: CN=2F5EB93B7F53B6C19ADF3DFC4776969AE05B73D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:ae:cf:15:52:8c:3e:41:c5:39:9f:d1:fd:
11:23:e3:80:21:84:e1:97:a6:75:19:cd:25:55:78:
f3:69:95:c0:8d:b3:b0:53:1a:59:4d:33:43:96:2a:
d3:25:f3:45:18:b7:bf:ee:d2:19:12:2b:c5:8f:67:
a5:9c:60:73:1c:08:1c:8f:a0:80:69:d8:2c:3f:8c:
ee:a8:f8:10:82:d7:ac:b7:8e:16:40:a8:b5:60:68:
d4:86:56:d2:c0:89:6a:80:dd:37:e3:34:d3:02:9e:
7e:dc:d3:8f:c7:69:67:08:cd:7e:3f:dc:06:d7:f9:
95:f9:48:a2:08:75:0f:f7:b1:08:43:df:f9:90:53:
73:64:53:67:76:8c:42:89:ef:60:75:31:dc:e8:6e:
92:45:32:87:78:86:55:0a:8f:b5:70:c2:65:ed:7f:
a8:9e:04:cb:60:8e:cf:19:25:34:ea:d6:98:13:a2:
bf:f7:f8:27:b5:9c:c9:6d:27:53:8b:4a:cf:11:df:
01:10:03:08:6e:3f:72:88:b7:1b:ea:e8:44:8d:d5:
d7:2e:7e:a6:40:2e:95:d6:eb:0c:d9:d0:e4:ad:cf:
b4:1d:aa:5d:6d:f8:a0:55:56:6a:ca:6d:ef:e2:d8:
96:5b:ff:a4:a8:e6:02:e8:24:9a:f1:5d:e4:fe:0b:
7c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:B9:3B:7F:53:B6:C1:9A:DF:3D:FC:47:76:96:9A:E0:5B:73:D9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.118.0/24
82.23.162.0/24
82.24.31.0/24
82.24.96.0/22
82.25.146.0/23
82.26.176.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:4d:f0:da:a2:a1:af:68:df:40:9d:5b:a3:4a:df:1d:a4:e2:
0b:31:8f:4e:7b:6d:93:10:3d:54:2d:81:fc:b0:13:f2:ad:1c:
c0:d6:bb:c7:54:8a:48:91:c1:01:a9:21:a7:9c:e4:ca:9b:6a:
d1:0f:97:cb:20:2b:b2:0e:6e:74:3d:f6:ce:9c:ed:80:e2:e8:
97:c4:3a:34:34:5c:a4:fa:63:75:1d:8a:5e:fe:1b:1d:45:07:
8c:46:59:ec:8f:0e:ec:a8:f3:72:61:0d:a6:15:75:eb:30:f0:
68:db:14:1e:b6:f8:69:ca:6a:6b:e1:2d:fc:be:55:44:7b:1a:
b9:4b:7f:83:59:b9:57:86:af:0a:73:9d:3f:13:73:bc:32:a3:
23:91:43:94:1a:34:97:eb:9e:63:40:6f:f6:be:f5:f6:0c:53:
07:49:b8:b6:f4:97:17:83:93:3e:99:81:7a:0b:9e:85:11:e3:
da:98:85:30:0e:4d:04:71:84:21:ea:70:b4:2a:4c:7a:bb:32:
a5:6f:5a:f3:05:0b:f8:c7:0b:ce:57:51:a4:85:6e:ac:20:68:
37:84:87:98:b2:2b:61:e6:1d:4b:7a:69:cf:eb:07:73:4e:bf:
e3:39:43:6e:9c:39:a7:5a:c4:03:16:1d:4b:5e:34:98:65:96:
71:02:6c:8e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUE8gcMnETiTDynmuukKNr5U3rYYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjkwNjM2MTBaFw0yNjA5MjgwNjQxMTBaMDMxMTAvBgNV
BAMTKDJGNUVCOTNCN0Y1M0I2QzE5QURGM0RGQzQ3NzY5NjlBRTA1QjczRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCssq7PFVKMPkHFOZ/R/REj44Ah
hOGXpnUZzSVVePNplcCNs7BTGllNM0OWKtMl80UYt7/u0hkSK8WPZ6WcYHMcCByP
oIBp2Cw/jO6o+BCC16y3jhZAqLVgaNSGVtLAiWqA3TfjNNMCnn7c04/HaWcIzX4/
3AbX+ZX5SKIIdQ/3sQhD3/mQU3NkU2d2jEKJ72B1MdzobpJFMod4hlUKj7VwwmXt
f6ieBMtgjs8ZJTTq1pgTor/3+Ce1nMltJ1OLSs8R3wEQAwhuP3KItxvq6ESN1dcu
fqZALpXW6wzZ0OStz7Qdql1t+KBVVmrKbe/i2JZb/6So5gLoJJrxXeT+C3wNAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUL165O39TtsGa3z38R3aWmuBbc9kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABSFYsD
BABSFnYDBABSF6IDBABSGB8DBAJSGGADBAFSGZIDBARSGrAwDQYJKoZIhvcNAQEL
BQADggEBAIxN8Nqioa9o30CdW6NK3x2k4gsxj057bZMQPVQtgfywE/KtHMDWu8dU
ikiRwQGpIaec5MqbatEPl8sgK7IObnQ99s6c7YDi6JfEOjQ0XKT6Y3Udil7+Gx1F
B4xGWeyPDuyo83JhDaYVdesw8GjbFB62+GnKamvhLfy+VUR7GrlLf4NZuVeGrwpz
nT8Tc7wyoyORQ5QaNJfrnmNAb/a+9fYMUwdJuLb0lxeDkz6ZgXoLnoUR49qYhTAO
TQRxhCHqcLQqTHq7MqVvWvMFC/jHC85XUaSFbqwgaDeEh5iyK2HmHUt6ac/rB3NO
v+M5Q26cOadaxAMWHUteNJhllnECbI4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:58:08 2025 by rpki-client