Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/SWZ731YmHf9GvH8Lkc-8awFctFs.roa
File: SWZ731YmHf9GvH8Lkc-8awFctFs.roa (raw, json)
Hash identifier: YMn4x1FGAr61bxn/Z7AB4iuUFTZ6bShjnEOsfqmAjsc=
Subject key identifier: 49:66:7B:DF:56:26:1D:FF:46:BC:7F:0B:91:CF:BC:6B:01:5C:B4:5B
Certificate issuer: /CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d
Certificate serial: 019A01B83EBB06F4D5C45BA273FD964CAB03
Authority key identifier: FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/SWZ731YmHf9GvH8Lkc-8awFctFs.roa
Signing time: Mon 20 Oct 2025 13:04:03 +0000
ROA not before: Mon 20 Oct 2025 13:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a02:e9c1::/32 maxlen: 32
2a02:e9c2::/32 maxlen: 32
2a02:e9c4::/32 maxlen: 32
2a02:e9c7::/32 maxlen: 32
2a13:6cc0::/32 maxlen: 32
2a13:6cc3::/32 maxlen: 32
2a13:6cc4::/32 maxlen: 32
2a13:6cc5::/32 maxlen: 32
2a13:6cc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 15:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b8:3e:bb:06:f4:d5:c4:5b:a2:73:fd:96:4c:ab:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d
Validity
Not Before: Oct 20 13:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49667bdf56261dff46bc7f0b91cfbc6b015cb45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:10:7b:0c:f5:0d:bf:4d:c0:d1:51:6e:9f:35:
a5:4d:ba:7b:4b:84:76:77:6b:11:08:75:c8:3e:f8:
06:58:d4:a7:61:67:fb:ac:cd:88:af:82:4c:03:23:
14:0e:72:df:f9:e3:af:d3:c6:2a:28:c0:ae:ad:d7:
5d:f6:7f:8a:c2:89:af:d4:a1:3c:92:8f:96:d0:44:
b6:d4:17:ae:ac:0b:ff:ca:c4:81:d6:6d:b5:0b:e7:
91:c9:29:af:ea:7e:83:49:f3:9f:28:ac:09:eb:8c:
d1:91:2b:75:e9:47:5a:34:4e:07:1f:7f:7b:38:6e:
a1:98:60:a9:3f:ce:df:aa:11:bf:a1:eb:c0:80:1e:
02:f1:ce:47:8b:18:30:32:25:61:68:f0:15:64:e0:
10:a3:d3:78:e9:6a:25:b2:eb:59:f5:f0:46:82:f2:
50:fc:12:c0:1e:49:36:2f:2d:a4:b7:34:27:33:cb:
a9:66:87:17:f1:aa:74:bb:3d:5f:54:b1:16:f2:d9:
f5:c5:cf:60:e7:24:86:27:cd:cb:66:e7:cd:17:c9:
bd:d0:fa:0c:bf:1b:6a:19:ec:60:8b:05:cd:38:4e:
d9:c5:19:1f:6d:d2:c2:ff:95:3d:4b:77:ca:59:a6:
25:c3:20:5e:67:71:a6:b3:18:d1:f0:8e:b0:2f:16:
1e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:66:7B:DF:56:26:1D:FF:46:BC:7F:0B:91:CF:BC:6B:01:5C:B4:5B
X509v3 Authority Key Identifier:
keyid:FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/SWZ731YmHf9GvH8Lkc-8awFctFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e9c1::-2a02:e9c2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:e9c4::/32
2a02:e9c7::/32
2a13:6cc0::/32
2a13:6cc3::-2a13:6cc5:ffff:ffff:ffff:ffff:ffff:ffff
2a13:6cc7::/32
Signature Algorithm: sha256WithRSAEncryption
93:1b:e3:00:b6:d4:3e:36:12:1a:33:13:2b:a5:8b:1d:80:dc:
5e:46:5d:93:e2:2f:41:42:11:b0:33:d7:79:10:0b:0c:5a:7b:
d7:80:59:31:76:90:13:48:a3:95:be:5d:7e:64:14:28:f8:36:
97:0d:0e:46:84:a8:01:13:98:89:af:86:b4:56:74:5a:be:66:
74:6d:d4:6e:d5:31:70:43:83:bd:fe:3e:06:be:f0:f4:9c:3c:
f3:ca:75:51:1c:fb:c7:68:d1:01:99:37:ea:19:31:3a:f8:1a:
fb:ee:af:40:70:4c:c9:0d:80:f2:66:7b:4a:83:d6:83:e7:24:
81:ef:fa:2a:a5:4d:cf:13:e2:fa:27:a8:d0:61:ba:da:c6:d2:
33:df:86:e0:17:32:00:54:20:2a:59:72:f2:02:22:89:5b:98:
8d:d4:73:05:15:c2:64:db:59:e7:9e:48:08:3d:6f:70:57:d5:
54:50:92:a2:67:a0:62:10:f7:be:ee:7c:de:72:6a:cb:3a:a6:
b4:a5:29:98:c3:17:86:42:61:6a:5a:a3:6b:7a:4c:ef:cb:30:
aa:f5:8d:f4:fb:a6:5c:20:09:79:e4:59:ed:67:5d:4f:85:e9:
de:8a:80:98:3e:38:77:4e:11:55:d6:08:9e:fc:29:4a:35:cd:
64:33:07:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZoBuD67BvTVxFuic/2WTKsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGJmYmRiNmU5NzVkZGNhOGY2ZGQ5NjhjMzdhN2Q1NTYw
ZTY5MWQwHhcNMjUxMDIwMTMwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTY2N2JkZjU2MjYxZGZmNDZiYzdmMGI5MWNmYmM2YjAxNWNiNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xB7DPUNv03A0VFunzWlTbp7S4R2
d2sRCHXIPvgGWNSnYWf7rM2Ir4JMAyMUDnLf+eOv08YqKMCurddd9n+Kwomv1KE8
ko+W0ES21BeurAv/ysSB1m21C+eRySmv6n6DSfOfKKwJ64zRkSt16UdaNE4HH397
OG6hmGCpP87fqhG/oevAgB4C8c5HixgwMiVhaPAVZOAQo9N46WolsutZ9fBGgvJQ
/BLAHkk2Ly2ktzQnM8upZocX8ap0uz1fVLEW8tn1xc9g5ySGJ83LZufNF8m90PoM
vxtqGexgiwXNOE7ZxRkfbdLC/5U9S3fKWaYlwyBeZ3GmsxjR8I6wLxYe2QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFElme99WJh3/Rrx/C5HPvGsBXLRbMB8GA1UdIwQY
MBaAFP/b+9tul13cqPbdlow3p9VWDmkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUt
MTk3NjlmNTc4ZWZkLzEvU1daNzMxWW1IZjlHdkg4TGtjLThhd0ZjdEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUtMTk3NjlmNTc4ZWZk
LzEvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8MA4DBQAqAunB
AwUAKgLpwgMFACoC6cQDBQAqAunHAwUAKhNswDAOAwUAKhNswwMFASoTbMQDBQAq
E2zHMA0GCSqGSIb3DQEBCwUAA4IBAQCTG+MAttQ+NhIaMxMrpYsdgNxeRl2T4i9B
QhGwM9d5EAsMWnvXgFkxdpATSKOVvl1+ZBQo+DaXDQ5GhKgBE5iJr4a0VnRavmZ0
bdRu1TFwQ4O9/j4GvvD0nDzzynVRHPvHaNEBmTfqGTE6+Br77q9AcEzJDYDyZntK
g9aD5ySB7/oqpU3PE+L6J6jQYbraxtIz34bgFzIAVCAqWXLyAiKJW5iN1HMFFcJk
21nnnkgIPW9wV9VUUJKiZ6BiEPe+7nzecmrLOqa0pSmYwxeGQmFqWqNrekzvyzCq
9Y30+6ZcIAl55FntZ11PheneioCYPjh3ThFV1gie/ClKNc1kMwe1
-----END CERTIFICATE-----
Generated at Fri Oct 24 22:13:52 2025 by rpki-client