Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/LXr6C48Lxn5qLALMmRCp0Zvklfc.roa
File: LXr6C48Lxn5qLALMmRCp0Zvklfc.roa (raw, json)
Hash identifier: xyDipUJK+J0EWyFs8iYbI4e4T5NfmKMOryR8EWn2OIs=
Subject key identifier: 2D:7A:FA:0B:8F:0B:C6:7E:6A:2C:02:CC:99:10:A9:D1:9B:E4:95:F7
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 019CF70D4CCE43606170295FD48F05FD59E1
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/LXr6C48Lxn5qLALMmRCp0Zvklfc.roa
Signing time: Mon 16 Mar 2026 14:29:29 +0000
ROA not before: Mon 16 Mar 2026 14:29:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 80.66.72.0/24 maxlen: 24
80.66.78.0/24 maxlen: 24
87.251.69.0/24 maxlen: 24
87.251.85.0/24 maxlen: 24
194.113.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:0d:4c:ce:43:60:61:70:29:5f:d4:8f:05:fd:59:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Mar 16 14:29:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d7afa0b8f0bc67e6a2c02cc9910a9d19be495f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:7b:62:53:6e:34:34:1f:cb:47:fb:85:34:
45:ef:e0:3c:f7:5b:66:b6:cf:3f:df:f0:ae:84:23:
00:18:ab:49:db:fc:a4:56:da:aa:1c:77:86:ae:96:
b9:a2:78:bb:68:46:b4:38:b8:ab:9e:a0:7c:d1:a6:
8b:16:39:a5:e8:ad:d4:95:ec:82:92:f5:9b:c9:02:
a9:c6:39:dc:c2:a6:23:d0:50:4c:c5:29:50:34:8a:
fe:d6:52:7a:c2:da:2f:44:5a:ed:64:c3:65:e8:cc:
2f:2b:b8:3d:4e:78:5d:86:ac:64:f3:93:0e:5f:a3:
0a:97:95:6a:fd:43:88:62:a1:c7:ba:78:65:79:b6:
b3:a3:4b:aa:5a:69:de:e2:58:2a:d6:64:57:84:a8:
6b:41:e4:53:4b:20:72:c1:41:43:1e:2c:60:75:2b:
1a:14:d9:d3:b5:53:56:1e:25:67:2b:3c:fb:e8:ee:
25:33:16:cb:68:48:4f:8a:c7:dc:c3:0d:05:a6:61:
bc:99:fd:07:b3:d5:8b:a0:5d:17:b7:57:66:65:90:
98:f0:d6:fd:c6:6e:07:34:66:06:27:2d:08:ee:8c:
c1:88:bf:5c:f4:34:2a:4d:2d:12:26:67:53:0b:04:
ad:c4:4e:32:a9:34:ab:78:be:1d:ed:87:c9:01:b4:
35:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7A:FA:0B:8F:0B:C6:7E:6A:2C:02:CC:99:10:A9:D1:9B:E4:95:F7
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/LXr6C48Lxn5qLALMmRCp0Zvklfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.72.0/24
80.66.78.0/24
87.251.69.0/24
87.251.85.0/24
194.113.235.0/24
Signature Algorithm: sha256WithRSAEncryption
98:99:b0:3b:eb:2c:95:23:61:6e:70:44:ce:2b:74:d6:72:13:
8e:48:b8:5a:41:5b:a9:f3:9d:e0:b2:76:da:6f:ff:30:c0:1b:
18:1e:47:b2:4b:ba:7c:d6:78:55:2b:14:ec:a7:b4:f7:7e:69:
0d:3d:cf:4a:f8:d5:6a:36:22:c3:38:f9:8e:ba:84:35:d6:38:
db:98:e2:02:a2:dd:e1:d4:68:37:b6:9b:2e:9b:07:c5:d0:29:
12:49:e8:c4:05:4b:48:6d:eb:8c:ee:6c:55:af:12:1e:9a:4e:
b2:03:52:7b:48:87:c1:36:37:bb:2b:3f:99:4a:27:3a:8c:6a:
df:37:cd:fa:e5:62:19:9f:43:ad:8f:5c:7d:2e:84:4c:4a:f9:
16:1d:a2:6d:69:5a:66:75:e2:52:f1:be:11:2f:33:d3:1c:ec:
58:49:d7:0a:11:79:55:44:12:a0:99:32:5b:5d:6c:11:59:b2:
30:89:46:a9:2e:55:0e:66:ac:44:a5:a8:cf:17:5b:70:3c:cb:
b4:a1:14:1e:5a:d5:6c:5b:1b:ed:0c:55:6f:23:91:31:8b:cb:
ac:ae:99:7b:f8:2f:03:ab:95:9f:2a:f7:bf:8a:ba:f0:8b:77:
7e:b1:6d:18:62:e8:a9:21:1b:06:f3:72:82:25:d1:88:06:59:
d9:f2:b0:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZz3DUzOQ2BhcClf1I8F/VnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjYwMzE2MTQyOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdhZmEwYjhmMGJjNjdlNmEyYzAyY2M5OTEwYTlkMTliZTQ5NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBp7YlNuNDQfy0f7hTRF7+A891tm
ts8/3/CuhCMAGKtJ2/ykVtqqHHeGrpa5oni7aEa0OLirnqB80aaLFjml6K3UleyC
kvWbyQKpxjncwqYj0FBMxSlQNIr+1lJ6wtovRFrtZMNl6MwvK7g9Tnhdhqxk85MO
X6MKl5Vq/UOIYqHHunhlebazo0uqWmne4lgq1mRXhKhrQeRTSyBywUFDHixgdSsa
FNnTtVNWHiVnKzz76O4lMxbLaEhPisfcww0FpmG8mf0Hs9WLoF0Xt1dmZZCY8Nb9
xm4HNGYGJy0I7ozBiL9c9DQqTS0SJmdTCwStxE4yqTSreL4d7YfJAbQ1yQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC16+guPC8Z+aiwCzJkQqdGb5JX3MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvTFhyNkM0OEx4bjVxTEFMTW1SQ3AwWnZrbGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEJIAwQA
UEJOAwQAV/tFAwQAV/tVAwQAwnHrMA0GCSqGSIb3DQEBCwUAA4IBAQCYmbA76yyV
I2FucETOK3TWchOOSLhaQVup853gsnbab/8wwBsYHkeyS7p81nhVKxTsp7T3fmkN
Pc9K+NVqNiLDOPmOuoQ11jjbmOICot3h1Gg3tpsumwfF0CkSSejEBUtIbeuM7mxV
rxIemk6yA1J7SIfBNje7Kz+ZSic6jGrfN8365WIZn0Otj1x9LoRMSvkWHaJtaVpm
deJS8b4RLzPTHOxYSdcKEXlVRBKgmTJbXWwRWbIwiUapLlUOZqxEpajPF1twPMu0
oRQeWtVsWxvtDFVvI5Exi8usrpl7+C8Dq5WfKve/irrwi3d+sW0YYuipIRsG83KC
JdGIBlnZ8rBH
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:11:41 2026 by rpki-client