Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: SWehq+odCsiCQsUmgfN//6rSg2OcPskogllydOO3YWg=
Subject key identifier: 8E:1D:71:14:7F:71:65:FE:50:00:4A:F9:71:CB:09:3F:17:F1:64:A8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7837EAF29EDE323843184CCFB5376EB4D637C6D8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Wed 25 Jun 2025 00:02:08 +0000
ROA not before: Tue 24 Jun 2025 23:57:08 +0000
ROA not after: Wed 24 Jun 2026 00:02:08 +0000
asID: 16509
IP address blocks: 91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:37:ea:f2:9e:de:32:38:43:18:4c:cf:b5:37:6e:b4:d6:37:c6:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 24 23:57:08 2025 GMT
Not After : Jun 24 00:02:08 2026 GMT
Subject: CN=8E1D71147F7165FE50004AF971CB093F17F164A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:57:0b:b5:93:5d:9b:43:26:a0:82:d9:e7:bc:
f1:23:c3:62:48:e5:f0:98:a5:e6:c1:ec:3e:be:bd:
d0:f0:65:09:a4:62:d8:0f:a3:26:63:04:6a:8a:24:
bf:f6:03:98:01:ac:1e:d4:d8:8e:cf:b3:b5:a1:c2:
b6:61:00:cb:59:74:de:b9:46:68:6b:9c:ae:dc:bb:
cb:43:c8:6a:fe:fa:c1:b5:86:c9:e4:0f:b2:64:04:
7e:23:5f:1f:74:d0:d6:a5:e9:9e:17:aa:04:82:e2:
e7:78:9e:e2:84:04:58:bb:f4:92:72:9f:7b:1d:fb:
d8:76:82:83:a6:db:1d:5b:b5:4f:42:60:98:12:eb:
fe:11:5e:6b:8c:20:38:a6:b9:fc:73:8d:14:e5:30:
76:6c:1f:aa:b6:d4:ff:fc:ee:7f:23:58:82:27:7c:
53:e6:85:9e:0c:e0:c7:0d:f7:bf:74:23:f4:68:73:
9f:19:f9:7d:8d:e6:d0:3a:33:87:db:58:3e:b0:ca:
99:d9:2f:c5:b1:0c:55:60:f9:3e:2f:a4:f4:23:d7:
3c:c2:1b:0f:3e:4f:0a:f3:81:a1:13:92:ec:1e:f5:
5f:92:ab:51:9a:01:b2:55:b2:be:f0:1a:51:c7:d2:
57:77:24:55:2b:dc:25:aa:56:ae:3f:3a:97:50:2d:
52:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1D:71:14:7F:71:65:FE:50:00:4A:F9:71:CB:09:3F:17:F1:64:A8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
Signature Algorithm: sha256WithRSAEncryption
94:0e:b3:09:9a:ce:05:52:3a:33:5a:21:79:f1:b2:c9:ae:e0:
9d:5f:61:63:bf:45:86:99:df:c1:7d:98:b1:4e:8e:8c:41:c9:
c6:e5:48:61:c2:66:68:32:26:ce:c2:a0:20:5a:2d:6c:00:6b:
04:77:83:50:87:88:4f:a3:c0:ba:77:40:63:08:11:f3:ce:99:
b3:ab:b0:68:42:22:2d:73:af:86:34:30:25:07:65:95:a8:97:
80:94:3d:10:ae:7f:ed:71:c7:11:46:68:30:7f:ec:5c:45:35:
41:33:95:84:da:b8:5c:e8:23:8d:5a:53:82:ca:db:44:2a:80:
0c:be:23:86:bd:f8:f8:55:47:c6:37:c2:26:a1:ea:03:03:86:
3d:49:c7:50:e4:36:db:21:01:21:da:27:b0:77:a8:65:2e:b6:
cd:d0:6a:12:ba:4b:c7:2c:4d:71:a6:34:e1:10:bb:5c:b3:fd:
24:df:f2:d0:82:ad:ad:d5:de:52:09:8c:7e:20:e6:2a:29:e1:
39:3c:4b:10:8f:9c:45:3a:fe:8e:fa:00:6a:40:2e:da:38:76:
4b:b4:6b:f2:6a:00:4a:1b:af:27:96:38:d8:3f:60:1f:47:fc:
f3:de:56:c0:06:71:57:74:36:8e:b0:fc:db:ea:a5:50:27:24:
e0:7e:9f:05
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeDfq8p7eMjhDGEzPtTdutNY3xtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjQyMzU3MDhaFw0yNjA2MjQwMDAyMDhaMDMxMTAvBgNV
BAMTKDhFMUQ3MTE0N0Y3MTY1RkU1MDAwNEFGOTcxQ0IwOTNGMTdGMTY0QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Vwu1k12bQyaggtnnvPEjw2JI
5fCYpebB7D6+vdDwZQmkYtgPoyZjBGqKJL/2A5gBrB7U2I7Ps7WhwrZhAMtZdN65
RmhrnK7cu8tDyGr++sG1hsnkD7JkBH4jXx900Nal6Z4XqgSC4ud4nuKEBFi79JJy
n3sd+9h2goOm2x1btU9CYJgS6/4RXmuMIDimufxzjRTlMHZsH6q21P/87n8jWIIn
fFPmhZ4M4McN9790I/Roc58Z+X2N5tA6M4fbWD6wypnZL8WxDFVg+T4vpPQj1zzC
Gw8+TwrzgaETkuwe9V+Sq1GaAbJVsr7wGlHH0ld3JFUr3CWqVq4/OpdQLVJJAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUjh1xFH9xZf5QAEr5ccsJPxfxZKgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBABbfIMD
BABbfIUDBABbfNkDBABccDMDBABccD0DBABccD8DBAFccEowDAMEAFxxMQMEAVxx
NDANBgkqhkiG9w0BAQsFAAOCAQEAlA6zCZrOBVI6M1ohefGyya7gnV9hY79Fhpnf
wX2YsU6OjEHJxuVIYcJmaDImzsKgIFotbABrBHeDUIeIT6PAundAYwgR886Zs6uw
aEIiLXOvhjQwJQdllaiXgJQ9EK5/7XHHEUZoMH/sXEU1QTOVhNq4XOgjjVpTgsrb
RCqADL4jhr34+FVHxjfCJqHqAwOGPUnHUOQ22yEBIdonsHeoZS62zdBqErpLxyxN
caY04RC7XLP9JN/y0IKtrdXeUgmMfiDmKinhOTxLEI+cRTr+jvoAakAu2jh2S7Rr
8moAShuvJ5Y42D9gH0f8895WwAZxV3Q2jrD82+qlUCck4H6fBQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:04 2025 by rpki-client