Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yS7BMXofvWjqNVf211dg2n9i3Lc.roa
File: yS7BMXofvWjqNVf211dg2n9i3Lc.roa (raw, json)
Hash identifier: NszZ/qVKRwH4MKU3PFZshevzE6T7YcDaVo8+Ex64Uss=
Subject key identifier: C9:2E:C1:31:7A:1F:BD:68:EA:35:57:F6:D7:57:60:DA:7F:62:DC:B7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019E3E82C270BFFF608F3F1D9B51EF3D50E0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yS7BMXofvWjqNVf211dg2n9i3Lc.roa
Signing time: Tue 19 May 2026 04:33:37 +0000
ROA not before: Tue 19 May 2026 04:33:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20001
IP address blocks: 88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:82:c2:70:bf:ff:60:8f:3f:1d:9b:51:ef:3d:50:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 04:33:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c92ec1317a1fbd68ea3557f6d75760da7f62dcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:77:49:26:6d:e3:10:05:74:a1:38:7a:ed:f8:
b5:10:85:72:b1:bc:79:2e:3c:f6:cb:e7:1d:d6:1d:
89:ba:0a:1c:28:2a:51:12:3b:78:f8:e2:11:f0:ef:
23:47:a5:95:48:cb:83:82:54:b9:62:4a:f8:d3:40:
bd:26:05:ee:a3:22:35:06:3a:cd:b4:8b:bf:2e:83:
cd:49:c6:53:02:d9:53:93:ec:6f:3b:1a:f3:9b:09:
55:29:fb:fa:54:fb:4f:fe:86:03:86:58:91:27:d8:
9d:0d:d5:65:50:71:ea:d8:40:b7:fe:74:89:aa:48:
25:0e:95:c9:49:5d:08:3a:c0:46:f8:a7:6d:05:4f:
2f:0b:d2:2d:a8:a6:de:46:2f:5b:59:ad:5c:56:8d:
10:05:b0:25:82:3e:22:12:74:17:db:51:12:92:c3:
15:a2:15:6f:e6:f5:50:5f:9f:12:e9:38:68:38:e2:
76:bc:0c:5b:fd:e4:d9:f6:55:6e:2d:cb:33:3f:1f:
24:38:73:a3:46:79:d5:84:04:52:00:bd:70:2b:a5:
aa:a8:11:e3:ca:81:77:56:8d:78:25:d1:ff:ee:bc:
a3:f0:b9:37:5e:f6:ef:b5:b5:99:a8:58:20:69:f4:
f6:d5:a2:75:0a:cb:12:e0:55:21:be:fe:4b:02:0b:
1b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2E:C1:31:7A:1F:BD:68:EA:35:57:F6:D7:57:60:DA:7F:62:DC:B7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yS7BMXofvWjqNVf211dg2n9i3Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.21.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7e:41:b3:35:04:66:b8:3e:af:b5:73:6a:e5:83:1b:9f:2b:
e7:92:57:47:9c:f0:cf:93:b8:1c:7e:77:25:7e:04:11:02:cd:
48:e8:b7:30:77:08:3a:83:de:84:c8:05:0e:7c:b6:85:e6:2e:
9d:f2:07:1c:21:7f:fa:a0:5b:51:90:19:09:9f:7e:e7:2d:9e:
88:8c:1a:d4:7c:ce:18:eb:0e:af:f2:40:04:96:f1:b0:2b:86:
03:50:1d:b8:28:23:3a:32:04:ff:c3:ed:45:ff:20:76:da:89:
e5:b0:10:b7:c5:b9:83:b6:c4:82:53:25:52:4d:4a:f3:20:7b:
54:79:52:de:78:dd:5f:f8:5e:51:2c:6d:80:e0:09:14:41:f9:
6c:a8:71:27:90:2a:1d:b4:ec:8b:d2:81:86:4e:8e:09:17:78:
fb:27:15:96:d8:2a:df:67:e9:f7:f1:9d:b7:a3:f3:ac:e7:7a:
02:f7:36:df:4a:7c:1c:67:7f:ee:19:b3:af:e0:f8:92:98:1a:
07:a1:5e:93:20:68:39:2d:ae:b3:e5:2f:45:fe:11:ca:d1:d4:
0f:a2:d4:87:5c:47:20:19:f2:73:a6:26:5b:43:fd:5a:65:e0:
e1:5b:f1:a4:2b:e7:f0:bb:ee:dd:64:22:49:e7:57:37:f8:19:
f8:3a:ef:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4+gsJwv/9gjz8dm1HvPVDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNTE5MDQzMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJlYzEzMTdhMWZiZDY4ZWEzNTU3ZjZkNzU3NjBkYTdmNjJkY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHdJJm3jEAV0oTh67fi1EIVysbx5
Ljz2y+cd1h2JugocKCpREjt4+OIR8O8jR6WVSMuDglS5Ykr400C9JgXuoyI1BjrN
tIu/LoPNScZTAtlTk+xvOxrzmwlVKfv6VPtP/oYDhliRJ9idDdVlUHHq2EC3/nSJ
qkglDpXJSV0IOsBG+KdtBU8vC9ItqKbeRi9bWa1cVo0QBbAlgj4iEnQX21ESksMV
ohVv5vVQX58S6ThoOOJ2vAxb/eTZ9lVuLcszPx8kOHOjRnnVhARSAL1wK6WqqBHj
yoF3Vo14JdH/7ryj8Lk3XvbvtbWZqFggafT21aJ1CssS4FUhvv5LAgsbqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMkuwTF6H71o6jVX9tdXYNp/Yty3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveVM3Qk1Yb2Z2V2pxTlZmMjExZGcybjlpM0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNgVAwQA
WNhnAwQAWNi5AwQAWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQAMfkGzNQRmuD6vtXNq
5YMbnyvnkldHnPDPk7gcfnclfgQRAs1I6Lcwdwg6g96EyAUOfLaF5i6d8gccIX/6
oFtRkBkJn37nLZ6IjBrUfM4Y6w6v8kAElvGwK4YDUB24KCM6MgT/w+1F/yB22onl
sBC3xbmDtsSCUyVSTUrzIHtUeVLeeN1f+F5RLG2A4AkUQflsqHEnkCodtOyL0oGG
To4JF3j7JxWW2CrfZ+n38Z23o/Os53oC9zbfSnwcZ3/uGbOv4PiSmBoHoV6TIGg5
La6z5S9F/hHK0dQPotSHXEcgGfJzpiZbQ/1aZeDhW/GkK+fwu+7dZCJJ51c3+Bn4
Ou9F
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:48 2026 by rpki-client