Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/SWPMv9UQSGzCa4KB70zA6dyfPlc.roa
File: SWPMv9UQSGzCa4KB70zA6dyfPlc.roa (raw, json)
Hash identifier: 9S+rO131V2QInH0tYF/FnUW7CjfypyqSN3QGTzJR2Dc=
Subject key identifier: 49:63:CC:BF:D5:10:48:6C:C2:6B:82:81:EF:4C:C0:E9:DC:9F:3E:57
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D008FFACD59C1EAC9AE117002D356F8DD
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/SWPMv9UQSGzCa4KB70zA6dyfPlc.roa
Signing time: Wed 18 Mar 2026 10:48:49 +0000
ROA not before: Wed 18 Mar 2026 10:48:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 158.173.240.0/24 maxlen: 24
170.62.239.0/24 maxlen: 24
170.62.244.0/24 maxlen: 24
170.62.245.0/24 maxlen: 24
193.142.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:8f:fa:cd:59:c1:ea:c9:ae:11:70:02:d3:56:f8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 18 10:48:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4963ccbfd510486cc26b8281ef4cc0e9dc9f3e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:7b:79:80:ae:0c:d7:53:5c:24:94:4a:e7:
0b:75:f3:10:93:e5:03:e7:bf:b5:b4:b5:b1:94:59:
36:80:a6:76:b2:24:8c:b0:2c:3a:f6:6b:e4:17:dd:
a6:00:ee:24:fe:fe:f7:af:62:91:f2:1d:da:42:2c:
78:f5:c7:1f:59:06:42:d9:fb:20:05:1d:a0:7e:f8:
6a:cf:e1:f8:15:01:29:de:07:85:2c:d1:f1:20:e2:
38:05:a5:a2:f5:19:ba:b5:9c:99:6a:94:bf:dc:bd:
34:f2:24:16:ae:c4:63:e2:89:58:10:96:7e:1c:4d:
7e:bc:68:a4:f3:ed:4a:71:82:6b:27:8d:6b:b6:f8:
7a:b2:96:6e:c3:48:f5:75:7f:59:96:ba:5d:df:ff:
6b:8d:f7:18:64:c6:8d:73:45:e7:60:11:16:98:dd:
b9:b7:a2:2d:d0:75:14:d7:d1:5a:74:0a:94:13:fd:
ce:c2:d0:3a:01:e0:25:4f:2b:5e:a9:25:f9:c2:07:
2e:93:97:eb:1a:03:70:df:ca:1e:f4:a8:c9:00:60:
74:62:6b:a5:4b:67:7e:8b:0d:48:31:e7:f1:9d:c9:
86:93:42:94:c6:bb:ef:e1:70:74:6a:cc:33:99:62:
8b:a5:ef:b0:34:29:41:0b:5d:74:c6:e9:87:25:71:
2d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:63:CC:BF:D5:10:48:6C:C2:6B:82:81:EF:4C:C0:E9:DC:9F:3E:57
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/SWPMv9UQSGzCa4KB70zA6dyfPlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.240.0/24
170.62.239.0/24
170.62.244.0/23
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:73:26:44:d9:5e:43:62:59:48:d5:12:35:da:d0:10:50:df:
1b:fe:f6:c0:77:9e:be:0a:31:81:e7:37:ed:c9:3b:2e:be:bc:
81:c0:fa:59:58:f6:df:32:23:25:f5:e4:8e:d9:6c:57:27:9d:
fe:50:c0:76:b3:ba:a6:6b:0a:0f:e8:05:91:12:ef:27:72:d8:
b7:64:81:5d:e4:04:03:7c:c2:af:b3:47:32:f2:59:4c:09:be:
01:f8:5a:c3:d0:e5:66:69:36:1a:54:4a:50:cd:be:6f:10:e0:
4b:0a:98:e7:be:1b:db:e6:39:ec:1d:a8:ac:e9:bc:e1:b1:2f:
06:f8:d6:08:eb:5d:10:54:70:bd:cf:af:d0:57:dc:6d:30:87:
22:2f:ff:b5:f7:b9:9b:b2:ee:dc:06:5d:9e:53:64:83:9f:30:
e3:a4:2a:44:20:a8:72:16:1f:7c:bd:c5:3f:50:90:c4:50:29:
5b:17:62:cb:55:86:28:7c:e2:82:63:b8:2e:30:99:59:fa:38:
86:24:a7:86:89:cd:01:c7:35:a7:74:c8:bb:36:28:13:54:79:
5e:0a:85:d8:ed:19:47:af:78:23:e1:d2:cc:cc:c5:e7:9a:f9:
0f:ac:0e:8d:a3:d2:bb:59:c4:cc:d8:c9:63:4c:76:ea:e6:4b:
4f:be:5f:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0Aj/rNWcHqya4RcALTVvjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzE4MTA0ODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTYzY2NiZmQ1MTA0ODZjYzI2YjgyODFlZjRjYzBlOWRjOWYzZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIp7eYCuDNdTXCSUSucLdfMQk+UD
57+1tLWxlFk2gKZ2siSMsCw69mvkF92mAO4k/v73r2KR8h3aQix49ccfWQZC2fsg
BR2gfvhqz+H4FQEp3geFLNHxIOI4BaWi9Rm6tZyZapS/3L008iQWrsRj4olYEJZ+
HE1+vGik8+1KcYJrJ41rtvh6spZuw0j1dX9Zlrpd3/9rjfcYZMaNc0XnYBEWmN25
t6It0HUU19FadAqUE/3OwtA6AeAlTyteqSX5wgcuk5frGgNw38oe9KjJAGB0Ymul
S2d+iw1IMefxncmGk0KUxrvv4XB0aswzmWKLpe+wNClBC110xumHJXEtGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEljzL/VEEhswmuCge9MwOncnz5XMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvU1dQTXY5VVFTR3pDYTRLQjcwekE2ZHlmUGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnq3wAwQA
qj7vAwQBqj70AwQAwY46MA0GCSqGSIb3DQEBCwUAA4IBAQCtcyZE2V5DYllI1RI1
2tAQUN8b/vbAd56+CjGB5zftyTsuvryBwPpZWPbfMiMl9eSO2WxXJ53+UMB2s7qm
awoP6AWREu8ncti3ZIFd5AQDfMKvs0cy8llMCb4B+FrD0OVmaTYaVEpQzb5vEOBL
Cpjnvhvb5jnsHais6bzhsS8G+NYI610QVHC9z6/QV9xtMIciL/+197mbsu7cBl2e
U2SDnzDjpCpEIKhyFh98vcU/UJDEUClbF2LLVYYofOKCY7guMJlZ+jiGJKeGic0B
xzWndMi7NigTVHleCoXY7RlHr3gj4dLMzMXnmvkPrA6No9K7WcTM2MljTHbq5ktP
vl9z
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:32:53 2026 by rpki-client