Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/swnpl4td9eb6_J81u2GZTHQvUnM.roa
File:                     swnpl4td9eb6_J81u2GZTHQvUnM.roa (raw, json)
Hash identifier:          OzZo/a2puN3YVDYWaueHcqlnkjv3aKzrJf+DmBTG+js=
Subject key identifier:   B3:09:E9:97:8B:5D:F5:E6:FA:FC:9F:35:BB:61:99:4C:74:2F:52:73
Certificate issuer:       /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial:       019ECA46177B28D5AF89284B1E93A03E5E83
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/swnpl4td9eb6_J81u2GZTHQvUnM.roa
Signing time:             Mon 15 Jun 2026 07:54:11 +0000
ROA not before:           Mon 15 Jun 2026 07:54:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214875
IP address blocks:        37.97.0.0/20 maxlen: 20
                          37.97.2.0/24 maxlen: 24
                          37.97.3.0/24 maxlen: 24
                          37.97.48.0/21 maxlen: 21
                          37.97.57.0/24 maxlen: 24
                          37.97.58.0/23 maxlen: 23
                          37.97.62.0/23 maxlen: 23
                          45.13.240.0/22 maxlen: 22
                          188.228.4.0/22 maxlen: 22
                          188.228.8.0/22 maxlen: 22
                          188.228.14.0/24 maxlen: 24
                          188.228.48.0/23 maxlen: 23
                          188.228.50.0/23 maxlen: 23
                          188.228.54.0/24 maxlen: 24
                          188.228.68.0/23 maxlen: 23
                          188.228.78.0/24 maxlen: 24
                          188.228.80.0/22 maxlen: 22
                          188.228.88.0/22 maxlen: 22
                          188.228.92.0/23 maxlen: 23
                          188.228.96.0/22 maxlen: 22
                          188.228.102.0/23 maxlen: 23
                          2a00:fd01::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:ca:46:17:7b:28:d5:af:89:28:4b:1e:93:a0:3e:5e:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
        Validity
            Not Before: Jun 15 07:54:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b309e9978b5df5e6fafc9f35bb61994c742f5273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:d9:6e:b5:fb:9e:cf:e3:56:c5:37:69:25:be:
                    13:5c:66:d1:02:c6:6f:ff:4e:a3:d9:31:f2:89:83:
                    75:a7:6b:56:59:ff:e3:43:67:18:79:09:cf:b5:4d:
                    c6:da:a0:d1:12:2a:93:4a:09:4c:34:ef:ef:40:95:
                    e2:5f:2a:76:46:bb:37:68:f5:07:96:32:e7:67:54:
                    f6:5e:e0:16:df:f8:5e:e8:7d:13:5d:53:8b:08:cc:
                    7b:b6:09:10:85:82:5e:64:ba:21:d1:ed:5e:9a:99:
                    05:7c:2d:1a:32:a7:d0:83:1c:89:1b:5e:52:70:21:
                    fc:35:ed:0c:7a:65:f4:72:43:79:f5:67:6d:37:00:
                    3d:99:e6:2e:20:db:a8:2e:e2:72:59:c1:56:82:84:
                    52:95:f4:db:55:3a:d5:ad:ff:4c:40:37:a4:4d:f5:
                    7c:5b:22:1a:96:02:2b:23:f6:2c:1f:cf:7a:55:1f:
                    64:fa:69:35:13:3f:02:e3:50:94:09:6f:88:e7:9b:
                    99:5f:e9:eb:b9:24:92:65:ee:71:a5:fc:34:ab:49:
                    57:59:6a:7c:40:95:0e:b6:7b:23:2e:9f:16:1e:e2:
                    bf:3a:57:ff:e6:87:30:34:1e:5d:d2:79:14:13:01:
                    f3:af:26:21:c4:b7:5b:cd:ec:5c:04:88:57:a0:42:
                    8d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:09:E9:97:8B:5D:F5:E6:FA:FC:9F:35:BB:61:99:4C:74:2F:52:73
            X509v3 Authority Key Identifier:
                keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/swnpl4td9eb6_J81u2GZTHQvUnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.97.0.0/20
                  37.97.48.0/21
                  37.97.57.0-37.97.59.255
                  37.97.62.0/23
                  45.13.240.0/22
                  188.228.4.0-188.228.11.255
                  188.228.14.0/24
                  188.228.48.0/22
                  188.228.54.0/24
                  188.228.68.0/23
                  188.228.78.0/24
                  188.228.80.0/22
                  188.228.88.0-188.228.93.255
                  188.228.96.0/22
                  188.228.102.0/23
                IPv6:
                  2a00:fd01::/32

    Signature Algorithm: sha256WithRSAEncryption
         12:6c:68:6c:6b:43:21:83:f2:1b:dd:70:84:a9:27:5e:7f:57:
         8e:9c:28:c4:75:1a:03:52:21:4a:0a:fa:c7:a5:0d:9f:87:2f:
         0e:46:34:29:2c:eb:9c:5c:db:50:8b:d0:92:6f:d1:c0:0a:cc:
         31:36:10:27:3d:d2:5e:28:b7:88:db:d9:2d:10:c1:48:9f:a4:
         b1:d2:0d:11:25:c7:0a:4d:11:10:f3:bf:10:7b:c2:b2:ef:ae:
         5e:f2:65:c0:84:86:eb:30:28:29:2a:65:ee:2f:5c:79:47:29:
         36:f3:ba:0b:05:89:17:cd:7d:05:10:b3:9b:ba:0f:e8:d8:1a:
         e7:68:85:b5:16:19:be:e4:35:42:00:a6:76:03:a0:32:f2:fe:
         95:f7:69:79:b1:fd:55:be:32:75:a0:71:45:f0:9b:52:d1:e0:
         87:ed:c1:5a:16:03:06:a2:e8:00:83:6d:46:ed:b9:b5:53:9d:
         75:ae:48:d4:c0:4c:80:f6:43:32:fb:07:db:93:13:f4:20:29:
         fe:12:2b:f4:49:d5:46:05:61:a2:74:22:36:5b:a2:e7:db:7a:
         b2:93:1b:4e:e6:36:db:0a:38:7d:01:75:7f:10:71:5e:63:b8:
         5e:3d:38:a5:0d:ac:78:4d:88:a7:9f:38:a6:c1:d4:a8:8a:b8:
         31:f5:d6:fa
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZ7KRhd7KNWviShLHpOgPl6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl
NGRmMDAwHhcNMjYwNjE1MDc1NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA5ZTk5NzhiNWRmNWU2ZmFmYzlmMzViYjYxOTk0Yzc0MmY1MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tlutfuez+NWxTdpJb4TXGbRAsZv
/06j2THyiYN1p2tWWf/jQ2cYeQnPtU3G2qDREiqTSglMNO/vQJXiXyp2Rrs3aPUH
ljLnZ1T2XuAW3/he6H0TXVOLCMx7tgkQhYJeZLoh0e1empkFfC0aMqfQgxyJG15S
cCH8Ne0MemX0ckN59WdtNwA9meYuINuoLuJyWcFWgoRSlfTbVTrVrf9MQDekTfV8
WyIalgIrI/YsH896VR9k+mk1Ez8C41CUCW+I55uZX+nruSSSZe5xpfw0q0lXWWp8
QJUOtnsjLp8WHuK/Olf/5ocwNB5d0nkUEwHzryYhxLdbzexcBIhXoEKNSQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFLMJ6ZeLXfXm+vyfNbthmUx0L1JzMB8GA1UdIwQY
MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt
YTg3N2RkNTFiYzQ5LzEvc3ducGw0dGQ5ZWI2X0o4MXUyR1pUSFF2VW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5
LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQEJWEA
AwQDJWEwMAwDBAAlYTkDBAIlYTgDBAElYT4DBAItDfAwDAMEArzkBAMEArzkCAME
ALzkDgMEArzkMAMEALzkNgMEAbzkRAMEALzkTgMEArzkUDAMAwQDvORYAwQBvORc
AwQCvORgAwQBvORmMA0EAgACMAcDBQAqAP0BMA0GCSqGSIb3DQEBCwUAA4IBAQAS
bGhsa0Mhg/Ib3XCEqSdef1eOnCjEdRoDUiFKCvrHpQ2fhy8ORjQpLOucXNtQi9CS
b9HACswxNhAnPdJeKLeI29ktEMFIn6Sx0g0RJccKTREQ878Qe8Ky765e8mXAhIbr
MCgpKmXuL1x5Ryk287oLBYkXzX0FELObug/o2BrnaIW1Fhm+5DVCAKZ2A6Ay8v6V
92l5sf1VvjJ1oHFF8JtS0eCH7cFaFgMGougAg21G7bm1U511rkjUwEyA9kMy+wfb
kxP0ICn+Eiv0SdVGBWGidCI2W6Ln23qykxtO5jbbCjh9AXV/EHFeY7hePTilDax4
TYinnzimwdSoirgx9db6
-----END CERTIFICATE-----
Generated at Wed Jul 1 03:30:02 2026 by rpki-client