Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/SwcgVnhGmzMWqIm_KFB-KKc0RJo.roa
File: SwcgVnhGmzMWqIm_KFB-KKc0RJo.roa (raw, json)
Hash identifier: zsctMXkFR2wIfF/ZZB2QR24YMG6LeLpv/U7aSRBkmeo=
Subject key identifier: 4B:07:20:56:78:46:9B:33:16:A8:89:BF:28:50:7E:28:A7:34:44:9A
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01964D7B06FE3C275DDFF822CB4B87E2376B
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/SwcgVnhGmzMWqIm_KFB-KKc0RJo.roa
Signing time: Sat 19 Apr 2025 09:57:10 +0000
ROA not before: Sat 19 Apr 2025 09:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
85.92.108.0/24 maxlen: 24
89.191.226.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:7b:06:fe:3c:27:5d:df:f8:22:cb:4b:87:e2:37:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 19 09:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b07205678469b3316a889bf28507e28a734449a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:47:7f:58:04:e0:18:a1:1c:b3:e1:9f:1f:
b4:ea:cc:21:c5:58:02:e8:d7:15:97:f3:8b:07:53:
e0:f7:83:cb:c3:6f:56:81:93:8e:9d:f5:57:1f:83:
47:8c:bc:6d:10:dd:1a:5c:c7:c1:c4:64:06:11:98:
d6:e7:c3:53:be:13:73:50:9a:de:10:09:70:6a:11:
3c:69:83:0d:89:5b:6d:36:b9:b2:df:c2:b8:09:de:
30:90:92:5e:76:55:77:fb:d9:f3:7b:25:eb:fa:57:
4f:0a:d2:4a:2d:3f:0b:07:2b:9b:ed:4b:93:a4:0b:
12:02:df:9a:b7:4e:5f:af:84:7d:97:23:f0:f5:ef:
09:6f:e4:37:68:04:d9:e8:6a:17:a5:0f:31:97:2b:
34:bf:36:c0:af:37:5d:c3:4b:bc:c1:a3:1c:e2:0f:
c0:e0:47:6a:b2:f3:e8:85:d7:a1:ae:e0:db:35:90:
f0:d2:bc:e5:bb:77:cd:55:e8:0a:ad:2a:6e:5d:a8:
da:48:9d:24:05:65:e5:24:96:22:fe:56:d9:02:f3:
8c:f6:3b:9f:cd:31:da:60:14:b9:5c:3c:e1:5c:3b:
65:0b:1f:7c:20:ea:93:f6:b1:a7:4b:15:f0:77:cf:
42:a6:9d:8b:52:1c:94:04:a6:32:6d:ce:2f:4f:a5:
3d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:07:20:56:78:46:9B:33:16:A8:89:BF:28:50:7E:28:A7:34:44:9A
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/SwcgVnhGmzMWqIm_KFB-KKc0RJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
37.220.81.0-37.220.85.255
45.95.235.0/24
46.19.68.0/23
81.200.154.0-81.200.157.255
85.92.108.0/24
89.191.226.0/24
141.98.235.0/24
185.166.196.0/23
194.31.173.0-194.31.175.255
Signature Algorithm: sha256WithRSAEncryption
6b:2a:f8:0a:12:e7:ca:07:c9:7c:cd:1b:ee:b8:6a:03:88:b0:
c5:19:8d:91:90:81:77:f0:a4:b9:e0:92:51:18:6f:b3:40:3c:
45:27:b5:8d:83:6b:5e:7b:c5:3d:b3:0a:78:79:c7:79:bb:77:
d2:aa:ea:c3:42:41:40:6f:a2:06:70:b1:76:bf:11:bf:53:59:
64:49:53:13:a7:e1:37:0d:fe:dc:1f:fd:45:b3:8a:87:91:e5:
48:66:31:4d:60:fa:26:47:9c:53:e9:22:1a:bb:03:f4:a6:ad:
df:c4:d8:d2:58:2a:09:5d:88:80:80:0a:43:60:cc:fd:69:72:
27:ef:a7:46:07:a0:66:dc:ac:d2:44:36:18:d6:cf:9a:7d:ad:
9a:a4:f5:68:57:a1:fe:cc:43:51:f7:fa:2c:14:d3:e7:af:ae:
62:f5:36:32:5a:71:ef:41:f1:c4:ef:f0:32:18:59:ed:55:e2:
52:93:c2:fa:15:15:68:87:7b:bb:1c:cb:8e:ca:93:c1:d1:8d:
bc:af:c2:e1:eb:cf:d1:b4:e0:72:83:4f:34:ac:93:66:23:b6:
3f:dd:12:50:0a:6f:d2:ab:99:fe:9d:68:08:0d:ac:79:2b:65:
a7:79:4c:94:43:19:d7:fa:7a:b4:61:42:82:9f:f2:9c:80:5e:
c9:00:38:72
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZZNewb+PCdd3/giy0uH4jdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjUwNDE5MDk1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjA3MjA1Njc4NDY5YjMzMTZhODg5YmYyODUwN2UyOGE3MzQ0NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovdHf1gE4BihHLPhnx+06swhxVgC
6NcVl/OLB1Pg94PLw29WgZOOnfVXH4NHjLxtEN0aXMfBxGQGEZjW58NTvhNzUJre
EAlwahE8aYMNiVttNrmy38K4Cd4wkJJedlV3+9nzeyXr+ldPCtJKLT8LByub7UuT
pAsSAt+at05fr4R9lyPw9e8Jb+Q3aATZ6GoXpQ8xlys0vzbArzddw0u8waMc4g/A
4EdqsvPohdehruDbNZDw0rzlu3fNVegKrSpuXajaSJ0kBWXlJJYi/lbZAvOM9juf
zTHaYBS5XDzhXDtlCx98IOqT9rGnSxXwd89Cpp2LUhyUBKYybc4vT6U93wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEsHIFZ4RpszFqiJvyhQfiinNESaMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvU3djZ1ZuaEdtek1XcUltX0tGQi1LS2MwUkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSwuMAwD
BAAl3FEDBAEl3FQDBAAtX+sDBAEuE0QwDAMEAVHImgMEAVHInAMEAFVcbAMEAFm/
4gMEAI1i6wMEAbmmxDAMAwQAwh+tAwQEwh+gMA0GCSqGSIb3DQEBCwUAA4IBAQBr
KvgKEufKB8l8zRvuuGoDiLDFGY2RkIF38KS54JJRGG+zQDxFJ7WNg2tee8U9swp4
ecd5u3fSqurDQkFAb6IGcLF2vxG/U1lkSVMTp+E3Df7cH/1Fs4qHkeVIZjFNYPom
R5xT6SIauwP0pq3fxNjSWCoJXYiAgApDYMz9aXIn76dGB6Bm3KzSRDYY1s+afa2a
pPVoV6H+zENR9/osFNPnr65i9TYyWnHvQfHE7/AyGFntVeJSk8L6FRVoh3u7HMuO
ypPB0Y28r8Lh68/RtOByg080rJNmI7Y/3RJQCm/Sq5n+nWgIDax5K2WneUyUQxnX
+nq0YUKCn/KcgF7JADhy
-----END CERTIFICATE-----
Generated at Tue Apr 29 23:58:23 2025 by rpki-client