Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: eD1YSCj5ffKwx5B9QtgDfi9vAA+oTY2DcvxZdx+nwTc=
Subject key identifier: 01:AC:6E:0B:C3:2D:68:08:CC:1D:DD:26:82:2D:23:FC:FF:5B:BE:D4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0D8366F472081F339521CEEF2643419FA0D6E151
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Fri 22 Aug 2025 00:06:39 +0000
ROA not before: Fri 22 Aug 2025 00:01:39 +0000
ROA not after: Fri 21 Aug 2026 00:06:39 +0000
asID: 16509
IP address blocks: 91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:83:66:f4:72:08:1f:33:95:21:ce:ef:26:43:41:9f:a0:d6:e1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Aug 22 00:01:39 2025 GMT
Not After : Aug 21 00:06:39 2026 GMT
Subject: CN=01AC6E0BC32D6808CC1DDD26822D23FCFF5BBED4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:76:7c:f0:f5:e8:68:85:66:cd:49:95:5b:e6:
13:77:0f:34:f3:f0:1c:97:21:94:6c:90:58:f7:23:
b1:ed:21:e0:a7:d2:49:59:e7:71:9d:31:7f:2b:65:
d3:c3:08:78:19:a8:2f:de:22:33:c9:41:fa:7d:80:
10:17:64:e0:a7:49:be:65:c0:2b:70:3d:cb:ed:fc:
96:70:99:a1:9c:ee:f8:f7:a0:0d:fe:18:08:ed:78:
c6:14:9e:0f:2a:75:19:e8:a6:2c:0a:a3:bb:4c:d5:
68:7d:84:30:25:c6:5d:0c:3c:c7:99:f1:45:ce:60:
e4:8a:5c:fe:56:d0:29:97:fa:bb:6a:53:e8:76:dc:
a8:21:5e:76:52:ad:bd:be:09:06:b7:fc:01:07:1c:
3e:88:4a:f4:96:40:a1:e9:d9:15:3b:14:83:9a:e3:
47:6b:40:86:07:f3:a8:21:c7:d0:4d:5f:27:54:b9:
94:62:6f:d9:43:a9:73:da:9a:93:40:80:23:e4:29:
e1:c7:82:07:c9:51:97:c0:16:2d:7c:f1:3b:9a:85:
dc:54:a7:ca:ab:e1:a2:02:e6:04:20:92:f3:37:ac:
62:54:56:b2:ea:b1:31:0b:44:74:ef:6b:34:1b:6f:
85:9b:52:d7:c0:f9:26:c5:82:5d:5d:2b:7e:f6:3d:
2a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:AC:6E:0B:C3:2D:68:08:CC:1D:DD:26:82:2D:23:FC:FF:5B:BE:D4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
Signature Algorithm: sha256WithRSAEncryption
3d:ef:59:51:51:d4:a0:ba:75:1f:e4:4a:35:54:f9:5c:3a:71:
94:1b:b4:3f:9a:ba:3b:8d:de:94:ce:68:c8:38:be:ae:56:86:
57:a1:ab:b8:ce:36:f2:6a:b3:f3:ca:b3:19:e1:d7:ac:bd:ec:
2f:25:94:53:8f:16:eb:c7:f9:41:74:59:7c:73:df:c4:b5:9a:
ae:89:7a:7c:ca:29:67:db:1e:b1:d6:7e:4e:85:df:ea:a0:bb:
a2:df:d2:90:9f:32:f9:fc:28:22:91:f6:d0:6a:45:db:19:c0:
aa:19:3b:cc:6e:63:df:4e:98:49:72:37:a5:46:37:e0:bf:35:
31:01:1f:3b:db:7a:b8:b5:a4:b7:d4:a2:f2:9d:0b:a3:55:a5:
4d:36:e5:af:9e:27:c9:a0:5d:f1:02:95:35:21:0c:7a:09:97:
a9:97:e7:d9:83:58:b8:ea:ff:8e:26:ba:e7:44:ca:0b:7a:78:
0b:3b:9a:de:ec:d9:52:a8:8d:b0:d8:ac:9b:9e:38:24:49:e1:
6f:93:0b:44:e2:a1:9b:8b:4c:d7:74:2a:85:8e:b2:10:cb:24:
d6:99:63:b5:1e:e6:16:8b:7d:1f:47:c6:a3:7c:6a:ac:ff:9d:
23:f3:f9:a7:bf:22:2a:9b:0a:a1:f1:6f:7d:81:bc:ae:8c:57:
bb:a0:d9:a8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUDYNm9HIIHzOVIc7vJkNBn6DW4VEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjIwMDAxMzlaFw0yNjA4MjEwMDA2MzlaMDMxMTAvBgNV
BAMTKDAxQUM2RTBCQzMyRDY4MDhDQzFEREQyNjgyMkQyM0ZDRkY1QkJFRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFdnzw9ehohWbNSZVb5hN3DzTz
8ByXIZRskFj3I7HtIeCn0klZ53GdMX8rZdPDCHgZqC/eIjPJQfp9gBAXZOCnSb5l
wCtwPcvt/JZwmaGc7vj3oA3+GAjteMYUng8qdRnopiwKo7tM1Wh9hDAlxl0MPMeZ
8UXOYOSKXP5W0CmX+rtqU+h23KghXnZSrb2+CQa3/AEHHD6ISvSWQKHp2RU7FIOa
40drQIYH86ghx9BNXydUuZRib9lDqXPampNAgCPkKeHHggfJUZfAFi188TuahdxU
p8qr4aIC5gQgkvM3rGJUVrLqsTELRHTvazQbb4WbUtfA+SbFgl1dK372PSpzAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUAaxuC8MtaAjMHd0mgi0j/P9bvtQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBABbfIMD
BABbfIUDBABbfNkDBABccDMDBAFccEowDAMEAFxxMQMEAVxxNDANBgkqhkiG9w0B
AQsFAAOCAQEAPe9ZUVHUoLp1H+RKNVT5XDpxlBu0P5q6O43elM5oyDi+rlaGV6Gr
uM428mqz88qzGeHXrL3sLyWUU48W68f5QXRZfHPfxLWarol6fMopZ9sesdZ+ToXf
6qC7ot/SkJ8y+fwoIpH20GpF2xnAqhk7zG5j306YSXI3pUY34L81MQEfO9t6uLWk
t9Si8p0Lo1WlTTblr54nyaBd8QKVNSEMegmXqZfn2YNYuOr/jia650TKC3p4Czua
3uzZUqiNsNism544JEnhb5MLROKhm4tM13QqhY6yEMsk1pljtR7mFot9H0fGo3xq
rP+dI/P5p78iKpsKofFvfYG8roxXu6DZqA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:06 2025 by rpki-client