Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/smg13oH1hBQbA_5m43nwaI3gdg8.roa
File: smg13oH1hBQbA_5m43nwaI3gdg8.roa (raw, json)
Hash identifier: ZdZ3yucmGYB2CT4hyegkGOfWlkmsWAk5BlNxC0F98/Y=
Subject key identifier: B2:68:35:DE:81:F5:84:14:1B:03:FE:66:E3:79:F0:68:8D:E0:76:0F
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0198791D30286C2FAE3D54858EFCE34043FC
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/smg13oH1hBQbA_5m43nwaI3gdg8.roa
Signing time: Tue 05 Aug 2025 07:23:32 +0000
ROA not before: Tue 05 Aug 2025 07:23:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21267
IP address blocks: 5.39.176.0/21 maxlen: 24
5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
80.87.16.0/20 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
87.236.128.0/21 maxlen: 24
88.151.152.0/21 maxlen: 24
89.38.120.0/21 maxlen: 24
91.143.64.0/20 maxlen: 24
92.42.120.0/21 maxlen: 24
93.115.176.0/20 maxlen: 24
94.142.168.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.52.144.0/22 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.178.218.0/24 maxlen: 24
185.178.219.0/24 maxlen: 24
185.182.0.0/21 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
188.94.19.0/24 maxlen: 24
188.94.21.0/24 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:1d:30:28:6c:2f:ae:3d:54:85:8e:fc:e3:40:43:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Aug 5 07:23:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b26835de81f584141b03fe66e379f0688de0760f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2d:31:70:4c:28:cc:c5:08:f5:da:0d:ab:4d:
85:3b:53:2f:7e:30:0a:d2:82:08:61:95:95:16:f3:
5b:47:b4:7c:5b:bf:c2:dd:8f:ba:e3:1e:43:9e:4b:
96:a5:a1:b6:3b:15:80:d0:8d:10:1a:c9:ec:21:23:
d1:8f:7e:b4:58:4a:9b:55:59:84:4a:79:09:1f:33:
2a:59:a5:3a:18:e3:04:a7:f3:1f:20:19:6a:1e:38:
84:78:58:e1:da:ca:6a:11:51:15:6f:c3:12:a7:f7:
f1:c2:24:43:6a:67:ab:c7:b7:25:e8:b7:0c:c4:a0:
0d:36:cd:f8:eb:ca:b5:cc:be:9c:3c:7f:f2:86:30:
97:a6:45:8f:b0:41:29:0e:34:32:31:fd:ab:af:f0:
f3:75:68:59:5c:0a:5d:3f:75:15:c6:55:dd:13:b9:
ad:50:fb:e3:49:09:7a:86:9d:71:13:72:89:3b:b7:
79:51:a2:1d:75:5c:c2:c5:42:8c:7e:6d:5b:a4:2f:
9b:57:bc:5e:15:8e:16:6c:69:d7:0c:ac:ff:03:78:
f3:fe:93:c4:81:b4:17:c3:46:96:12:7a:00:fa:23:
5b:59:58:27:ae:36:f0:7a:aa:e3:fc:5e:27:81:b6:
4f:d3:bc:16:02:fa:4a:7e:e0:76:07:73:d8:e5:82:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:68:35:DE:81:F5:84:14:1B:03:FE:66:E3:79:F0:68:8D:E0:76:0F
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/smg13oH1hBQbA_5m43nwaI3gdg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.176.0/21
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
80.87.16.0/20
83.150.252.0/22
85.95.96.0/19
87.236.128.0/21
88.151.152.0/21
89.38.120.0/21
91.143.64.0/20
92.42.120.0/21
93.115.176.0/20
94.142.168.0/21
95.129.64.0/21
176.58.0.0/21
185.52.144.0/22
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.0.0/21
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:ca:1b:57:df:6f:b3:0c:5c:16:b9:13:54:88:6b:fc:b2:25:
d8:1c:bf:74:57:fd:24:de:21:1f:38:e0:61:10:e4:9b:8f:55:
4b:35:73:12:2e:04:e7:c9:4b:9d:0f:ff:32:1d:ec:20:13:0e:
29:ca:3b:a1:3f:e8:9e:de:b2:e9:09:ea:6c:19:cb:94:3a:e1:
f8:5b:ca:6a:ba:10:58:64:fe:1d:e0:7e:51:b6:7b:3b:db:6e:
e1:e3:23:e8:de:d1:d0:44:fc:74:9b:65:aa:c6:c5:c3:09:d4:
0a:0d:ce:b9:71:73:f9:2b:23:30:a7:91:a6:a9:a9:70:cd:43:
40:66:d0:8c:2f:2e:99:d3:7b:d4:5f:75:5f:9b:e6:fe:89:ec:
e2:44:85:60:b1:c8:07:b6:8c:65:ef:d6:33:d9:2c:3f:c4:e4:
d5:6d:08:87:d9:d8:38:15:58:54:e9:16:10:8f:a3:41:b9:45:
ed:b0:ef:d8:f4:6b:52:88:24:31:29:ba:b8:d3:f2:c9:d0:09:
8a:72:10:97:88:a8:99:b4:39:6b:be:af:60:41:21:ad:0b:73:
9b:48:d4:b7:3b:13:83:87:8b:05:1d:dd:dc:27:81:a9:2e:1a:
18:82:0e:32:df:87:25:02:cf:e5:e1:db:7b:c9:d0:57:06:b6:
a2:2f:21:67
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISAZh5HTAobC+uPVSFjvzjQEP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwODA1MDcyMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY4MzVkZTgxZjU4NDE0MWIwM2ZlNjZlMzc5ZjA2ODhkZTA3NjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C0xcEwozMUI9doNq02FO1MvfjAK
0oIIYZWVFvNbR7R8W7/C3Y+64x5DnkuWpaG2OxWA0I0QGsnsISPRj360WEqbVVmE
SnkJHzMqWaU6GOMEp/MfIBlqHjiEeFjh2spqEVEVb8MSp/fxwiRDamerx7cl6LcM
xKANNs3468q1zL6cPH/yhjCXpkWPsEEpDjQyMf2rr/DzdWhZXApdP3UVxlXdE7mt
UPvjSQl6hp1xE3KJO7d5UaIddVzCxUKMfm1bpC+bV7xeFY4WbGnXDKz/A3jz/pPE
gbQXw0aWEnoA+iNbWVgnrjbweqrj/F4ngbZP07wWAvpKfuB2B3PY5YIOFwIDAQAB
o4IDJjCCAyIwHQYDVR0OBBYEFLJoNd6B9YQUGwP+ZuN58GiN4HYPMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvc21nMTNvSDFoQlFiQV81bTQzbndhSTNnZGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOgYIKwYBBQUHAQcBAf8EggEpMIIBJTCCARIEAgABMIIB
CgMEAwUnsAMEAwWf0AMEAgW1SAMEAx/AYAMEAi0IZAMEAi2EbAMEAi2JLAMEBFBK
8AMEBFBXEAMEAlOW/AMEBVVfYAMEA1fsgAMEA1iXmAMEA1kmeAMEBFuPQAMEA1wq
eAMEBF1zsAMEA16OqAMEA1+BQAMEA7A6AAMEArk0kAMEArlPuAMEArlaAAMEArle
zAMEArljTAMEArmRWAMEArmy2AMEA7m2AAMEAbm2yAMEArnM1AMEArnlBAMEArn2
hAMEArn3yAMEArn4/AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEYHwMEBcMa
IAMEAcNYCDAMAwQC1AtEAwQC1AtIAwQE2ZGAMA0EAgACMAcDBQAqAPHAMA0GCSqG
SIb3DQEBCwUAA4IBAQAEyhtX32+zDFwWuRNUiGv8siXYHL90V/0k3iEfOOBhEOSb
j1VLNXMSLgTnyUudD/8yHewgEw4pyjuhP+ie3rLpCepsGcuUOuH4W8pquhBYZP4d
4H5Rtns7227h4yPo3tHQRPx0m2WqxsXDCdQKDc65cXP5KyMwp5GmqalwzUNAZtCM
Ly6Z03vUX3Vfm+b+ieziRIVgscgHtoxl79Yz2Sw/xOTVbQiH2dg4FVhU6RYQj6NB
uUXtsO/Y9GtSiCQxKbq40/LJ0AmKchCXiKiZtDlrvq9gQSGtC3ObSNS3OxODh4sF
Hd3cJ4GpLhoYgg4y34clAs/l4dt7ydBXBraiLyFn
-----END CERTIFICATE-----
Generated at Mon Aug 11 01:54:13 2025 by rpki-client