Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: aLydIGGPg2hF072gKczlOvGYHVXUvAdLsCPmD/Pg3zM=
Subject key identifier: 19:B1:5C:01:5D:7E:0B:3D:04:D8:66:CF:3F:79:F2:D0:C9:12:CF:A2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4FFC1504CDBC2447D29B57AF1642A815DFD2A00E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Sat 02 May 2026 16:27:04 +0000
ROA not before: Sat 02 May 2026 16:22:04 +0000
ROA not after: Sat 01 May 2027 16:27:04 +0000
asID: 16509
IP address blocks: 91.124.34.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
92.113.100.0/24 maxlen: 24
95.135.202.0/24 maxlen: 24
178.92.101.0/24 maxlen: 24
178.95.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:fc:15:04:cd:bc:24:47:d2:9b:57:af:16:42:a8:15:df:d2:a0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 2 16:22:04 2026 GMT
Not After : May 1 16:27:04 2027 GMT
Subject: CN=19B15C015D7E0B3D04D866CF3F79F2D0C912CFA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:62:d7:cc:95:b3:9c:48:56:db:30:bf:e4:
cb:63:e2:0f:e6:57:b8:55:44:fe:5d:1a:2e:a9:a7:
39:0d:50:d2:cd:47:1f:11:af:33:da:31:d4:e4:7c:
cc:b5:9b:97:1b:a8:5c:2a:1a:27:2d:0a:6c:15:60:
fc:c6:3e:ca:4f:51:13:9a:ca:15:ba:04:c4:66:f4:
9c:73:08:fd:d2:34:96:be:ef:39:1f:25:a1:61:04:
6d:9b:77:b2:ea:02:62:38:50:87:fc:2f:db:cc:2b:
4c:5f:27:4d:63:0a:27:f2:04:46:4b:8a:e8:6f:94:
54:d9:66:25:b0:fb:d8:be:2d:71:0a:8e:4d:70:13:
bb:57:eb:33:7b:ae:4a:33:d0:9d:60:ac:0c:70:9f:
b1:c4:1d:71:ff:ba:e4:69:d3:11:09:7a:8d:dd:9a:
48:f0:b5:d8:42:d8:75:b1:9b:6d:d0:15:24:74:ea:
88:bf:0d:bd:54:93:59:6c:0c:c7:be:f7:62:7e:d9:
8f:74:a8:4e:9b:a7:de:14:29:57:b6:da:4f:13:84:
b1:a9:eb:03:e5:49:c2:db:90:aa:7a:07:20:90:e4:
91:48:29:f8:a3:ae:7d:41:0e:b9:9d:30:8b:0c:98:
93:37:76:b9:fe:14:0a:21:a9:5d:7d:4b:8b:6b:28:
70:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B1:5C:01:5D:7E:0B:3D:04:D8:66:CF:3F:79:F2:D0:C9:12:CF:A2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.34.0/24
91.124.38.0/24
91.124.42.0/24
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.58.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
92.113.100.0/24
95.135.202.0/24
178.92.101.0/24
178.95.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:ef:81:b7:37:2d:77:86:c4:d2:4d:0c:82:64:d0:f8:b7:d2:
12:b3:48:67:da:1e:07:a1:99:18:93:a6:19:4b:9e:2e:cf:e3:
6e:d1:bc:d6:fa:c6:52:80:f9:33:e0:78:1b:65:01:4b:c6:8c:
19:5f:ff:cb:f4:cf:2f:b3:a1:9b:79:ee:3d:5d:53:a0:94:a7:
ca:0f:20:85:bd:81:05:2a:1b:a6:03:fe:57:52:96:23:ef:5c:
b2:b7:1b:8e:ef:0d:08:60:1c:5a:05:49:de:7c:e1:50:7a:e1:
f5:f3:78:77:4a:ef:fe:20:5d:d0:7b:cd:23:31:1b:ba:9b:15:
ae:04:44:a4:fc:8e:51:e1:ec:f0:1e:67:7b:7a:58:6c:36:32:
20:d7:7c:63:48:c0:10:68:72:0a:a7:b3:58:f7:21:1b:f8:8f:
b4:11:87:d9:4f:87:c7:a5:8e:54:ad:d6:3a:b5:3d:80:b1:5e:
78:91:40:cb:f1:f1:f2:85:a8:f5:fd:1a:38:db:99:e9:51:76:
a8:16:be:be:4c:fc:27:56:ad:2e:e3:15:c8:27:bb:2f:74:7f:
3e:6c:ab:65:62:ed:9a:42:c9:1f:fb:c2:77:e5:95:cb:aa:f6:
7b:81:12:bc:17:61:4b:68:b4:83:22:9c:f7:1c:e3:59:a0:cb:
1f:f6:72:0a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUT/wVBM28JEfSm1evFkKoFd/SoA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDIxNjIyMDRaFw0yNzA1MDExNjI3MDRaMDMxMTAvBgNV
BAMTKDE5QjE1QzAxNUQ3RTBCM0QwNEQ4NjZDRjNGNzlGMkQwQzkxMkNGQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb4GLXzJWznEhW2zC/5Mtj4g/m
V7hVRP5dGi6ppzkNUNLNRx8RrzPaMdTkfMy1m5cbqFwqGictCmwVYPzGPspPUROa
yhW6BMRm9JxzCP3SNJa+7zkfJaFhBG2bd7LqAmI4UIf8L9vMK0xfJ01jCifyBEZL
iuhvlFTZZiWw+9i+LXEKjk1wE7tX6zN7rkoz0J1grAxwn7HEHXH/uuRp0xEJeo3d
mkjwtdhC2HWxm23QFSR06oi/Db1Uk1lsDMe+92J+2Y90qE6bp94UKVe22k8ThLGp
6wPlScLbkKp6ByCQ5JFIKfijrn1BDrmdMIsMmJM3drn+FAohqV19S4trKHDnAgMB
AAGjggJsMIICaDAdBgNVHQ4EFgQUGbFcAV1+Cz0E2GbPP3ny0MkSz6IwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYEGCCsGAQUFBwEHAQH/BHIwcDBuBAIAATBoAwQAW3wi
AwQAW3wmAwQAW3wqAwQAW3yDAwQAW3yFAwQAW3zZAwQAXHAzAwQAXHA6AwQAXHA9
AwQAXHA/AwQBXHBKMAwDBABccTEDBAFccTQDBABccWQDBABfh8oDBACyXGUDBAKy
XzAwDQYJKoZIhvcNAQELBQADggEBAJvvgbc3LXeGxNJNDIJk0Pi30hKzSGfaHgeh
mRiTphlLni7P427RvNb6xlKA+TPgeBtlAUvGjBlf/8v0zy+zoZt57j1dU6CUp8oP
IIW9gQUqG6YD/ldSliPvXLK3G47vDQhgHFoFSd584VB64fXzeHdK7/4gXdB7zSMx
G7qbFa4ERKT8jlHh7PAeZ3t6WGw2MiDXfGNIwBBocgqns1j3IRv4j7QRh9lPh8el
jlSt1jq1PYCxXniRQMvx8fKFqPX9GjjbmelRdqgWvr5M/CdWrS7jFcgnuy90fz5s
q2Vi7ZpCyR/7wnfllcuq9nuBErwXYUtotIMinPcc41mgyx/2cgo=
-----END CERTIFICATE-----
Generated at Wed May 13 01:28:14 2026 by rpki-client