Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/SMgRC4CuBXV__0uh7hMZJPp526I.roa
File: SMgRC4CuBXV__0uh7hMZJPp526I.roa (raw, json)
Hash identifier: q90cjV8xUyFwL4y2m0KAQvnLqB0y5wCNss55Rkz0PM0=
Subject key identifier: 48:C8:11:0B:80:AE:05:75:7F:FF:4B:A1:EE:13:19:24:FA:79:DB:A2
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 0196C3A7B639C2B28D2A3D3AE95E40C3FA7D
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/SMgRC4CuBXV__0uh7hMZJPp526I.roa
Signing time: Mon 12 May 2025 08:41:10 +0000
ROA not before: Mon 12 May 2025 08:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59395
IP address blocks: 5.133.16.0/21 maxlen: 21
46.31.80.0/21 maxlen: 21
46.31.168.0/21 maxlen: 21
46.231.64.0/21 maxlen: 21
82.144.224.0/19 maxlen: 19
87.238.216.0/21 maxlen: 21
89.105.0.0/19 maxlen: 19
109.235.120.0/21 maxlen: 21
185.7.188.0/22 maxlen: 22
185.36.248.0/22 maxlen: 22
185.45.24.0/22 maxlen: 22
185.63.80.0/22 maxlen: 22
185.65.24.0/22 maxlen: 22
185.74.232.0/21 maxlen: 21
185.74.232.0/22 maxlen: 22
185.74.236.0/22 maxlen: 22
185.109.106.0/24 maxlen: 24
185.159.216.0/22 maxlen: 22
185.175.112.0/22 maxlen: 22
217.119.128.0/24 maxlen: 24
217.119.137.0/24 maxlen: 24
2a02:73c0::/32 maxlen: 32
2a05:4b80::/29 maxlen: 29
2a05:4bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:a7:b6:39:c2:b2:8d:2a:3d:3a:e9:5e:40:c3:fa:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: May 12 08:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48c8110b80ae05757fff4ba1ee131924fa79dba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:73:2e:c3:c8:14:b2:3f:f5:bd:56:cb:a9:
7d:2a:a7:90:63:c0:9e:e7:7a:d6:c9:1d:38:04:90:
01:fe:20:49:4d:6f:17:d0:19:91:12:cf:e9:b0:20:
51:a3:f5:50:1f:01:af:aa:8a:02:b2:f8:d9:08:57:
f8:c8:08:bd:58:cd:79:02:9c:4e:4f:67:b1:14:41:
7a:26:ef:5d:aa:7a:22:f2:f2:e9:6d:24:0f:be:1b:
81:ae:dc:16:78:47:83:22:0a:8e:cd:00:d7:02:45:
b5:6d:02:1a:82:b2:1c:03:32:45:ad:bd:4b:34:2b:
a0:17:fe:c4:ce:75:95:e1:1f:2e:83:c3:9c:91:b0:
fe:fd:68:b5:8a:09:e1:04:b3:d6:9e:7e:4a:84:63:
55:5e:2c:e7:32:81:3d:1a:ab:64:61:78:4d:df:78:
f4:52:03:54:f6:8c:af:48:9d:d0:e1:3d:33:37:dc:
83:1a:af:61:d0:54:77:d5:31:99:11:0d:32:a7:16:
c6:9a:cf:f5:42:59:ce:f6:ef:3b:2a:3e:40:1e:7b:
0b:d9:94:b5:b6:c8:c3:2f:81:11:5f:36:dc:8a:8f:
b5:4f:72:15:4d:f8:a2:b2:e4:00:ee:67:de:60:d9:
22:cc:68:e5:7e:0f:9d:f8:f9:b6:63:9e:08:52:71:
ac:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:11:0B:80:AE:05:75:7F:FF:4B:A1:EE:13:19:24:FA:79:DB:A2
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/SMgRC4CuBXV__0uh7hMZJPp526I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.16.0/21
46.31.80.0/21
46.31.168.0/21
46.231.64.0/21
82.144.224.0/19
87.238.216.0/21
89.105.0.0/19
109.235.120.0/21
185.7.188.0/22
185.36.248.0/22
185.45.24.0/22
185.63.80.0/22
185.65.24.0/22
185.74.232.0/21
185.109.106.0/24
185.159.216.0/22
185.175.112.0/22
217.119.128.0/24
217.119.137.0/24
IPv6:
2a02:73c0::/32
2a05:4b80::/29
2a05:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:9b:67:ce:65:6d:06:dd:34:9b:65:a6:51:60:87:fc:a1:e6:
5f:7e:6c:28:23:b0:f3:3b:2a:07:88:c0:97:5f:b2:0e:c6:50:
ac:31:ed:2f:1b:3b:70:2c:e4:3b:b6:05:6c:05:09:9c:a4:a2:
ad:94:3a:ff:ef:2b:29:88:87:14:99:81:8d:c0:c1:f6:af:e0:
c9:54:fd:e1:7f:97:e8:82:f0:6e:79:23:65:b9:2f:6d:64:2c:
54:c3:82:46:bc:87:92:66:db:99:51:47:e0:d8:4a:68:6d:9f:
87:5d:4d:e1:fb:3a:20:a3:04:c1:68:32:a4:6e:f5:95:6f:3d:
7d:c9:60:03:88:03:af:4a:7a:7c:1d:5d:b3:92:0a:39:8e:e4:
91:2b:a1:b0:34:ea:04:76:d7:0c:e4:4e:1d:26:0f:d6:ef:7e:
65:52:66:cf:5e:f1:28:55:0f:31:e5:8b:2e:e9:92:8c:fa:ed:
e3:ee:68:b3:c1:04:51:a4:1b:15:6f:1a:b3:53:09:cb:83:60:
99:3b:3c:a4:40:97:9c:30:12:86:68:2e:36:a7:b6:f1:91:1f:
c8:59:16:10:46:17:ca:53:51:54:c2:66:c9:70:47:1e:a3:1a:
87:a1:84:b6:a7:ab:c7:21:29:b9:d5:a1:64:c6:cd:9d:a5:15:
3a:10:03:6f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZbDp7Y5wrKNKj066V5Aw/p9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjUwNTEyMDg0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM4MTEwYjgwYWUwNTc1N2ZmZjRiYTFlZTEzMTkyNGZhNzlkYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreZzLsPIFLI/9b1Wy6l9KqeQY8Ce
53rWyR04BJAB/iBJTW8X0BmREs/psCBRo/VQHwGvqooCsvjZCFf4yAi9WM15ApxO
T2exFEF6Ju9dqnoi8vLpbSQPvhuBrtwWeEeDIgqOzQDXAkW1bQIagrIcAzJFrb1L
NCugF/7EznWV4R8ug8OckbD+/Wi1ignhBLPWnn5KhGNVXiznMoE9GqtkYXhN33j0
UgNU9oyvSJ3Q4T0zN9yDGq9h0FR31TGZEQ0ypxbGms/1QlnO9u87Kj5AHnsL2ZS1
tsjDL4ERXzbcio+1T3IVTfiisuQA7mfeYNkizGjlfg+d+Pm2Y54IUnGs4QIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFEjIEQuArgV1f/9Loe4TGST6eduiMB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEvU01nUkM0Q3VCWFZfXzB1aDdoTVpKUHA1MjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByAwQDBYUQ
AwQDLh9QAwQDLh+oAwQDLudAAwQFUpDgAwQDV+7YAwQFWWkAAwQDbet4AwQCuQe8
AwQCuST4AwQCuS0YAwQCuT9QAwQCuUEYAwQDuUroAwQAuW1qAwQCuZ/YAwQCua9w
AwQA2XeAAwQA2XeJMBsEAgACMBUDBQAqAnPAAwUDKgVLgAMFAyoFS8AwDQYJKoZI
hvcNAQELBQADggEBAMCbZ85lbQbdNJtlplFgh/yh5l9+bCgjsPM7KgeIwJdfsg7G
UKwx7S8bO3As5Du2BWwFCZykoq2UOv/vKymIhxSZgY3Awfav4MlU/eF/l+iC8G55
I2W5L21kLFTDgka8h5Jm25lRR+DYSmhtn4ddTeH7OiCjBMFoMqRu9ZVvPX3JYAOI
A69KenwdXbOSCjmO5JErobA06gR21wzkTh0mD9bvfmVSZs9e8ShVDzHliy7pkoz6
7ePuaLPBBFGkGxVvGrNTCcuDYJk7PKRAl5wwEoZoLjantvGRH8hZFhBGF8pTUVTC
ZslwRx6jGoehhLanq8chKbnVoWTGzZ2lFToQA28=
-----END CERTIFICATE-----
Generated at Tue May 13 15:25:21 2025 by rpki-client