Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: ykPUxHw2VKqMO+5tahjf4sygNaVMxut2+/ikyPIZhYw=
Subject key identifier: F8:EF:58:C6:74:CD:47:25:C5:FE:37:97:AC:63:09:EB:C1:E0:28:F5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 29BEED2BD6B89992077EE11DE6D323D40919CE67
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Tue 24 Mar 2026 13:49:42 +0000
ROA not before: Tue 24 Mar 2026 13:44:42 +0000
ROA not after: Tue 23 Mar 2027 13:49:42 +0000
asID: 16509
IP address blocks: 82.21.28.0/22 maxlen: 24
82.22.145.0/24 maxlen: 24
82.24.76.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.26.154.0/24 maxlen: 24
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
82.39.223.0/24 maxlen: 24
82.41.200.0/24 maxlen: 24
84.75.96.0/19 maxlen: 24
178.83.112.0/22 maxlen: 22
2a13:9500:110::/48 maxlen: 48
2a13:9500:13a::/48 maxlen: 48
2a13:9500:157::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:be:ed:2b:d6:b8:99:92:07:7e:e1:1d:e6:d3:23:d4:09:19:ce:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 24 13:44:42 2026 GMT
Not After : Mar 23 13:49:42 2027 GMT
Subject: CN=F8EF58C674CD4725C5FE3797AC6309EBC1E028F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c2:3b:71:70:c8:02:bb:73:f1:15:a8:9d:56:
75:68:80:64:ff:1c:cd:8c:e8:3f:f6:51:bf:35:63:
49:be:d7:84:fe:12:82:4b:3d:f5:ea:23:1e:85:d3:
99:2f:7f:3e:f9:38:d6:b9:0e:6e:a3:39:c4:29:d0:
09:11:0e:9f:b9:ca:f3:35:53:30:62:f6:42:ca:a7:
2f:44:60:45:72:ac:f3:57:9b:53:8b:53:2e:6f:f7:
c0:af:5c:0b:81:e3:8a:39:05:47:40:2f:fd:bd:9b:
18:58:d6:c7:5d:30:7a:64:d7:bf:f9:8b:12:9a:36:
ba:3a:f2:b3:fd:0d:7f:17:33:05:d2:62:5d:33:a3:
c4:94:30:a8:43:57:15:12:b0:d1:9c:6f:ec:2f:cf:
84:64:e2:95:ac:1e:40:a4:86:38:d7:19:a3:76:1d:
6b:21:23:98:39:58:9f:02:80:56:a4:ae:1e:03:8b:
82:62:ef:af:87:a4:e9:fb:a1:31:1f:b5:45:a0:8c:
3d:a2:8c:21:7d:87:c8:72:3e:c4:77:b8:28:d9:64:
cc:9b:a2:7f:39:65:d7:57:c0:c9:80:49:87:7e:4a:
14:4c:cf:14:86:a1:31:d2:53:32:23:11:1d:d0:8b:
1e:a0:ec:c6:d3:5f:11:8b:6d:6c:22:be:21:a1:a2:
4f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EF:58:C6:74:CD:47:25:C5:FE:37:97:AC:63:09:EB:C1:E0:28:F5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.22.145.0/24
82.24.76.0/24
82.24.100.0/24
82.26.154.0/24
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
82.39.223.0/24
82.41.200.0/24
84.75.96.0/19
178.83.112.0/22
IPv6:
2a13:9500:110::/48
2a13:9500:13a::/48
2a13:9500:157::/48
Signature Algorithm: sha256WithRSAEncryption
32:7d:cb:dd:4d:a0:0b:8a:ad:a1:56:e7:a3:77:e6:0a:b0:9a:
32:32:37:9b:b6:82:0c:0f:e3:0b:e6:2d:8e:f1:3f:2f:28:7b:
72:bd:c1:0a:2c:d0:86:bc:0a:9b:ac:67:d4:72:42:f5:44:85:
f7:d3:87:4b:fe:1c:58:fb:ba:88:68:8f:79:60:1d:33:75:93:
fd:39:68:de:31:24:e6:d4:e8:8b:21:fa:da:76:36:57:dd:0d:
68:29:ae:ae:0a:23:c4:b4:f6:58:0f:bf:20:c9:a1:11:ad:7a:
41:c1:e0:a6:5b:37:d3:cd:d4:29:80:e7:48:85:8e:80:42:7f:
a2:dd:d7:be:97:71:3e:12:9b:d5:b0:87:a6:0e:56:b9:bb:17:
f6:18:55:9a:54:b9:d0:e3:42:92:8a:4e:fe:7a:5d:c0:b6:73:
7c:46:3d:2c:40:7a:fa:99:df:f1:9e:89:0f:42:24:97:17:78:
bf:17:e6:c0:74:b0:39:87:63:8b:1d:c7:13:31:4a:de:e1:7e:
6e:57:57:91:e5:5c:86:83:71:82:d2:0e:ad:af:fa:cf:a4:33:
7c:de:d1:85:36:5c:19:40:24:37:63:69:52:f0:e0:a2:1d:a9:
9f:40:22:58:a3:e9:2a:b1:eb:25:a3:27:40:ab:86:16:35:b3:
04:71:f1:2c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUKb7tK9a4mZIHfuEd5tMj1AkZzmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjQxMzQ0NDJaFw0yNzAzMjMxMzQ5NDJaMDMxMTAvBgNV
BAMTKEY4RUY1OEM2NzRDRDQ3MjVDNUZFMzc5N0FDNjMwOUVCQzFFMDI4RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxwjtxcMgCu3PxFaidVnVogGT/
HM2M6D/2Ub81Y0m+14T+EoJLPfXqIx6F05kvfz75ONa5Dm6jOcQp0AkRDp+5yvM1
UzBi9kLKpy9EYEVyrPNXm1OLUy5v98CvXAuB44o5BUdAL/29mxhY1sddMHpk17/5
ixKaNro68rP9DX8XMwXSYl0zo8SUMKhDVxUSsNGcb+wvz4Rk4pWsHkCkhjjXGaN2
HWshI5g5WJ8CgFakrh4Di4Ji76+HpOn7oTEftUWgjD2ijCF9h8hyPsR3uCjZZMyb
on85ZddXwMmASYd+ShRMzxSGoTHSUzIjER3Qix6g7MbTXxGLbWwiviGhok9dAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU+O9YxnTNRyXF/jeXrGMJ68HgKPUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMGIEAgABMFwDBAJS
FRwDBABSFpEDBABSGEwDBABSGGQDBABSGpoDBABSGskDBABSHQAwDAMEAVIdAgME
AFIdBAMEAFIdZgMEAVIdaAMEAFIn3wMEAFIpyAMEBVRLYAMEArJTcDAhBAIAAjAb
AwcAKhOVAAEQAwcAKhOVAAE6AwcAKhOVAAFXMA0GCSqGSIb3DQEBCwUAA4IBAQAy
fcvdTaALiq2hVuejd+YKsJoyMjebtoIMD+ML5i2O8T8vKHtyvcEKLNCGvAqbrGfU
ckL1RIX304dL/hxY+7qIaI95YB0zdZP9OWjeMSTm1OiLIfradjZX3Q1oKa6uCiPE
tPZYD78gyaERrXpBweCmWzfTzdQpgOdIhY6AQn+i3de+l3E+EpvVsIemDla5uxf2
GFWaVLnQ40KSik7+el3AtnN8Rj0sQHr6md/xnokPQiSXF3i/F+bAdLA5h2OLHccT
MUre4X5uV1eR5VyGg3GC0g6tr/rPpDN83tGFNlwZQCQ3Y2lS8OCiHamfQCJYo+kq
sesloydAq4YWNbMEcfEs
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:09:45 2026 by rpki-client