Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: 6ZGY9jHLS2PSBab22FNwCFRm0TpADoUYS6dybfqIzzw=
Subject key identifier: A3:36:D2:27:89:62:00:3C:E6:00:6D:36:E9:FE:0E:7B:11:FF:9A:E7
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 694083E01513EC71FA4A2997E4A51EC9FE8696B3
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
Signing time: Mon 04 May 2026 07:07:44 +0000
ROA not before: Mon 04 May 2026 07:02:44 +0000
ROA not after: Mon 03 May 2027 07:07:44 +0000
asID: 16509
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.92.0/24 maxlen: 24
141.11.112.0/24 maxlen: 24
141.11.115.0/24 maxlen: 24
194.60.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:40:83:e0:15:13:ec:71:fa:4a:29:97:e4:a5:1e:c9:fe:86:96:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 4 07:02:44 2026 GMT
Not After : May 3 07:07:44 2027 GMT
Subject: CN=A336D2278962003CE6006D36E9FE0E7B11FF9AE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d4:f9:96:d8:c2:07:34:e7:e0:e2:4e:0c:c4:
6e:bd:67:e0:37:32:6f:4d:02:d5:67:ba:9b:9f:21:
25:d0:b2:72:5b:0b:8c:78:2c:9b:1c:13:15:b0:a5:
a0:60:cc:f5:33:5f:fb:9a:59:a0:14:d2:f5:ae:1c:
ec:e1:ec:5a:7d:75:76:ce:ad:77:3a:15:45:82:12:
e3:95:10:43:e2:e9:81:7e:98:85:f5:9a:16:8e:35:
88:f1:0d:bd:2a:8d:19:f8:42:0c:c0:a1:44:86:32:
d5:33:0d:57:3d:cb:f2:f6:b3:51:a2:f9:a7:f3:f6:
e0:e7:06:9f:09:8e:a7:ec:d1:90:48:ed:99:ca:8c:
c3:09:da:ab:1f:32:9c:b7:f4:7d:f3:76:3d:95:d1:
21:94:2e:ca:af:02:cc:44:83:7d:74:49:35:f7:94:
a3:5d:18:a2:6f:5a:37:00:ee:a7:eb:1f:7c:c6:2e:
e0:6f:cc:75:a2:4d:b2:ae:24:eb:db:8e:4c:2b:22:
01:9a:96:a2:5d:1c:69:69:ad:f0:5e:40:dd:03:bd:
df:2c:2d:26:61:97:af:bb:d1:41:4f:8e:d5:c0:25:
ff:a9:de:b0:3e:dd:a7:2b:03:9b:f9:26:ce:f2:b4:
c5:a9:87:0c:99:6b:6a:14:52:2b:6f:80:7d:29:59:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:36:D2:27:89:62:00:3C:E6:00:6D:36:E9:FE:0E:7B:11:FF:9A:E7
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.92.0/24
141.11.112.0/24
141.11.115.0/24
194.60.94.0/24
Signature Algorithm: sha256WithRSAEncryption
56:7a:0d:18:fb:4a:85:95:e1:61:54:b8:b9:25:a3:0b:03:45:
c5:33:f6:e9:88:60:76:9e:28:9b:e3:6d:16:0c:64:3c:04:13:
30:07:87:b0:81:96:d8:a5:e4:84:ed:98:e9:4a:2e:49:2b:b3:
49:2f:1c:9f:9c:41:9e:9e:04:41:99:fa:84:60:f5:19:a3:f0:
df:fc:43:f1:87:c6:42:14:3f:71:38:33:e7:71:c6:0e:75:e1:
be:73:a5:55:a7:89:40:d4:9e:fd:f8:9d:17:5b:d9:c8:d0:e0:
3d:0e:51:a5:18:58:cd:f0:3d:73:d7:e6:ae:f7:f9:a5:fa:5e:
56:ca:12:eb:40:d8:23:5e:28:69:57:2d:7e:b6:a8:fd:70:81:
f7:0f:47:c5:9a:38:ea:7a:3a:ea:8f:bb:c5:15:f7:08:2b:35:
f6:29:22:29:0d:75:25:05:33:17:9d:7b:82:9a:e2:96:7f:92:
eb:6f:8a:b2:6b:c2:03:1e:c3:8f:93:09:d8:ed:a5:af:79:f6:
85:79:11:08:da:6f:66:ee:44:14:0d:e1:45:54:69:7a:f6:3a:
42:6c:23:47:73:7b:19:ce:07:1d:14:e8:bc:1a:19:6b:53:61:
53:60:2e:31:81:9e:39:5e:13:de:fa:d8:0b:e5:f5:8a:32:34:
3b:1f:3b:70
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUaUCD4BUT7HH6SimX5KUeyf6GlrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA1MDQwNzAyNDRaFw0yNzA1MDMwNzA3NDRaMDMxMTAvBgNV
BAMTKEEzMzZEMjI3ODk2MjAwM0NFNjAwNkQzNkU5RkUwRTdCMTFGRjlBRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW1PmW2MIHNOfg4k4MxG69Z+A3
Mm9NAtVnupufISXQsnJbC4x4LJscExWwpaBgzPUzX/uaWaAU0vWuHOzh7Fp9dXbO
rXc6FUWCEuOVEEPi6YF+mIX1mhaONYjxDb0qjRn4QgzAoUSGMtUzDVc9y/L2s1Gi
+afz9uDnBp8Jjqfs0ZBI7ZnKjMMJ2qsfMpy39H3zdj2V0SGULsqvAsxEg310STX3
lKNdGKJvWjcA7qfrH3zGLuBvzHWiTbKuJOvbjkwrIgGalqJdHGlprfBeQN0Dvd8s
LSZhl6+70UFPjtXAJf+p3rA+3acrA5v5Js7ytMWphwyZa2oUUitvgH0pWb9PAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUozbSJ4liADzmAG026f4OexH/mucwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAKNCwwD
BACNC1wDBACNC3ADBACNC3MDBADCPF4wDQYJKoZIhvcNAQELBQADggEBAFZ6DRj7
SoWV4WFUuLklowsDRcUz9umIYHaeKJvjbRYMZDwEEzAHh7CBltil5ITtmOlKLkkr
s0kvHJ+cQZ6eBEGZ+oRg9Rmj8N/8Q/GHxkIUP3E4M+dxxg514b5zpVWniUDUnv34
nRdb2cjQ4D0OUaUYWM3wPXPX5q73+aX6XlbKEutA2CNeKGlXLX62qP1wgfcPR8Wa
OOp6OuqPu8UV9wgrNfYpIikNdSUFMxede4Ka4pZ/kutvirJrwgMew4+TCdjtpa95
9oV5EQjab2buRBQN4UVUaXr2OkJsI0dzexnOBx0U6LwaGWtTYVNgLjGBnjleE976
2Avl9YoyNDsfO3A=
-----END CERTIFICATE-----
Generated at Wed May 13 04:42:42 2026 by rpki-client