Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/SwxmsvxnegUK_dz06j_bmvCP-xU.roa
File: SwxmsvxnegUK_dz06j_bmvCP-xU.roa (raw, json)
Hash identifier: qF5sISq5xs4U3hp9EFxCSMocasNmdfjsoQWek7B0tOQ=
Subject key identifier: 4B:0C:66:B2:FC:67:7A:05:0A:FD:DC:F4:EA:3F:DB:9A:F0:8F:FB:15
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 0197CBB0ABAE776403D75E79160D34E3697B
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/SwxmsvxnegUK_dz06j_bmvCP-xU.roa
Signing time: Wed 02 Jul 2025 15:10:42 +0000
ROA not before: Wed 02 Jul 2025 15:10:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
31.204.140.0/22 maxlen: 22
31.204.144.0/24 maxlen: 24
31.204.156.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
89.104.172.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d20:4000::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:b0:ab:ae:77:64:03:d7:5e:79:16:0d:34:e3:69:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jul 2 15:10:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b0c66b2fc677a050afddcf4ea3fdb9af08ffb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:c8:6a:3d:90:dc:d2:44:c2:aa:fc:c4:8a:
a3:01:c3:12:a8:5f:40:3d:85:65:2b:39:11:d0:fb:
10:10:ff:35:ad:6e:43:d9:3d:1d:b8:d8:d5:0e:1b:
d8:f1:dc:f8:cd:be:fa:f3:8e:95:43:26:bf:98:31:
c4:b1:29:c0:5c:86:cf:f4:2a:f1:63:52:16:1d:8c:
db:ec:d6:8d:5b:e8:f6:a9:1f:f4:df:e6:90:64:d4:
2b:60:92:dd:6d:7d:e1:39:79:44:f8:0f:19:93:0c:
85:fc:98:cd:1c:6f:6d:a0:9a:cb:5a:d8:f3:7d:51:
64:a4:2e:2a:11:8c:35:16:f0:31:ba:12:10:b3:b6:
b3:83:27:91:f9:d9:cb:d4:3e:bc:10:8a:78:24:29:
0e:50:9e:07:c4:7f:46:d8:39:60:be:b9:9d:dc:a2:
91:13:ee:29:37:70:20:0e:16:ba:ab:70:8b:a3:ba:
7f:77:cf:93:74:37:3b:7a:2c:d1:3e:83:6b:63:bb:
c0:4c:67:7e:d7:71:1c:4b:1d:3d:f3:f2:e1:dc:76:
18:3f:b2:a3:9c:bb:36:80:d9:ca:c5:63:3e:2e:13:
f3:6f:48:08:89:f4:67:2f:d5:cd:09:e6:2b:24:1f:
1b:ed:72:83:0e:e9:75:0b:a2:4b:e8:00:f1:49:d9:
bf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0C:66:B2:FC:67:7A:05:0A:FD:DC:F4:EA:3F:DB:9A:F0:8F:FB:15
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/SwxmsvxnegUK_dz06j_bmvCP-xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/21
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
4d:67:03:7e:d4:6f:ef:64:a6:d8:0d:10:b9:62:d1:1b:86:55:
46:8a:3b:63:3a:43:0c:f3:68:fb:3e:d1:f0:89:ae:d4:03:6f:
bd:17:d0:06:c0:c6:75:72:19:25:b7:1a:0d:80:97:3b:0d:c5:
cd:d7:7c:09:62:8b:dc:51:db:9a:e5:e7:6d:d0:c6:ed:71:a7:
61:2d:43:7f:94:ae:42:8b:b2:9a:f7:1c:6c:48:4e:25:df:3a:
30:24:88:82:09:aa:13:53:39:1c:60:02:5a:d2:ab:83:52:60:
a6:8a:56:e2:62:4c:58:d4:00:7c:39:9a:b8:fc:28:9f:b7:92:
14:dd:84:70:aa:2d:c0:78:5a:4d:8c:68:6a:5d:dd:d7:1d:f9:
df:ce:e4:14:1d:f2:97:62:73:65:c7:f5:28:92:d9:ef:3f:bb:
d6:54:74:b2:18:12:bf:5a:ad:f1:5b:96:a7:3c:8b:76:8e:d4:
7f:81:88:31:8a:8e:87:c9:0d:ee:47:c7:a6:ae:c2:bc:c2:7b:
b4:bb:37:2e:b2:71:c9:29:2d:65:c6:89:7d:4e:2b:05:0f:8f:
1b:1e:30:43:60:56:b7:e9:ab:71:af:db:27:a6:a1:09:35:95:
8a:6c:22:bb:24:a6:9c:53:5b:24:e6:68:2f:12:77:63:a1:fb:
44:bd:49:37
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZfLsKuud2QD1155Fg0042l7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjUwNzAyMTUxMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBjNjZiMmZjNjc3YTA1MGFmZGRjZjRlYTNmZGI5YWYwOGZmYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0TIaj2Q3NJEwqr8xIqjAcMSqF9A
PYVlKzkR0PsQEP81rW5D2T0duNjVDhvY8dz4zb76846VQya/mDHEsSnAXIbP9Crx
Y1IWHYzb7NaNW+j2qR/03+aQZNQrYJLdbX3hOXlE+A8ZkwyF/JjNHG9toJrLWtjz
fVFkpC4qEYw1FvAxuhIQs7azgyeR+dnL1D68EIp4JCkOUJ4HxH9G2Dlgvrmd3KKR
E+4pN3AgDha6q3CLo7p/d8+TdDc7eizRPoNrY7vATGd+13EcSx098/Lh3HYYP7Kj
nLs2gNnKxWM+LhPzb0gIifRnL9XNCeYrJB8b7XKDDul1C6JL6ADxSdm/8wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFEsMZrL8Z3oFCv3c9Oo/25rwj/sVMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvU3d4bXN2eG5lZ1VLX2R6MDZqX2JtdkNQLXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBANZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAE1n
A37Ub+9kptgNELli0RuGVUaKO2M6QwzzaPs+0fCJrtQDb70X0AbAxnVyGSW3Gg2A
lzsNxc3XfAlii9xR25rl523Qxu1xp2EtQ3+UrkKLspr3HGxITiXfOjAkiIIJqhNT
ORxgAlrSq4NSYKaKVuJiTFjUAHw5mrj8KJ+3khTdhHCqLcB4Wk2MaGpd3dcd+d/O
5BQd8pdic2XH9SiS2e8/u9ZUdLIYEr9arfFblqc8i3aO1H+BiDGKjofJDe5Hx6au
wrzCe7S7Ny6ycckpLWXGiX1OKwUPjxseMENgVrfpq3Gv2yemoQk1lYpsIrskppxT
WyTmaC8Sd2Oh+0S9STc=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:47:42 2025 by rpki-client