Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/FOLsAunRL-qwRUPITmX7DmjtTVo.roa
File: FOLsAunRL-qwRUPITmX7DmjtTVo.roa (raw, json)
Hash identifier: 87JXVGkuJmGjpwYzfj6Y+tqb44jgW/uD+mWua5302PI=
Subject key identifier: 14:E2:EC:02:E9:D1:2F:EA:B0:45:43:C8:4E:65:FB:0E:68:ED:4D:5A
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 019D53CAB17A1D0A177CEDD08C4A240FDB08
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/FOLsAunRL-qwRUPITmX7DmjtTVo.roa
Signing time: Fri 03 Apr 2026 14:41:25 +0000
ROA not before: Fri 03 Apr 2026 14:41:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206061
IP address blocks: 80.66.73.0/24 maxlen: 24
80.66.74.0/24 maxlen: 24
80.66.86.0/24 maxlen: 24
194.113.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:ca:b1:7a:1d:0a:17:7c:ed:d0:8c:4a:24:0f:db:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Apr 3 14:41:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14e2ec02e9d12feab04543c84e65fb0e68ed4d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5a:24:a3:c0:d3:1f:3a:60:2d:a3:2b:61:97:
1f:cf:3f:8c:45:26:93:d7:44:4e:f6:10:6e:48:f9:
54:07:fa:a5:5a:8e:e3:77:04:54:76:e7:37:bd:2e:
a3:6b:95:28:d9:fe:e6:28:58:49:45:35:49:4a:ee:
48:6e:b9:96:01:ab:9d:c7:91:e2:96:fa:d7:14:4a:
b3:31:a4:c5:aa:4b:39:1c:39:51:4d:30:6d:b1:b0:
74:0c:2d:1e:38:ba:09:b7:ac:7d:ce:de:f4:cf:7f:
fa:72:a1:07:f5:7c:4f:3f:ed:e1:ca:e0:40:d2:1b:
18:2b:d8:d9:e0:2b:4f:27:96:39:b6:73:fe:a0:97:
4d:e6:bb:3b:e6:21:ad:64:c3:57:b6:91:00:a4:26:
0b:5e:43:4c:2d:df:08:15:b9:66:1e:81:24:83:e0:
b8:39:38:ab:79:a8:69:8f:2a:aa:6a:57:db:e7:59:
77:9d:90:5e:45:3e:9d:b5:68:0d:ff:86:68:e6:c2:
45:3c:d3:75:87:45:cc:d5:76:80:15:b0:04:1e:36:
ed:3f:d6:26:60:f1:4b:09:d0:bc:34:2a:75:a3:52:
77:f0:ab:b0:e5:84:40:3d:1c:cf:fe:37:d5:aa:88:
f7:c3:4f:c0:ad:9e:07:4c:89:d6:a3:42:8f:9e:59:
aa:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E2:EC:02:E9:D1:2F:EA:B0:45:43:C8:4E:65:FB:0E:68:ED:4D:5A
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/FOLsAunRL-qwRUPITmX7DmjtTVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.73.0-80.66.74.255
80.66.86.0/24
194.113.232.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:5b:01:68:1b:bd:da:e3:a5:65:39:a9:f8:b2:6b:ab:dd:b2:
8f:12:ff:8d:d9:00:4a:29:09:0e:86:63:75:5a:73:e9:53:09:
7a:15:65:f8:46:db:25:1a:6e:02:a1:ea:7c:f4:63:0f:05:b7:
c9:07:97:cf:10:72:09:ba:9f:9c:37:e3:f2:b6:74:8b:4c:ad:
03:1e:16:32:6e:b1:db:6c:3d:1f:14:52:f6:e8:87:2f:b6:30:
32:77:79:d0:f4:be:3d:20:e1:7f:b9:29:d9:c5:c8:c2:c1:ee:
35:d6:cc:16:16:44:95:e3:b4:cb:53:95:9a:51:c5:19:78:32:
22:d9:5f:ef:80:f6:bd:40:a4:e8:e8:a8:9b:cc:20:cc:40:d2:
aa:68:05:be:9c:57:b8:94:26:e3:8d:4e:f6:4c:41:1e:e8:12:
11:2f:28:1f:e1:92:8a:46:d9:65:6b:20:cc:ff:89:2f:43:c5:
f7:66:e7:e1:61:1b:71:bc:e2:08:8c:3b:91:25:bb:9b:e2:83:
72:62:1c:72:c8:0a:99:bc:07:3f:bc:49:98:ef:40:92:ae:02:
e1:c9:e6:ab:6d:2c:bc:5e:16:75:c2:dc:60:2f:8c:71:27:f8:
2b:b9:b5:6f:34:89:b1:dc:31:48:fa:26:bb:e1:39:c5:e2:30:
7a:c1:a4:a7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1TyrF6HQoXfO3QjEokD9sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjYwNDAzMTQ0MTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUyZWMwMmU5ZDEyZmVhYjA0NTQzYzg0ZTY1ZmIwZTY4ZWQ0ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Foko8DTHzpgLaMrYZcfzz+MRSaT
10RO9hBuSPlUB/qlWo7jdwRUduc3vS6ja5Uo2f7mKFhJRTVJSu5IbrmWAaudx5Hi
lvrXFEqzMaTFqks5HDlRTTBtsbB0DC0eOLoJt6x9zt70z3/6cqEH9XxPP+3hyuBA
0hsYK9jZ4CtPJ5Y5tnP+oJdN5rs75iGtZMNXtpEApCYLXkNMLd8IFblmHoEkg+C4
OTireahpjyqqalfb51l3nZBeRT6dtWgN/4Zo5sJFPNN1h0XM1XaAFbAEHjbtP9Ym
YPFLCdC8NCp1o1J38Kuw5YRAPRzP/jfVqoj3w0/ArZ4HTInWo0KPnlmqjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBTi7ALp0S/qsEVDyE5l+w5o7U1aMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvRk9Mc0F1blJMLXF3UlVQSVRtWDdEbWp0VFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABQQkkD
BABQQkoDBABQQlYDBADCcegwDQYJKoZIhvcNAQELBQADggEBAHtbAWgbvdrjpWU5
qfiya6vdso8S/43ZAEopCQ6GY3Vac+lTCXoVZfhG2yUabgKh6nz0Yw8Ft8kHl88Q
cgm6n5w34/K2dItMrQMeFjJusdtsPR8UUvbohy+2MDJ3edD0vj0g4X+5KdnFyMLB
7jXWzBYWRJXjtMtTlZpRxRl4MiLZX++A9r1ApOjoqJvMIMxA0qpoBb6cV7iUJuON
TvZMQR7oEhEvKB/hkopG2WVrIMz/iS9Dxfdm5+FhG3G84giMO5Elu5vig3JiHHLI
Cpm8Bz+8SZjvQJKuAuHJ5qttLLxeFnXC3GAvjHEn+Cu5tW80ibHcMUj6JrvhOcXi
MHrBpKc=
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:35:16 2026 by rpki-client