Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_eq21Ur2r_PGgtdi5qhr1j2MPVQ.roa
File: _eq21Ur2r_PGgtdi5qhr1j2MPVQ.roa (raw, json)
Hash identifier: udJEkQ5jsOLf0f5adiRNYG6T+LEUaapbVSLJw0nu2Og=
Subject key identifier: FD:EA:B6:D5:4A:F6:AF:F3:C6:82:D7:62:E6:A8:6B:D6:3D:8C:3D:54
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019E3E82C2C68F96F23AA4AF59AA0B44EF6F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_eq21Ur2r_PGgtdi5qhr1j2MPVQ.roa
Signing time: Tue 19 May 2026 04:33:37 +0000
ROA not before: Tue 19 May 2026 04:33:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22516
IP address blocks: 88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:82:c2:c6:8f:96:f2:3a:a4:af:59:aa:0b:44:ef:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 04:33:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fdeab6d54af6aff3c682d762e6a86bd63d8c3d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b6:5e:58:10:e6:54:57:92:c2:03:60:46:7f:
48:f4:51:bb:3c:00:a6:30:4e:20:f1:d0:02:e4:75:
35:33:f1:7b:9b:89:bd:61:f1:83:4c:01:2f:5d:b0:
ff:8f:ba:89:7b:a5:58:fb:e1:76:18:31:5e:86:69:
8c:9d:c8:a2:9f:8a:68:45:4e:10:7b:65:cb:fa:34:
3d:1a:b3:41:48:67:dc:a9:bd:ae:ec:30:88:8c:c5:
b3:0c:89:09:3b:3d:14:0b:df:90:54:d5:c1:c1:ae:
a0:b7:cc:47:48:8c:da:38:f1:d3:94:19:45:47:de:
36:11:f1:be:81:58:ff:0b:30:b6:b4:8d:d8:cf:c1:
44:3b:c6:01:83:89:29:66:7c:dc:61:bb:8e:a2:d8:
f2:a3:a0:4d:e4:ae:fe:77:6d:e0:9c:1f:d2:fd:5b:
db:ff:e9:e9:51:af:48:f8:50:c0:56:43:80:81:15:
a7:95:6e:c3:1f:dc:b8:66:fb:e3:18:f7:a7:57:51:
8d:47:5b:c3:6a:8f:47:7f:a3:06:cf:d4:29:83:30:
8d:7f:79:a0:98:f7:3f:d9:a4:9e:46:7c:e6:ac:c9:
77:0b:f8:2d:c8:b2:d3:bf:22:5f:36:d8:2d:13:24:
96:f9:c7:d0:ff:60:0e:e8:8c:6a:67:1a:3b:d9:ed:
51:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:EA:B6:D5:4A:F6:AF:F3:C6:82:D7:62:E6:A8:6B:D6:3D:8C:3D:54
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_eq21Ur2r_PGgtdi5qhr1j2MPVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.21.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:48:88:e1:5f:b1:a6:7d:65:36:82:44:38:ff:df:46:22:cb:
f8:ee:ec:01:45:7b:86:25:27:17:97:c2:05:1f:1c:a4:17:78:
69:c2:ed:fc:f3:52:2e:40:2e:62:60:bd:bf:73:e2:83:d4:20:
e8:fa:b3:7e:9f:21:74:59:e6:0a:39:57:0a:84:c3:e5:b8:b4:
3c:80:92:d1:2f:e1:f1:af:70:77:af:f3:ed:31:09:51:62:ba:
13:74:9d:34:34:1e:f1:74:99:28:fe:a5:81:20:f7:1c:1f:84:
1a:2c:16:de:3d:87:88:42:ea:78:54:59:64:24:f3:d9:ad:35:
fd:bd:fa:06:a8:88:c0:2e:ca:9d:f6:a9:f6:a8:ae:83:65:a5:
09:cf:c8:fb:c4:12:fd:b1:f5:34:2e:16:27:0e:0a:f0:d3:fe:
30:41:e4:6e:a8:bb:b7:34:57:5e:22:fc:07:1a:42:75:4c:08:
8c:d3:69:99:3c:c1:4d:ca:88:17:98:b2:72:5d:41:94:bb:72:
e1:60:c0:70:65:c4:6f:ed:5b:91:5e:8d:05:db:ec:59:61:16:
15:f3:d8:a1:69:e4:92:15:95:a7:56:f2:dd:23:02:33:75:ea:
43:d3:de:af:3f:9f:75:98:12:70:db:42:5d:e7:f3:02:58:93:
38:25:fe:5f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4+gsLGj5byOqSvWaoLRO9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNTE5MDQzMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGVhYjZkNTRhZjZhZmYzYzY4MmQ3NjJlNmE4NmJkNjNkOGMzZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbZeWBDmVFeSwgNgRn9I9FG7PACm
ME4g8dAC5HU1M/F7m4m9YfGDTAEvXbD/j7qJe6VY++F2GDFehmmMnciin4poRU4Q
e2XL+jQ9GrNBSGfcqb2u7DCIjMWzDIkJOz0UC9+QVNXBwa6gt8xHSIzaOPHTlBlF
R942EfG+gVj/CzC2tI3Yz8FEO8YBg4kpZnzcYbuOotjyo6BN5K7+d23gnB/S/Vvb
/+npUa9I+FDAVkOAgRWnlW7DH9y4ZvvjGPenV1GNR1vDao9Hf6MGz9QpgzCNf3mg
mPc/2aSeRnzmrMl3C/gtyLLTvyJfNtgtEySW+cfQ/2AO6IxqZxo72e1RUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP3qttVK9q/zxoLXYuaoa9Y9jD1UMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX2VxMjFVcjJyX1BHZ3RkaTVxaHIxajJNUFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNgVAwQA
WNhnAwQAWNi5AwQAWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQCbSIjhX7GmfWU2gkQ4
/99GIsv47uwBRXuGJScXl8IFHxykF3hpwu3881IuQC5iYL2/c+KD1CDo+rN+nyF0
WeYKOVcKhMPluLQ8gJLRL+Hxr3B3r/PtMQlRYroTdJ00NB7xdJko/qWBIPccH4Qa
LBbePYeIQup4VFlkJPPZrTX9vfoGqIjALsqd9qn2qK6DZaUJz8j7xBL9sfU0LhYn
Dgrw0/4wQeRuqLu3NFdeIvwHGkJ1TAiM02mZPMFNyogXmLJyXUGUu3LhYMBwZcRv
7VuRXo0F2+xZYRYV89ihaeSSFZWnVvLdIwIzdepD096vP591mBJw20Jd5/MCWJM4
Jf5f
-----END CERTIFICATE-----
Generated at Sun May 31 03:49:47 2026 by rpki-client