Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: 3NDrP8xX8xPWFqy4r5U+kVRy1gqIfXDEXQqqfNb6Nt8=
Subject key identifier: 4A:C5:50:E4:0F:FF:6A:06:6D:F1:FC:F2:37:B7:E4:F2:7E:96:64:E0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 45A8A3B7DDF99AE50AAFC14C2DE38758CD9412EB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
Signing time: Sat 05 Apr 2025 00:01:55 +0000
ROA not before: Fri 04 Apr 2025 23:56:55 +0000
ROA not after: Sat 04 Apr 2026 00:01:55 +0000
asID: 16509
IP address blocks: 91.124.131.0/24 maxlen: 24
91.124.133.0/24 maxlen: 24
91.124.217.0/24 maxlen: 24
92.112.51.0/24 maxlen: 24
92.112.61.0/24 maxlen: 24
92.112.63.0/24 maxlen: 24
92.112.74.0/24 maxlen: 24
92.112.75.0/24 maxlen: 24
92.113.49.0/24 maxlen: 24
92.113.50.0/24 maxlen: 24
92.113.51.0/24 maxlen: 24
92.113.52.0/24 maxlen: 24
92.113.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:a8:a3:b7:dd:f9:9a:e5:0a:af:c1:4c:2d:e3:87:58:cd:94:12:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 4 23:56:55 2025 GMT
Not After : Apr 4 00:01:55 2026 GMT
Subject: CN=4AC550E40FFF6A066DF1FCF237B7E4F27E9664E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:3a:27:9b:f1:1d:4a:ac:80:33:3e:0e:0b:
3d:3c:67:1e:17:08:cb:fc:3a:20:c2:90:d2:ef:26:
d6:cc:ba:de:1e:6c:26:5f:5d:61:e5:39:d4:84:38:
d1:da:1e:e8:02:96:98:c4:dd:b9:e8:6e:22:34:1f:
60:cd:9d:a9:55:44:f5:aa:30:16:de:b7:6e:a6:ae:
73:f7:24:fd:24:c3:f1:51:96:96:42:e9:41:d9:bb:
1d:e8:cb:ba:51:a6:cd:cf:e5:70:e3:4e:3a:cf:bc:
57:24:85:c6:f3:55:9f:c4:d9:1a:1d:19:84:de:6e:
ad:a2:6e:15:77:6d:ce:a4:05:77:7b:1e:b0:a8:7f:
d1:9b:5f:82:74:25:76:8c:85:db:9c:21:d0:8b:33:
1e:61:df:40:b8:d8:90:fe:ab:3f:98:88:ea:88:44:
ce:d2:73:65:8d:1e:cd:e7:11:97:ab:66:07:8f:87:
b8:57:6e:40:f0:52:ae:7b:9b:cd:03:c9:0e:43:b8:
de:51:4a:4c:a8:29:04:3b:03:3d:19:9d:52:7d:e3:
53:a7:0e:37:b3:e4:49:11:5e:bd:ee:9e:50:a0:e7:
55:95:49:15:ad:45:0c:5d:18:72:26:5f:26:35:78:
a0:da:79:28:8b:f3:ba:0d:b6:18:57:63:d4:0d:da:
c7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C5:50:E4:0F:FF:6A:06:6D:F1:FC:F2:37:B7:E4:F2:7E:96:64:E0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.131.0/24
91.124.133.0/24
91.124.217.0/24
92.112.51.0/24
92.112.61.0/24
92.112.63.0/24
92.112.74.0/23
92.113.49.0-92.113.53.255
Signature Algorithm: sha256WithRSAEncryption
a5:ac:4d:c1:59:ce:32:97:ac:29:16:b8:ba:70:66:b3:f7:1b:
62:cb:36:e8:60:e1:87:1c:70:81:93:c2:e0:22:00:61:5b:6c:
23:e3:a0:3b:c5:38:99:5d:8c:ef:79:e6:a3:0d:71:bc:67:4a:
bf:54:b5:6d:da:5d:7a:81:aa:f1:3f:80:52:9b:2e:74:a0:b3:
33:e2:ad:4a:60:02:80:f9:8b:4d:5e:e1:29:e0:b7:3a:b0:b8:
15:15:ee:94:82:0b:8a:10:99:51:e4:ea:ab:e2:91:ba:64:c5:
0b:c9:0f:40:de:6f:9c:ea:0f:1b:c8:97:57:a3:68:e0:a5:95:
6c:2b:8f:ed:e8:80:e3:85:b9:a6:a2:34:2a:36:38:2c:4d:47:
8c:c1:f7:d0:ee:b3:47:55:0b:fb:17:89:e2:2c:3a:79:46:a6:
7d:97:e9:67:55:91:cc:ed:9a:bf:cc:53:26:a6:9b:c5:7b:b1:
12:e8:cf:99:40:38:6f:0d:b6:5a:5a:c0:6f:21:80:37:8d:eb:
a5:70:a8:c3:e9:b3:25:32:47:3e:7c:0e:cb:21:5c:ab:c5:02:
4c:7b:e2:2f:1d:a0:8d:74:dd:3f:af:b3:3f:08:86:ea:3e:2b:
81:46:c7:f7:49:82:ae:a3:e7:4e:85:23:82:6d:4e:95:e5:e5:
61:28:44:70
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURaijt935muUKr8FMLeOHWM2UEuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MDQyMzU2NTVaFw0yNjA0MDQwMDAxNTVaMDMxMTAvBgNV
BAMTKDRBQzU1MEU0MEZGRjZBMDY2REYxRkNGMjM3QjdFNEYyN0U5NjY0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoDonm/EdSqyAMz4OCz08Zx4X
CMv8OiDCkNLvJtbMut4ebCZfXWHlOdSEONHaHugClpjE3bnobiI0H2DNnalVRPWq
MBbet26mrnP3JP0kw/FRlpZC6UHZux3oy7pRps3P5XDjTjrPvFckhcbzVZ/E2Rod
GYTebq2ibhV3bc6kBXd7HrCof9GbX4J0JXaMhducIdCLMx5h30C42JD+qz+YiOqI
RM7Sc2WNHs3nEZerZgePh7hXbkDwUq57m80DyQ5DuN5RSkyoKQQ7Az0ZnVJ941On
Djez5EkRXr3unlCg51WVSRWtRQxdGHImXyY1eKDaeSiL87oNthhXY9QN2scDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSsVQ5A//agZt8fzyN7fk8n6WZOAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgDBABbfIMD
BABbfIUDBABbfNkDBABccDMDBABccD0DBABccD8DBAFccEowDAMEAFxxMQMEAVxx
NDANBgkqhkiG9w0BAQsFAAOCAQEApaxNwVnOMpesKRa4unBms/cbYss26GDhhxxw
gZPC4CIAYVtsI+OgO8U4mV2M73nmow1xvGdKv1S1bdpdeoGq8T+AUpsudKCzM+Kt
SmACgPmLTV7hKeC3OrC4FRXulIILihCZUeTqq+KRumTFC8kPQN5vnOoPG8iXV6No
4KWVbCuP7eiA44W5pqI0KjY4LE1HjMH30O6zR1UL+xeJ4iw6eUamfZfpZ1WRzO2a
v8xTJqabxXuxEujPmUA4bw22WlrAbyGAN43rpXCow+mzJTJHPnwOyyFcq8UCTHvi
Lx2gjXTdP6+zPwiG6j4rgUbH90mCrqPnToUjgm1OleXlYShEcA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:29 2025 by rpki-client on console.sobornost.net