Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: c33p0ONAIt1d6jqzfbXhIC8xNlsK6ChMjErgyXrOad0=
Subject key identifier: CD:4F:F4:FB:29:9D:49:A2:7B:89:BB:EB:2D:DE:96:D2:91:34:FE:63
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3324135C9439ABD53BF83C48AEFA83ADD8786C40
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Tue 12 May 2026 21:40:57 +0000
ROA not before: Tue 12 May 2026 21:35:57 +0000
ROA not after: Tue 11 May 2027 21:40:57 +0000
asID: 16509
IP address blocks: 82.21.28.0/22 maxlen: 24
82.23.172.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
82.47.64.0/19 maxlen: 24
82.47.152.0/22 maxlen: 24
84.75.18.0/24 maxlen: 24
84.75.19.0/24 maxlen: 24
84.75.34.0/24 maxlen: 24
84.75.36.0/24 maxlen: 24
84.75.37.0/24 maxlen: 24
84.75.38.0/24 maxlen: 24
84.75.41.0/24 maxlen: 24
84.75.42.0/24 maxlen: 24
84.75.48.0/24 maxlen: 24
84.75.50.0/24 maxlen: 24
84.75.51.0/24 maxlen: 24
84.75.52.0/24 maxlen: 24
84.75.53.0/24 maxlen: 24
84.75.55.0/24 maxlen: 24
84.75.61.0/24 maxlen: 24
84.75.62.0/24 maxlen: 24
84.75.63.0/24 maxlen: 24
84.75.64.0/24 maxlen: 24
84.75.65.0/24 maxlen: 24
84.75.67.0/24 maxlen: 24
84.75.68.0/24 maxlen: 24
84.75.69.0/24 maxlen: 24
84.75.70.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
84.75.132.0/23 maxlen: 24
178.83.112.0/22 maxlen: 22
178.83.182.0/23 maxlen: 24
178.83.230.0/23 maxlen: 24
2a13:9500:110::/48 maxlen: 48
2a13:9500:126::/48 maxlen: 48
2a13:9500:127::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:24:13:5c:94:39:ab:d5:3b:f8:3c:48:ae:fa:83:ad:d8:78:6c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 12 21:35:57 2026 GMT
Not After : May 11 21:40:57 2027 GMT
Subject: CN=CD4FF4FB299D49A27B89BBEB2DDE96D29134FE63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b9:b2:eb:fa:36:6f:12:b4:79:07:46:a6:bd:
01:2b:72:9e:73:61:b0:b8:b1:3d:70:43:a3:90:c0:
cf:1e:88:17:73:f6:c1:32:16:a4:fe:80:d5:52:45:
cd:c6:3f:ff:1d:f8:62:ba:65:7b:64:bd:41:71:8e:
3f:7b:18:a6:9f:0b:31:ed:b1:83:c5:d8:96:f6:cf:
14:0f:5d:29:d2:89:15:e2:78:e4:63:dc:4d:39:5c:
f0:c3:93:30:2e:1e:8c:e2:aa:70:41:1e:2f:93:b0:
97:f9:7f:ab:49:f5:b1:49:04:61:86:74:e1:43:75:
00:49:a4:99:39:32:ab:3b:93:ce:aa:12:3d:ae:13:
37:6e:35:ba:b9:6a:8d:d0:58:28:bd:ae:d9:2b:0e:
05:77:93:95:b8:61:11:ff:16:e5:8f:5c:a2:08:0e:
3e:5b:0d:4c:53:2c:9c:5e:20:a3:3b:a8:f7:41:1c:
93:19:97:96:f7:23:1f:2d:65:54:29:35:19:22:76:
6b:5a:03:83:c0:3c:d2:e9:64:c5:aa:6b:17:bf:7d:
7b:f0:6d:73:94:97:4d:6c:98:23:8a:34:67:2b:18:
8d:3c:f4:01:ef:b1:5c:a9:c2:23:87:3c:db:32:3a:
62:9c:a6:c8:d4:82:37:bf:52:7e:49:8e:10:b3:ef:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4F:F4:FB:29:9D:49:A2:7B:89:BB:EB:2D:DE:96:D2:91:34:FE:63
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.23.172.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.41.200.0/24
82.47.64.0/19
82.47.152.0/22
84.75.18.0/23
84.75.34.0/24
84.75.36.0-84.75.38.255
84.75.41.0-84.75.42.255
84.75.48.0/24
84.75.50.0-84.75.53.255
84.75.55.0/24
84.75.61.0-84.75.65.255
84.75.67.0-84.75.70.255
84.75.96.0/19
84.75.132.0/23
178.83.112.0/22
178.83.182.0/23
178.83.230.0/23
IPv6:
2a13:9500:110::/48
2a13:9500:126::/47
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
9a:df:d2:7b:22:24:91:23:9d:0a:f7:0a:30:5f:41:2c:79:aa:
a9:e2:d9:e3:a2:17:1d:28:a4:10:47:eb:ba:77:b1:43:ab:10:
cd:6f:aa:46:d9:36:6d:9d:e3:96:41:87:8c:d1:69:78:61:88:
c2:3d:8e:2f:ed:6e:f5:39:9b:94:85:44:f7:e5:b8:1a:89:20:
4b:ef:a8:c3:fe:ae:7b:de:c2:35:88:5c:4f:e2:de:7e:99:84:
cb:0a:3a:66:86:67:45:7c:cb:2c:9a:70:19:3c:10:4a:a1:c4:
9f:06:c1:30:07:24:a2:22:15:c3:88:f0:3d:38:01:44:78:ed:
40:03:b3:f1:3e:79:f5:59:0a:3f:28:9a:bc:a3:c1:3f:35:c1:
a8:3a:18:63:10:a4:02:fc:1c:c0:bd:b2:c9:28:a2:3c:22:ba:
44:50:9a:34:d0:52:7c:37:07:ea:8a:96:39:95:ac:3f:f7:b7:
32:2d:cd:7f:8d:ab:15:3f:2d:6d:1b:6a:eb:64:06:65:32:93:
63:5d:bf:ab:e9:33:7f:2e:50:d3:b3:0f:21:82:9e:e1:06:68:
98:af:bf:8f:e3:b0:c4:f8:78:2a:0c:45:b0:ac:ab:d3:b0:7b:
9e:d6:c7:7e:43:19:d3:f5:90:4d:ba:66:0d:6f:10:97:a3:0e:
9b:04:5d:e9
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIUMyQTXJQ5q9U7+DxIrvqDrdh4bEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTIyMTM1NTdaFw0yNzA1MTEyMTQwNTdaMDMxMTAvBgNV
BAMTKENENEZGNEZCMjk5RDQ5QTI3Qjg5QkJFQjJEREU5NkQyOTEzNEZFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ubLr+jZvErR5B0amvQErcp5z
YbC4sT1wQ6OQwM8eiBdz9sEyFqT+gNVSRc3GP/8d+GK6ZXtkvUFxjj97GKafCzHt
sYPF2Jb2zxQPXSnSiRXieORj3E05XPDDkzAuHoziqnBBHi+TsJf5f6tJ9bFJBGGG
dOFDdQBJpJk5Mqs7k86qEj2uEzduNbq5ao3QWCi9rtkrDgV3k5W4YRH/FuWPXKII
Dj5bDUxTLJxeIKM7qPdBHJMZl5b3Ix8tZVQpNRkidmtaA4PAPNLpZMWqaxe/fXvw
bXOUl01smCOKNGcrGI089AHvsVypwiOHPNsyOmKcpsjUgje/Un5JjhCz71azAgMB
AAGjggMJMIIDBTAdBgNVHQ4EFgQUzU/0+ymdSaJ7ibvrLd6W0pE0/mMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEdBggrBgEFBQcBBwEB/wSCAQwwggEIMIHZBAIAATCB
0gMEAlIVHAMEAFIXrAMEAFIYTAMEAFIYZAMEAFIamgMEAFIayQMEAFIdADAMAwQB
Uh0CAwQAUh0EAwQAUh1mAwQBUh1oAwQAUinIAwQFUi9AAwQCUi+YAwQBVEsSAwQA
VEsiMAwDBAJUSyQDBABUSyYwDAMEAFRLKQMEAFRLKgMEAFRLMDAMAwQBVEsyAwQB
VEs0AwQAVEs3MAwDBABUSz0DBAFUS0AwDAMEAFRLQwMEAFRLRgMEBVRLYAMEAVRL
hAMEArJTcAMEAbJTtgMEAbJT5jAqBAIAAjAkAwcAKhOVAAEQAwcBKhOVAAEmAwcA
KhOVAAE6AwcAKhOVAAFXMA0GCSqGSIb3DQEBCwUAA4IBAQCa39J7IiSRI50K9wow
X0Eseaqp4tnjohcdKKQQR+u6d7FDqxDNb6pG2TZtneOWQYeM0Wl4YYjCPY4v7W71
OZuUhUT35bgaiSBL76jD/q573sI1iFxP4t5+mYTLCjpmhmdFfMssmnAZPBBKocSf
BsEwBySiIhXDiPA9OAFEeO1AA7PxPnn1WQo/KJq8o8E/NcGoOhhjEKQC/BzAvbLJ
KKI8IrpEUJo00FJ8NwfqipY5law/97cyLc1/jasVPy1tG2rrZAZlMpNjXb+r6TN/
LlDTsw8hgp7hBmiYr7+P47DE+HgqDEWwrKvTsHue1sd+QxnT9ZBNumYNbxCXow6b
BF3p
-----END CERTIFICATE-----
Generated at Wed May 13 08:42:03 2026 by rpki-client