Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: 1gfzhG8vPhtoba9P197YPW8cpSBNuxHp9u4uzDXyNL8=
Subject key identifier: 4A:B8:93:7E:90:6C:53:1F:EF:11:F5:D9:6B:D6:8C:AE:90:66:87:C6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 604159311EC7DD0AC6B4078E77FDCCBB8AC8A2D5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
Signing time: Fri 22 Aug 2025 10:43:41 +0000
ROA not before: Fri 22 Aug 2025 10:38:41 +0000
ROA not after: Fri 21 Aug 2026 10:43:41 +0000
asID: 16276
IP address blocks: 82.21.139.0/24 maxlen: 24
82.22.118.0/24 maxlen: 24
82.24.96.0/22 maxlen: 24
82.25.146.0/23 maxlen: 24
82.25.200.0/24 maxlen: 24
82.26.176.0/21 maxlen: 24
82.26.184.0/21 maxlen: 24
82.27.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:41:59:31:1e:c7:dd:0a:c6:b4:07:8e:77:fd:cc:bb:8a:c8:a2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 22 10:38:41 2025 GMT
Not After : Aug 21 10:43:41 2026 GMT
Subject: CN=4AB8937E906C531FEF11F5D96BD68CAE906687C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:22:3d:cb:f8:a2:ab:f9:42:6c:20:21:fc:
d8:69:f8:71:86:c6:43:14:2f:d9:50:23:3d:6a:79:
1c:6c:2d:ab:d2:e1:85:bd:ed:88:9d:12:cd:f0:bc:
04:36:dd:8a:d6:d6:4e:2f:63:7d:c1:bc:64:93:a9:
50:32:92:77:4e:db:86:5c:78:0c:e2:ce:9a:fd:e3:
e6:64:39:fd:31:c5:22:bd:23:e5:b9:38:0f:34:97:
95:08:6c:57:a9:a1:ac:b6:8d:fd:c1:d2:bb:28:1b:
31:56:a5:51:e5:b6:91:9d:19:49:6a:6a:4f:92:3d:
6f:f6:ef:48:2f:24:2c:31:ab:18:35:5d:da:fc:21:
74:8f:08:dc:28:2c:5d:9d:67:1d:35:7c:aa:c0:35:
9d:ea:1b:b8:13:fa:94:a0:b9:2f:59:0a:ee:a9:d2:
95:36:ef:4a:29:de:8b:ee:ac:0e:81:bf:a7:d5:b7:
0e:28:6d:ad:0e:0e:3f:9c:2b:31:21:9d:55:43:0a:
ac:36:49:94:75:b3:ca:0a:1b:41:e9:9a:a4:47:db:
5b:5a:7c:66:50:b6:5f:f4:6b:78:4d:0b:cd:7c:a2:
06:66:74:a3:a8:69:54:07:8b:24:56:73:d2:0b:20:
24:25:14:56:03:dc:5c:be:1c:45:a8:0f:c5:1b:8a:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B8:93:7E:90:6C:53:1F:EF:11:F5:D9:6B:D6:8C:AE:90:66:87:C6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.139.0/24
82.22.118.0/24
82.24.96.0/22
82.25.146.0/23
82.25.200.0/24
82.26.176.0/20
82.27.197.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f0:b6:c2:1a:2e:a8:53:53:51:15:9b:87:2d:db:9f:c0:5f:
bc:96:4a:af:a1:7f:45:18:bf:5d:61:28:e5:87:04:ff:1c:c1:
e3:fe:35:37:fd:69:93:e5:2a:e7:c7:67:84:f3:65:86:1b:d2:
73:b4:e1:1f:b3:44:3d:84:61:ac:94:70:4c:24:67:ca:ce:d9:
6c:d1:42:90:48:e4:d5:b2:d9:7f:45:1f:20:53:0e:50:eb:d8:
8b:af:93:d6:df:5d:e1:74:b9:fa:17:d4:79:7a:b5:d5:93:a4:
31:13:87:2f:ea:3f:a0:f8:3e:50:b5:8a:8f:a6:e1:80:61:2e:
b3:fa:b7:48:01:5b:66:58:a8:22:6f:4f:53:bb:ac:62:0b:7e:
b7:0a:c3:78:6e:6e:de:31:ac:42:b3:45:99:39:08:b5:6b:da:
c1:fb:1d:88:fe:df:d3:ff:8e:75:f2:6d:4d:ac:61:bc:78:f8:
b9:32:d0:a6:b6:f6:e2:44:24:ff:ce:da:85:81:4a:7a:c0:0f:
3f:3c:37:bb:1c:f8:b5:49:ec:a2:0a:7d:a2:a7:23:67:d6:0e:
3d:39:49:0b:a4:09:7d:1f:56:26:f7:57:53:58:2a:29:a4:36:
b2:1c:a4:3e:0b:2b:07:83:1a:a4:e8:61:91:ee:6c:03:b0:94:
0e:67:d6:02
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUYEFZMR7H3QrGtAeOd/3Mu4rIotUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjIxMDM4NDFaFw0yNjA4MjExMDQzNDFaMDMxMTAvBgNV
BAMTKDRBQjg5MzdFOTA2QzUzMUZFRjExRjVEOTZCRDY4Q0FFOTA2Njg3QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjiCI9y/iiq/lCbCAh/Nhp+HGG
xkMUL9lQIz1qeRxsLavS4YW97YidEs3wvAQ23YrW1k4vY33BvGSTqVAykndO24Zc
eAzizpr94+ZkOf0xxSK9I+W5OA80l5UIbFepoay2jf3B0rsoGzFWpVHltpGdGUlq
ak+SPW/270gvJCwxqxg1Xdr8IXSPCNwoLF2dZx01fKrANZ3qG7gT+pSguS9ZCu6p
0pU270op3ovurA6Bv6fVtw4oba0ODj+cKzEhnVVDCqw2SZR1s8oKG0HpmqRH21ta
fGZQtl/0a3hNC818ogZmdKOoaVQHiyRWc9ILICQlFFYD3Fy+HEWoD8Ubip8tAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUSriTfpBsUx/vEfXZa9aMrpBmh8YwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBABSFYsD
BABSFnYDBAJSGGADBAFSGZIDBABSGcgDBARSGrADBABSG8UwDQYJKoZIhvcNAQEL
BQADggEBABrwtsIaLqhTU1EVm4ct25/AX7yWSq+hf0UYv11hKOWHBP8cweP+NTf9
aZPlKufHZ4TzZYYb0nO04R+zRD2EYayUcEwkZ8rO2WzRQpBI5NWy2X9FHyBTDlDr
2Iuvk9bfXeF0ufoX1Hl6tdWTpDEThy/qP6D4PlC1io+m4YBhLrP6t0gBW2ZYqCJv
T1O7rGILfrcKw3hubt4xrEKzRZk5CLVr2sH7HYj+39P/jnXybU2sYbx4+Lky0Ka2
9uJEJP/O2oWBSnrADz88N7sc+LVJ7KIKfaKnI2fWDj05SQukCX0fVib3V1NYKimk
NrIcpD4LKweDGqToYZHubAOwlA5n1gI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:44:23 2025 by rpki-client