Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: /fF8ZjEa3GLAj3uCv2aiCdHDDVe0iRHsrfHIA+AnRGs=
Subject key identifier: 4D:5D:8A:17:51:05:5A:72:47:CA:E6:B8:A9:6A:8A:70:D7:AA:EF:A4
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4875493BEF02942FA75DE144F7663B4C4146294D
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
Signing time: Wed 18 Mar 2026 05:14:02 +0000
ROA not before: Wed 18 Mar 2026 05:09:02 +0000
ROA not after: Wed 17 Mar 2027 05:14:02 +0000
asID: 16509
IP address blocks: 45.149.101.0/24 maxlen: 24
45.155.17.0/24 maxlen: 24
192.166.114.0/24 maxlen: 24
193.164.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:03:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:75:49:3b:ef:02:94:2f:a7:5d:e1:44:f7:66:3b:4c:41:46:29:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Mar 18 05:09:02 2026 GMT
Not After : Mar 17 05:14:02 2027 GMT
Subject: CN=4D5D8A1751055A7247CAE6B8A96A8A70D7AAEFA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:97:34:17:ea:3c:03:37:f9:5a:7f:32:0c:
5c:cf:8b:6c:23:0a:c0:a7:da:5f:4b:5f:7d:2a:c3:
44:65:2d:7a:ba:61:c3:8d:35:5a:68:c4:f1:2d:f7:
0d:22:31:01:aa:37:cd:30:fb:d2:85:9c:ce:78:e1:
58:d7:fd:11:a7:9f:eb:bf:a7:c6:95:ef:7c:14:c6:
50:e0:ba:bb:9c:80:ac:c7:b2:7c:77:01:c5:83:18:
14:64:45:fe:10:34:72:ee:58:ef:1b:c2:ea:84:67:
c2:f0:c6:ab:b7:24:f2:ee:54:c0:6b:9a:ee:62:5d:
27:97:80:7e:46:a5:19:d5:7e:77:a9:9c:1c:fb:70:
3d:2e:fb:29:a5:01:48:be:ff:19:64:91:07:4b:e5:
13:a0:81:de:c1:7c:5c:ed:d8:51:76:fc:da:3b:b3:
6c:0f:b9:f6:ad:dc:d2:85:25:bb:51:16:c5:99:d3:
93:1d:dc:da:a2:ae:47:dd:cb:9a:03:0f:d0:81:6e:
ce:5a:35:39:69:8c:91:84:69:ad:5f:0e:44:a1:91:
c7:5d:08:2d:c6:7c:84:fa:09:d2:76:f0:d3:bb:7a:
cf:23:57:c1:96:c2:3c:da:71:cc:77:ea:74:30:fe:
86:97:4a:d0:46:cb:22:aa:da:0d:c4:ce:dc:76:58:
3b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5D:8A:17:51:05:5A:72:47:CA:E6:B8:A9:6A:8A:70:D7:AA:EF:A4
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.101.0/24
45.155.17.0/24
192.166.114.0/24
193.164.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:25:4b:38:fa:1c:39:65:13:a1:9b:c8:68:51:c5:64:a4:d4:
af:58:63:c6:e6:34:b3:25:8e:72:0b:cb:78:23:4d:45:0f:ce:
97:91:f6:d7:04:3e:80:ad:f2:38:c5:b6:0b:2f:06:f5:51:99:
86:11:62:0a:bb:33:9d:62:7b:c8:d7:cf:8c:92:9b:e3:db:3a:
77:52:42:2c:c6:6c:11:b4:c5:74:6c:d7:5e:26:b4:72:4d:d3:
37:95:1a:67:db:e0:82:e9:5e:15:09:17:f0:9b:7c:49:79:36:
05:b3:f5:2b:6a:a7:76:81:ca:54:c5:91:40:64:17:c2:55:fb:
a8:91:69:55:38:87:03:a1:33:d3:8f:76:71:7a:1e:0f:99:b9:
23:ac:22:24:d2:49:6a:8d:4b:39:a6:cd:f7:f4:99:3e:26:f4:
ec:c1:bb:9c:3e:63:3e:c1:5a:a0:b9:6e:91:00:a8:3d:af:38:
92:50:a9:30:93:c4:e0:f5:45:69:d9:22:dd:d4:fc:4c:01:5e:
8c:a9:91:1d:df:0d:0a:45:9f:41:5b:33:44:57:51:73:fc:1e:
06:89:bc:e9:1d:5d:2d:24:4a:b0:e6:4d:7d:f8:6f:cf:0c:a2:
0a:4f:86:40:54:50:70:54:a9:57:e4:97:bd:b5:92:2b:91:00:
65:2f:06:02
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUSHVJO+8ClC+nXeFE92Y7TEFGKU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNjAzMTgwNTA5MDJaFw0yNzAzMTcwNTE0MDJaMDMxMTAvBgNV
BAMTKDRENUQ4QTE3NTEwNTVBNzI0N0NBRTZCOEE5NkE4QTcwRDdBQUVGQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqw5c0F+o8Azf5Wn8yDFzPi2wj
CsCn2l9LX30qw0RlLXq6YcONNVpoxPEt9w0iMQGqN80w+9KFnM544VjX/RGnn+u/
p8aV73wUxlDgurucgKzHsnx3AcWDGBRkRf4QNHLuWO8bwuqEZ8Lwxqu3JPLuVMBr
mu5iXSeXgH5GpRnVfnepnBz7cD0u+ymlAUi+/xlkkQdL5ROggd7BfFzt2FF2/No7
s2wPufat3NKFJbtRFsWZ05Md3Nqirkfdy5oDD9CBbs5aNTlpjJGEaa1fDkShkcdd
CC3GfIT6CdJ28NO7es8jV8GWwjzaccx36nQw/oaXStBGyyKq2g3Eztx2WDsTAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUTV2KF1EFWnJHyua4qWqKcNeq76QwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAtlWUD
BAAtmxEDBADApnIDBADBpAowDQYJKoZIhvcNAQELBQADggEBAEslSzj6HDllE6Gb
yGhRxWSk1K9YY8bmNLMljnILy3gjTUUPzpeR9tcEPoCt8jjFtgsvBvVRmYYRYgq7
M51ie8jXz4ySm+PbOndSQizGbBG0xXRs114mtHJN0zeVGmfb4ILpXhUJF/CbfEl5
NgWz9Stqp3aBylTFkUBkF8JV+6iRaVU4hwOhM9OPdnF6Hg+ZuSOsIiTSSWqNSzmm
zff0mT4m9OzBu5w+Yz7BWqC5bpEAqD2vOJJQqTCTxOD1RWnZIt3U/EwBXoypkR3f
DQpFn0FbM0RXUXP8HgaJvOkdXS0kSrDmTX34b88MogpPhkBUUHBUqVfkl721kiuR
AGUvBgI=
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:09:14 2026 by rpki-client