Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sWX-HSOeRAuWqC5VFhhZlWiICD8.roa
File: sWX-HSOeRAuWqC5VFhhZlWiICD8.roa (raw, json)
Hash identifier: +5FVOEPQlVmu84Bor7ae+bvovnrqW0Ox8oTKHK/3MVc=
Subject key identifier: B1:65:FE:1D:23:9E:44:0B:96:A8:2E:55:16:18:59:95:68:88:08:3F
Certificate issuer: /CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Certificate serial: 019F141175DCABA19A93BA8546F39EC2316B
Authority key identifier: DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sWX-HSOeRAuWqC5VFhhZlWiICD8.roa
Signing time: Mon 29 Jun 2026 15:48:36 +0000
ROA not before: Mon 29 Jun 2026 15:48:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6681
IP address blocks: 45.13.27.0/24 maxlen: 24
45.128.218.0/24 maxlen: 24
45.128.219.0/24 maxlen: 24
89.150.33.0/24 maxlen: 24
193.200.64.0/24 maxlen: 24
193.200.65.0/24 maxlen: 24
195.191.234.0/24 maxlen: 24
195.191.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:14:11:75:dc:ab:a1:9a:93:ba:85:46:f3:9e:c2:31:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Validity
Not Before: Jun 29 15:48:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b165fe1d239e440b96a82e55161859956888083f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:77:30:63:1f:ec:1e:83:1a:42:40:8f:43:
73:c9:47:02:cf:ce:cf:0d:84:9c:dc:22:4d:c9:b4:
be:d7:f2:b5:cc:eb:cc:dd:f6:f5:46:5b:21:56:1c:
59:c4:35:9f:78:ca:4a:55:06:a2:98:25:73:77:b6:
40:1e:1f:3a:e0:03:fd:1b:2a:58:0e:aa:33:21:5c:
a6:8f:5b:b0:81:2a:47:e0:e0:8b:a5:48:80:db:13:
6e:e5:8e:44:a0:73:eb:db:21:bf:7d:43:0e:31:23:
36:46:7e:0c:35:0f:1d:68:04:d4:e0:5f:1d:38:a5:
4b:6a:9c:8b:0e:d7:cf:a9:74:d5:3b:ea:67:00:86:
92:cb:ce:c0:53:39:bc:50:a2:72:89:04:2a:ce:de:
f4:10:0e:cf:8b:2d:e9:c6:63:6b:35:c6:04:ab:ad:
d1:ac:d8:ed:07:02:7e:c3:2f:55:a2:58:20:69:46:
ab:e9:72:dc:66:ee:66:79:34:46:a9:2d:e0:ef:d7:
e9:3f:d9:85:e4:49:d2:7a:c2:a5:24:1a:87:de:24:
33:2e:f7:a0:ca:0d:34:10:44:69:15:8f:2a:1f:23:
e0:90:b0:5b:bc:aa:9b:34:b7:f9:2c:8e:5a:32:d3:
35:d9:08:55:d4:64:ed:9d:6f:50:c4:1f:62:47:32:
9b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:65:FE:1D:23:9E:44:0B:96:A8:2E:55:16:18:59:95:68:88:08:3F
X509v3 Authority Key Identifier:
keyid:DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/sWX-HSOeRAuWqC5VFhhZlWiICD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.27.0/24
45.128.218.0/23
89.150.33.0/24
193.200.64.0/23
195.191.234.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:0c:37:35:70:82:1c:b6:85:53:f8:30:65:a7:87:52:99:d7:
1e:46:7b:cf:d0:0e:50:23:53:45:3d:0f:2e:19:1c:af:41:35:
cb:f9:05:ed:0c:61:a6:61:79:1d:29:7b:ea:ba:02:da:78:ea:
0d:1b:6c:8e:22:b9:97:a3:29:8f:cf:86:09:07:f5:73:ac:42:
66:08:b3:9a:da:f2:42:98:67:46:72:13:a9:72:5a:c3:34:84:
1f:fe:ac:0d:54:e2:f4:ae:93:ac:31:21:50:9d:eb:c4:62:6a:
a2:3e:30:68:5f:b6:80:43:c6:17:ae:46:d3:8c:1a:8a:cb:56:
34:92:3e:37:33:46:cc:52:f4:8c:11:ab:da:e5:33:6f:16:0b:
95:92:1b:ad:1d:a5:0b:2c:54:e3:51:77:67:b4:a3:4b:53:d3:
2f:98:4c:9d:24:d3:5d:d6:5f:3a:46:38:55:b5:98:84:70:4c:
2e:7f:fd:59:8e:d1:3d:44:ee:39:3b:a3:c0:3e:29:38:c1:2a:
17:73:56:a0:5e:81:3d:c6:2d:3c:8d:59:23:7f:e4:1d:b3:fb:
3a:5d:8c:2f:95:3b:93:1e:28:b1:e4:1b:61:13:68:20:92:4b:
ff:27:3b:89:84:37:1f:4a:91:5d:62:6c:da:fa:4a:cd:38:0e:
c6:33:c0:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8UEXXcq6Gak7qFRvOewjFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmNhYjQ4NTk1MzZjZjk5NjU5NmVmMTlkMmE2NDYxMWQw
MzZmZTQwHhcNMjYwNjI5MTU0ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY1ZmUxZDIzOWU0NDBiOTZhODJlNTUxNjE4NTk5NTY4ODgwODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAZ3MGMf7B6DGkJAj0NzyUcCz87P
DYSc3CJNybS+1/K1zOvM3fb1RlshVhxZxDWfeMpKVQaimCVzd7ZAHh864AP9GypY
DqozIVymj1uwgSpH4OCLpUiA2xNu5Y5EoHPr2yG/fUMOMSM2Rn4MNQ8daATU4F8d
OKVLapyLDtfPqXTVO+pnAIaSy87AUzm8UKJyiQQqzt70EA7Piy3pxmNrNcYEq63R
rNjtBwJ+wy9VolggaUar6XLcZu5meTRGqS3g79fpP9mF5EnSesKlJBqH3iQzLveg
yg00EERpFY8qHyPgkLBbvKqbNLf5LI5aMtM12QhV1GTtnW9QxB9iRzKb5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLFl/h0jnkQLlqguVRYYWZVoiAg/MB8GA1UdIwQY
MBaAFNy8q0hZU2z5lllu8Z0qZGEdA2/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTIt
MjY2ZmUyNzM3YjhmLzEvc1dYLUhTT2VSQXVXcUM1VkZoaFpsV2lJQ0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTItMjY2ZmUyNzM3Yjhm
LzEvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ0bAwQB
LYDaAwQAWZYhAwQBwchAAwQBw7/qMA0GCSqGSIb3DQEBCwUAA4IBAQA9DDc1cIIc
toVT+DBlp4dSmdceRnvP0A5QI1NFPQ8uGRyvQTXL+QXtDGGmYXkdKXvqugLaeOoN
G2yOIrmXoymPz4YJB/VzrEJmCLOa2vJCmGdGchOpclrDNIQf/qwNVOL0rpOsMSFQ
nevEYmqiPjBoX7aAQ8YXrkbTjBqKy1Y0kj43M0bMUvSMEava5TNvFguVkhutHaUL
LFTjUXdntKNLU9MvmEydJNNd1l86RjhVtZiEcEwuf/1ZjtE9RO45O6PAPik4wSoX
c1agXoE9xi08jVkjf+Qds/s6XYwvlTuTHiix5BthE2ggkkv/JzuJhDcfSpFdYmza
+krNOA7GM8DS
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:06:16 2026 by rpki-client