Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/jnFs14ubYigoY0h9h1_Eofh0724.roa
File: jnFs14ubYigoY0h9h1_Eofh0724.roa (raw, json)
Hash identifier: cmLBP5v8zTmaWqQDLZqcYtnuqxPCD1kybV6k+KwkWhM=
Subject key identifier: 8E:71:6C:D7:8B:9B:62:28:28:63:48:7D:87:5F:C4:A1:F8:74:EF:6E
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 01970DE13F492366093D7CA513FD66E01992
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/jnFs14ubYigoY0h9h1_Eofh0724.roa
Signing time: Mon 26 May 2025 18:35:54 +0000
ROA not before: Mon 26 May 2025 18:35:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58073
IP address blocks: 2.58.20.0/22 maxlen: 22
2.58.23.0/24 maxlen: 24
37.220.32.0/21 maxlen: 24
45.10.116.0/22 maxlen: 22
45.82.44.0/22 maxlen: 22
45.88.16.0/22 maxlen: 22
45.93.32.0/22 maxlen: 22
45.129.176.0/22 maxlen: 22
45.145.252.0/22 maxlen: 22
46.182.104.0/24 maxlen: 24
46.182.105.0/24 maxlen: 24
46.182.106.0/24 maxlen: 24
46.182.107.0/24 maxlen: 24
46.182.109.0/24 maxlen: 24
46.182.110.0/24 maxlen: 24
46.182.111.0/24 maxlen: 24
185.38.12.0/22 maxlen: 24
193.104.186.0/24 maxlen: 24
2a02:2a38::/32 maxlen: 32
2a02:2a38:37::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:e1:3f:49:23:66:09:3d:7c:a5:13:fd:66:e0:19:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: May 26 18:35:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e716cd78b9b62282863487d875fc4a1f874ef6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:29:a6:08:a0:93:dd:e1:be:4b:09:b9:3b:
e2:88:2b:e7:25:b9:b2:16:fc:35:47:0f:8c:8b:04:
df:68:d4:15:f4:e6:46:2f:f9:6e:a3:92:82:d1:cd:
81:44:75:fc:9f:5f:de:cb:a0:02:b4:79:75:da:bf:
3a:07:88:d9:38:bc:38:4d:f6:a5:36:5c:7a:13:46:
c0:81:38:60:e5:cd:6b:9c:51:8d:c7:c3:7d:70:80:
02:59:79:10:65:d9:b2:01:b2:32:35:b1:00:24:5f:
21:64:aa:f5:09:b5:40:bb:5e:2e:e1:0f:27:93:f9:
71:0e:3f:20:7e:1d:27:4d:c8:b5:68:70:a3:72:2f:
7d:90:90:c3:be:a3:d1:3b:87:45:e2:41:90:ca:17:
f1:8a:59:dc:75:d6:34:86:d0:32:80:16:d7:3c:3f:
8c:ce:ac:ca:db:8e:07:27:62:54:05:41:28:a7:6d:
af:d9:12:b6:7b:3e:ad:21:45:3d:5a:68:a3:83:91:
5a:78:b2:34:a7:a6:15:36:5d:72:9e:46:43:31:29:
83:43:9c:0d:e4:a5:79:18:38:2f:53:80:84:2d:0a:
35:b5:0f:45:3c:4d:ca:7a:be:6d:43:91:9f:bf:84:
3d:5a:1f:49:6e:43:0c:0e:ec:d0:ef:31:e5:4a:c4:
97:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:71:6C:D7:8B:9B:62:28:28:63:48:7D:87:5F:C4:A1:F8:74:EF:6E
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/jnFs14ubYigoY0h9h1_Eofh0724.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.20.0/22
37.220.32.0/21
45.10.116.0/22
45.82.44.0/22
45.88.16.0/22
45.93.32.0/22
45.129.176.0/22
45.145.252.0/22
46.182.104.0/22
46.182.109.0-46.182.111.255
185.38.12.0/22
193.104.186.0/24
IPv6:
2a02:2a38::/32
Signature Algorithm: sha256WithRSAEncryption
40:f6:db:8c:ed:77:c2:c6:62:da:41:f5:d0:0d:46:8f:a2:27:
bc:75:0f:cb:70:79:46:69:96:97:6a:71:2f:be:9f:45:68:2d:
9c:a4:5b:44:4f:2d:be:2a:26:f8:4b:39:0c:35:dd:07:07:6e:
ce:bb:f1:0e:f7:42:2d:04:67:90:5c:43:9a:c7:48:f0:f1:a2:
b3:cc:bb:15:2d:c2:4b:d9:25:18:43:fe:07:69:6e:84:23:ea:
6a:fe:44:da:3c:09:0d:5e:95:8e:d8:c2:19:e1:b0:ba:cf:7f:
d7:35:c6:6b:b6:db:5d:c9:b5:a0:da:b3:54:dd:50:9a:c7:51:
66:68:af:41:b8:62:25:7e:20:ab:f6:ed:bb:c3:a0:ae:dd:11:
82:57:a2:29:8d:11:18:ea:ac:56:f3:2d:c8:8c:c2:28:f5:97:
4f:f6:61:7f:6b:55:7f:cc:38:ee:51:b6:d5:48:4c:2b:6d:2f:
ef:49:73:33:ad:bd:99:d5:9a:e8:ea:ac:e7:26:21:e9:57:75:
e4:7c:24:7c:18:49:de:90:bb:c1:cd:75:44:5d:14:3f:16:4a:
4a:d1:46:e2:63:c7:32:8c:72:39:e6:06:74:52:5f:8e:05:26:
09:51:3f:e4:f8:de:13:c5:de:08:38:30:5d:88:2e:52:11:9b:
1d:58:35:12
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZcN4T9JI2YJPXylE/1m4BmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjUwNTI2MTgzNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTcxNmNkNzhiOWI2MjI4Mjg2MzQ4N2Q4NzVmYzRhMWY4NzRlZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJoppgigk93hvksJuTviiCvnJbmy
Fvw1Rw+MiwTfaNQV9OZGL/luo5KC0c2BRHX8n1/ey6ACtHl12r86B4jZOLw4Tfal
Nlx6E0bAgThg5c1rnFGNx8N9cIACWXkQZdmyAbIyNbEAJF8hZKr1CbVAu14u4Q8n
k/lxDj8gfh0nTci1aHCjci99kJDDvqPRO4dF4kGQyhfxilncddY0htAygBbXPD+M
zqzK244HJ2JUBUEop22v2RK2ez6tIUU9Wmijg5FaeLI0p6YVNl1ynkZDMSmDQ5wN
5KV5GDgvU4CELQo1tQ9FPE3Ker5tQ5Gfv4Q9Wh9JbkMMDuzQ7zHlSsSXCwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFI5xbNeLm2IoKGNIfYdfxKH4dO9uMB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEvam5GczE0dWJZaWdvWTBoOWgxX0VvZmgwNzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQCAjoUAwQD
JdwgAwQCLQp0AwQCLVIsAwQCLVgQAwQCLV0gAwQCLYGwAwQCLZH8AwQCLrZoMAwD
BAAutm0DBAQutmADBAK5JgwDBADBaLowDQQCAAIwBwMFACoCKjgwDQYJKoZIhvcN
AQELBQADggEBAED224ztd8LGYtpB9dANRo+iJ7x1D8tweUZplpdqcS++n0VoLZyk
W0RPLb4qJvhLOQw13QcHbs678Q73Qi0EZ5BcQ5rHSPDxorPMuxUtwkvZJRhD/gdp
boQj6mr+RNo8CQ1elY7YwhnhsLrPf9c1xmu2213JtaDas1TdUJrHUWZor0G4YiV+
IKv27bvDoK7dEYJXoimNERjqrFbzLciMwij1l0/2YX9rVX/MOO5RttVITCttL+9J
czOtvZnVmujqrOcmIelXdeR8JHwYSd6Qu8HNdURdFD8WSkrRRuJjxzKMcjnmBnRS
X44FJglRP+T43hPF3gg4MF2ILlIRmx1YNRI=
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:09:43 2025 by rpki-client