Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/swDIDdXhan6JmrMaA4zT6XUnyms.roa
File: swDIDdXhan6JmrMaA4zT6XUnyms.roa (raw, json)
Hash identifier: Id1mrQWr6geAN1whlBo6yIqYER8GWPwkHZgiXf0j1EQ=
Subject key identifier: B3:00:C8:0D:D5:E1:6A:7E:89:9A:B3:1A:03:8C:D3:E9:75:27:CA:6B
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0198A7F84E088B5C66E7500B7DB42259FC26
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/swDIDdXhan6JmrMaA4zT6XUnyms.roa
Signing time: Thu 14 Aug 2025 09:45:24 +0000
ROA not before: Thu 14 Aug 2025 09:45:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.42.0/23 maxlen: 23
46.34.47.0/24 maxlen: 24
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:f8:4e:08:8b:5c:66:e7:50:0b:7d:b4:22:59:fc:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Aug 14 09:45:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b300c80dd5e16a7e899ab31a038cd3e97527ca6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4e:6d:f1:b7:12:aa:c9:32:32:d0:b1:6f:12:
47:ed:b9:52:62:e0:39:86:b1:94:15:2a:0c:b1:11:
4a:09:71:ba:08:29:db:95:1b:34:c1:cd:ce:ad:10:
29:ba:3f:6c:18:5c:2a:52:28:ae:9f:0f:cd:59:5e:
20:03:94:85:93:03:2f:59:82:1b:2a:94:47:a7:7f:
29:1d:ad:62:7f:c9:c0:bf:84:5a:a0:f9:d2:ab:a1:
d3:b6:da:25:a5:84:da:be:d0:5c:e8:df:8c:56:65:
30:46:74:9b:88:c1:37:42:ea:75:b0:cd:9c:11:11:
4d:de:29:b7:77:84:44:c1:ce:24:2e:5c:c8:11:6e:
9f:65:57:f7:b6:b1:28:a0:6f:30:53:47:48:95:17:
35:10:26:4b:da:b5:51:59:8e:b7:8d:00:c6:c3:59:
b9:30:10:dc:b9:54:cb:a6:48:db:62:a1:44:e4:8f:
6f:6f:7c:3a:fd:9c:bc:28:4a:86:13:9c:3a:cf:27:
a5:f3:a9:56:f9:48:14:4e:98:5f:b3:cd:e5:b6:1e:
23:2e:65:15:11:c8:3b:84:9d:ed:24:ff:63:8d:21:
d3:1c:31:ae:e6:74:83:16:e1:f7:47:fb:8e:ed:ee:
03:d5:e9:35:5c:c1:99:fa:60:d3:c1:67:d0:7e:f1:
4a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:00:C8:0D:D5:E1:6A:7E:89:9A:B3:1A:03:8C:D3:E9:75:27:CA:6B
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/swDIDdXhan6JmrMaA4zT6XUnyms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/24
46.34.42.0/23
46.34.47.0/24
46.34.49.0/24
46.34.55.0/24
Signature Algorithm: sha256WithRSAEncryption
10:4e:e8:60:1d:38:cc:5c:fb:40:96:e0:35:b9:7b:74:27:86:
48:9a:d2:37:cd:50:bf:d6:74:bb:ed:c4:5c:ac:64:65:50:d4:
94:f6:07:62:e7:21:11:d0:96:74:77:7c:68:37:3e:17:53:05:
c1:9e:15:ed:c9:d1:3d:78:79:43:0a:b4:42:1e:6a:87:a0:e4:
c1:15:55:83:4c:94:72:3b:64:59:91:c7:67:32:f1:6c:c5:1b:
cb:d2:11:fd:ee:97:8c:00:58:1e:32:3e:e8:04:dc:e1:46:20:
f2:8a:02:ab:4b:7d:3e:b7:16:e3:c2:4d:e0:0e:28:6e:5c:45:
9b:0a:f6:ed:44:4c:33:37:a5:d7:bf:a1:f9:4f:42:1c:b5:b5:
57:8f:5a:5e:1d:a1:15:e4:94:55:a8:23:ad:fb:f2:30:59:93:
b6:79:ef:a1:1f:54:27:8d:69:1f:b0:72:6b:d6:6c:83:5f:02:
e8:fb:1f:36:2e:2c:6a:a3:4e:d9:53:cd:c2:90:61:df:7a:ba:
a8:51:c3:04:8e:92:91:8d:5c:d8:8d:49:01:e1:20:e0:c1:c8:
00:87:54:67:d4:be:6b:ee:16:fc:0b:71:f5:fb:97:38:29:ee:
84:36:db:b7:dc:ec:61:49:ac:a9:9e:f0:fb:91:ad:54:98:e6:
fc:60:d8:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZin+E4Ii1xm51ALfbQiWfwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjUwODE0MDk0NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzAwYzgwZGQ1ZTE2YTdlODk5YWIzMWEwMzhjZDNlOTc1MjdjYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs05t8bcSqskyMtCxbxJH7blSYuA5
hrGUFSoMsRFKCXG6CCnblRs0wc3OrRApuj9sGFwqUiiunw/NWV4gA5SFkwMvWYIb
KpRHp38pHa1if8nAv4RaoPnSq6HTttolpYTavtBc6N+MVmUwRnSbiME3Qup1sM2c
ERFN3im3d4REwc4kLlzIEW6fZVf3trEooG8wU0dIlRc1ECZL2rVRWY63jQDGw1m5
MBDcuVTLpkjbYqFE5I9vb3w6/Zy8KEqGE5w6zyel86lW+UgUTphfs83lth4jLmUV
Ecg7hJ3tJP9jjSHTHDGu5nSDFuH3R/uO7e4D1ek1XMGZ+mDTwWfQfvFK9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLMAyA3V4Wp+iZqzGgOM0+l1J8prMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvc3dESURkWGhhbjZKbXJNYUE0elQ2WFVueW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiImAwQB
LiIqAwQALiIvAwQALiIxAwQALiI3MA0GCSqGSIb3DQEBCwUAA4IBAQAQTuhgHTjM
XPtAluA1uXt0J4ZImtI3zVC/1nS77cRcrGRlUNSU9gdi5yER0JZ0d3xoNz4XUwXB
nhXtydE9eHlDCrRCHmqHoOTBFVWDTJRyO2RZkcdnMvFsxRvL0hH97peMAFgeMj7o
BNzhRiDyigKrS30+txbjwk3gDihuXEWbCvbtREwzN6XXv6H5T0IctbVXj1peHaEV
5JRVqCOt+/IwWZO2ee+hH1QnjWkfsHJr1myDXwLo+x82Lixqo07ZU83CkGHferqo
UcMEjpKRjVzYjUkB4SDgwcgAh1Rn1L5r7hb8C3H1+5c4Ke6ENtu33OxhSaypnvD7
ka1UmOb8YNjS
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:44:46 2025 by rpki-client