Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: kHrij5BjqfmkAGzkYN01QncWQelOeGxchQbYBR5pB2g=
Subject key identifier: 0E:81:79:1D:62:99:1B:BA:2F:20:5E:AF:5F:E0:29:3D:D4:F8:7B:68
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78E78D8C67FB07779E5DFBFC89543D03A16AED44
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
Signing time: Wed 12 Mar 2025 11:25:58 +0000
ROA not before: Wed 12 Mar 2025 11:20:58 +0000
ROA not after: Wed 11 Mar 2026 11:25:58 +0000
asID: 16509
IP address blocks: 82.21.28.0/22 maxlen: 24
82.21.195.0/24 maxlen: 24
82.25.56.0/21 maxlen: 21
82.26.201.0/24 maxlen: 24
82.29.0.0/24 maxlen: 24
82.29.2.0/24 maxlen: 24
82.29.3.0/24 maxlen: 24
82.29.4.0/24 maxlen: 24
82.29.102.0/24 maxlen: 24
82.29.104.0/24 maxlen: 24
82.29.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:e7:8d:8c:67:fb:07:77:9e:5d:fb:fc:89:54:3d:03:a1:6a:ed:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 12 11:20:58 2025 GMT
Not After : Mar 11 11:25:58 2026 GMT
Subject: CN=0E81791D62991BBA2F205EAF5FE0293DD4F87B68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:57:74:fc:5a:2e:4e:b7:31:b5:62:9e:da:a9:
4f:c6:8a:a5:c6:ef:ba:a3:c2:bb:19:2f:67:7d:15:
a5:dd:10:fa:89:ca:54:2e:60:69:65:4f:dd:4c:53:
47:75:69:af:f2:96:ef:07:ff:d4:93:8f:23:0a:f9:
04:7a:fa:19:96:0c:55:3e:8b:c3:88:3e:dd:70:e5:
01:05:73:f7:c5:ec:62:d9:ca:eb:f2:fb:8c:2f:c2:
45:a9:35:e2:5c:f3:22:00:74:2e:ab:b9:0c:1a:9d:
7e:db:2e:d1:c2:c3:2a:49:c3:0d:94:f1:f1:6d:a8:
b7:45:4f:0e:77:20:b9:1d:64:ef:8a:32:a8:7a:b2:
43:fc:8e:58:35:65:59:82:53:da:88:22:aa:7c:86:
38:d9:27:94:08:bb:91:09:33:35:f4:7f:cf:21:d9:
b1:18:9b:47:f0:ec:12:af:69:cf:2c:54:5f:61:4c:
90:d0:b0:a3:a5:3f:d1:e7:bc:d4:bb:e7:24:7d:6d:
ec:37:b5:0a:7e:62:a1:aa:b3:55:64:84:5d:95:f2:
dc:57:97:f8:85:bd:e8:5e:9d:22:0a:c5:2c:27:e3:
a9:de:d1:37:1e:89:f4:9a:02:97:1b:87:e5:1f:b9:
52:02:48:85:5d:65:de:57:d4:59:b0:6c:73:66:3c:
c3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:81:79:1D:62:99:1B:BA:2F:20:5E:AF:5F:E0:29:3D:D4:F8:7B:68
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/22
82.21.195.0/24
82.25.56.0/21
82.26.201.0/24
82.29.0.0/24
82.29.2.0-82.29.4.255
82.29.102.0/24
82.29.104.0/23
Signature Algorithm: sha256WithRSAEncryption
60:a5:10:91:19:82:14:d6:77:8c:7c:22:be:e0:6a:47:ee:e1:
fc:f0:d9:95:f3:50:3c:0d:1a:a3:66:54:b6:e0:92:66:ec:8e:
a8:1f:6f:e4:ac:5f:0b:6d:03:76:9f:63:c3:d8:c5:ab:19:79:
3f:5e:04:fb:ca:8f:a7:39:b6:de:6d:4b:84:89:8c:fe:ef:fd:
27:a5:2b:81:4d:86:6b:52:b6:f1:1d:f9:db:a4:3c:bf:6b:25:
1d:15:ff:18:24:24:84:fe:b1:4e:05:88:98:ed:76:7e:13:3a:
1f:c8:a4:39:5a:04:2b:3f:7e:9b:18:1c:a1:b3:06:1d:21:07:
37:15:b7:c1:b5:0e:2c:6c:dc:c2:1d:f0:43:93:0e:73:75:2b:
98:f4:87:ef:00:0e:54:ca:2a:0c:76:91:87:e7:3c:89:ab:f3:
4b:75:92:16:81:68:3a:26:7f:b1:ad:b9:c0:7c:a3:2e:20:55:
65:5a:2d:4f:14:51:63:35:b3:3f:98:49:42:ef:e8:66:6d:3c:
95:94:28:f2:8b:3f:05:18:d7:58:9f:75:48:b7:29:71:52:4a:
d8:7e:d9:f3:8a:c0:05:53:4e:2b:7c:3c:79:6f:61:57:e4:f2:
6d:49:1c:97:1f:c1:f7:d7:60:81:45:5c:fd:42:0f:5a:af:ee:
1f:3c:1c:56
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeOeNjGf7B3eeXfv8iVQ9A6Fq7UQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTIxMTIwNThaFw0yNjAzMTExMTI1NThaMDMxMTAvBgNV
BAMTKDBFODE3OTFENjI5OTFCQkEyRjIwNUVBRjVGRTAyOTNERDRGODdCNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNV3T8Wi5OtzG1Yp7aqU/GiqXG
77qjwrsZL2d9FaXdEPqJylQuYGllT91MU0d1aa/ylu8H/9STjyMK+QR6+hmWDFU+
i8OIPt1w5QEFc/fF7GLZyuvy+4wvwkWpNeJc8yIAdC6ruQwanX7bLtHCwypJww2U
8fFtqLdFTw53ILkdZO+KMqh6skP8jlg1ZVmCU9qIIqp8hjjZJ5QIu5EJMzX0f88h
2bEYm0fw7BKvac8sVF9hTJDQsKOlP9HnvNS75yR9bew3tQp+YqGqs1VkhF2V8txX
l/iFvehenSIKxSwn46ne0TceifSaApcbh+UfuVICSIVdZd5X1FmwbHNmPMOVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUDoF5HWKZG7ovIF6vX+ApPdT4e2gwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBAJSFRwD
BABSFcMDBANSGTgDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFIdZgMEAVId
aDANBgkqhkiG9w0BAQsFAAOCAQEAYKUQkRmCFNZ3jHwivuBqR+7h/PDZlfNQPA0a
o2ZUtuCSZuyOqB9v5KxfC20Ddp9jw9jFqxl5P14E+8qPpzm23m1LhImM/u/9J6Ur
gU2Ga1K28R3526Q8v2slHRX/GCQkhP6xTgWImO12fhM6H8ikOVoEKz9+mxgcobMG
HSEHNxW3wbUOLGzcwh3wQ5MOc3UrmPSH7wAOVMoqDHaRh+c8iavzS3WSFoFoOiZ/
sa25wHyjLiBVZVotTxRRYzWzP5hJQu/oZm08lZQo8os/BRjXWJ91SLcpcVJK2H7Z
84rABVNOK3w8eW9hV+TybUkclx/B99dggUVc/UIPWq/uHzwcVg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:27 2025 by rpki-client on console.sobornost.net