Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/IcGYtsEdRqZsLIE6ydlIGP_na90.roa
File: IcGYtsEdRqZsLIE6ydlIGP_na90.roa (raw, json)
Hash identifier: +rY9CSIYylSP7pAaRux+lcmRSpDh3853ygKN74u6aJ0=
Subject key identifier: 21:C1:98:B6:C1:1D:46:A6:6C:2C:81:3A:C9:D9:48:18:FF:E7:6B:DD
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 018CD42DEB75EE26A43EE3719E86223F87B6
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/IcGYtsEdRqZsLIE6ydlIGP_na90.roa
Signing time: Thu 04 Jan 2024 11:13:48 +0000
ROA not before: Thu 04 Jan 2024 11:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 719
IP address blocks: 194.188.0.0/16 maxlen: 16
213.161.32.0/19 maxlen: 19
213.130.224.0/19 maxlen: 19
62.248.128.0/17 maxlen: 17
195.218.64.0/19 maxlen: 19
139.97.0.0/16 maxlen: 16
82.103.192.0/18 maxlen: 18
82.141.64.0/18 maxlen: 18
195.74.0.0/19 maxlen: 19
109.232.80.0/21 maxlen: 21
195.16.192.0/19 maxlen: 19
193.229.0.0/16 maxlen: 16
195.238.192.0/19 maxlen: 19
83.245.128.0/17 maxlen: 17
193.94.0.0/16 maxlen: 16
194.86.35.0/24 maxlen: 24
178.251.56.0/21 maxlen: 21
77.109.192.0/18 maxlen: 18
85.76.0.0/14 maxlen: 14
193.66.0.0/16 maxlen: 16
85.157.0.0/16 maxlen: 16
194.157.0.0/16 maxlen: 16
195.170.128.0/19 maxlen: 19
217.25.96.0/20 maxlen: 20
212.38.224.0/19 maxlen: 19
194.86.0.0/16 maxlen: 16
94.22.0.0/16 maxlen: 16
192.163.128.0/19 maxlen: 19
212.63.0.0/19 maxlen: 19
195.255.0.0/16 maxlen: 16
80.248.96.0/19 maxlen: 19
193.184.0.0/15 maxlen: 15
194.211.0.0/16 maxlen: 16
62.240.64.0/19 maxlen: 19
192.102.37.0/24 maxlen: 24
192.102.36.0/24 maxlen: 24
85.156.0.0/16 maxlen: 16
192.102.32.0/24 maxlen: 24
192.102.38.0/24 maxlen: 24
80.88.176.0/20 maxlen: 20
192.102.42.0/24 maxlen: 24
192.102.41.0/24 maxlen: 24
192.102.40.0/24 maxlen: 24
192.102.39.0/24 maxlen: 24
192.102.50.0/24 maxlen: 24
192.102.49.0/24 maxlen: 24
82.118.192.0/19 maxlen: 19
194.240.0.0/15 maxlen: 15
88.112.0.0/14 maxlen: 14
84.230.0.0/15 maxlen: 15
213.250.64.0/18 maxlen: 18
192.126.35.0/24 maxlen: 24
193.65.129.0/24 maxlen: 24
192.126.44.0/24 maxlen: 24
192.126.46.0/24 maxlen: 24
192.163.64.0/18 maxlen: 18
81.197.0.0/16 maxlen: 16
195.197.0.0/16 maxlen: 16
194.136.0.0/16 maxlen: 16
192.126.1.0/24 maxlen: 24
85.217.0.0/17 maxlen: 17
192.163.32.0/19 maxlen: 19
192.126.24.0/24 maxlen: 24
192.126.23.0/24 maxlen: 24
212.50.192.0/19 maxlen: 19
217.77.192.0/20 maxlen: 20
195.236.0.0/15 maxlen: 15
193.199.0.0/16 maxlen: 16
31.7.16.0/20 maxlen: 20
212.226.0.0/16 maxlen: 16
192.77.120.0/22 maxlen: 22
193.64.0.0/15 maxlen: 15
212.54.0.0/19 maxlen: 19
212.246.0.0/16 maxlen: 16
81.209.0.0/17 maxlen: 17
82.215.192.0/18 maxlen: 18
91.152.0.0/13 maxlen: 13
193.142.51.0/24 maxlen: 24
80.186.0.0/16 maxlen: 16
80.81.160.0/19 maxlen: 19
62.216.96.0/19 maxlen: 19
217.24.96.0/20 maxlen: 20
217.152.0.0/16 maxlen: 16
213.192.128.0/18 maxlen: 18
62.148.192.0/19 maxlen: 19
46.182.112.0/21 maxlen: 21
62.142.0.0/16 maxlen: 16
213.169.0.0/19 maxlen: 19
2001:1658::/29 maxlen: 32
2a00:1dd0::/29 maxlen: 32
2001:998::/29 maxlen: 32
2001:9f0::/29 maxlen: 32
2001:670::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:2d:eb:75:ee:26:a4:3e:e3:71:9e:86:22:3f:87:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 4 11:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21c198b6c11d46a66c2c813ac9d94818ffe76bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:76:46:94:9f:3d:70:a2:51:ea:08:33:d3:19:
e1:0c:32:4a:66:74:91:93:3f:76:25:0a:8f:fa:5a:
9e:c4:3d:37:e8:85:92:69:cb:2c:51:d1:ad:47:f7:
d1:d5:0c:06:79:ec:6d:2f:36:58:46:66:8a:36:0c:
26:05:46:c9:02:19:3d:18:51:02:ce:b1:7a:1a:7b:
00:87:5b:77:65:32:da:78:e2:53:58:89:fd:b3:55:
70:d4:93:77:d1:55:a6:4c:eb:0b:b6:10:b3:11:ed:
97:2b:06:2a:0c:e8:d4:07:83:3a:94:77:cf:06:b9:
78:6d:e7:90:73:77:d2:30:17:11:9d:c6:34:22:6c:
23:89:01:2c:95:27:91:11:ea:4a:5c:36:1f:c4:f9:
79:73:9e:55:ec:9f:3a:57:0a:0e:3c:ef:83:8e:b4:
f5:e5:fa:cf:d0:6f:2a:9e:76:83:d5:04:5d:30:6c:
88:93:a1:4c:6c:ed:71:7d:a3:50:6c:2b:6e:2b:9a:
3e:d6:00:63:84:96:7e:3c:1c:ec:42:1b:b5:93:a2:
74:1a:76:2b:e9:da:da:e6:6d:84:62:56:83:cc:e0:
c2:de:4a:9d:3f:b8:d8:8d:39:aa:d7:ef:9c:f6:8f:
a9:81:ca:24:66:30:d3:20:be:56:cd:3b:5f:54:29:
90:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C1:98:B6:C1:1D:46:A6:6C:2C:81:3A:C9:D9:48:18:FF:E7:6B:DD
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/IcGYtsEdRqZsLIE6ydlIGP_na90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.16.0/20
46.182.112.0/21
62.142.0.0/16
62.148.192.0/19
62.216.96.0/19
62.240.64.0/19
62.248.128.0/17
77.109.192.0/18
80.81.160.0/19
80.88.176.0/20
80.186.0.0/16
80.248.96.0/19
81.197.0.0/16
81.209.0.0/17
82.103.192.0/18
82.118.192.0/19
82.141.64.0/18
82.215.192.0/18
83.245.128.0/17
84.230.0.0/15
85.76.0.0/14
85.156.0.0/15
85.217.0.0/17
88.112.0.0/14
91.152.0.0/13
94.22.0.0/16
109.232.80.0/21
139.97.0.0/16
178.251.56.0/21
192.77.120.0/22
192.102.32.0/24
192.102.36.0-192.102.42.255
192.102.49.0-192.102.50.255
192.126.1.0/24
192.126.23.0-192.126.24.255
192.126.35.0/24
192.126.44.0/24
192.126.46.0/24
192.163.32.0-192.163.159.255
193.64.0.0-193.66.255.255
193.94.0.0/16
193.142.51.0/24
193.184.0.0/15
193.199.0.0/16
193.229.0.0/16
194.86.0.0/16
194.136.0.0/16
194.157.0.0/16
194.188.0.0/16
194.211.0.0/16
194.240.0.0/15
195.16.192.0/19
195.74.0.0/19
195.170.128.0/19
195.197.0.0/16
195.218.64.0/19
195.236.0.0/15
195.238.192.0/19
195.255.0.0/16
212.38.224.0/19
212.50.192.0/19
212.54.0.0/19
212.63.0.0/19
212.226.0.0/16
212.246.0.0/16
213.130.224.0/19
213.161.32.0/19
213.169.0.0/19
213.192.128.0/18
213.250.64.0/18
217.24.96.0/20
217.25.96.0/20
217.77.192.0/20
217.152.0.0/16
IPv6:
2001:670::/29
2001:998::/29
2001:9f0::/29
2001:1658::/29
2a00:1dd0::/29
Signature Algorithm: sha256WithRSAEncryption
52:ac:4f:15:14:a5:6f:bb:07:26:f9:75:39:4f:64:fa:48:a5:
e6:8a:b5:58:8b:7e:21:0e:5d:6a:91:8b:b3:cb:1d:f9:47:bd:
f9:43:80:ae:49:ce:68:15:90:9c:76:72:23:fa:48:e4:1e:56:
f2:81:7f:93:eb:14:b1:f5:a8:61:53:79:58:f3:9b:dc:b5:41:
27:91:70:66:53:82:f6:d0:dd:bc:85:07:a9:95:63:7b:25:2d:
38:8f:b9:1c:b4:00:89:e7:6b:a9:ae:e9:f1:39:d6:1d:53:78:
23:47:7a:f6:e8:5c:5e:33:43:c5:2b:1b:6e:8f:c9:a3:5f:b9:
4c:c0:d7:06:ff:82:b4:a3:e3:d2:c7:7c:29:f4:f8:c5:da:91:
93:e2:39:c3:b9:20:00:a6:92:b6:6c:29:14:eb:d6:f1:fa:d1:
bb:0c:48:8f:43:01:55:a9:83:a2:1b:1c:36:e9:36:9f:53:42:
0b:61:2d:69:aa:c5:ff:cc:13:82:16:8b:29:a4:0a:ed:c7:d6:
5d:74:e3:87:9c:e2:4d:27:7d:9c:2b:38:1a:fd:b9:86:bb:5b:
ce:b1:ce:29:81:2a:a7:60:1e:21:51:30:c1:78:b3:51:b7:eb:
21:a7:aa:29:03:9a:f7:7e:ce:ad:8b:7a:2d:36:46:62:0f:b9:
f4:a4:d8:f7
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgISAYzULet17iakPuNxnoYiP4e2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjQwMTA0MTExMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWMxOThiNmMxMWQ0NmE2NmMyYzgxM2FjOWQ5NDgxOGZmZTc2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXZGlJ89cKJR6ggz0xnhDDJKZnSR
kz92JQqP+lqexD036IWSacssUdGtR/fR1QwGeextLzZYRmaKNgwmBUbJAhk9GFEC
zrF6GnsAh1t3ZTLaeOJTWIn9s1Vw1JN30VWmTOsLthCzEe2XKwYqDOjUB4M6lHfP
Brl4beeQc3fSMBcRncY0ImwjiQEslSeREepKXDYfxPl5c55V7J86VwoOPO+DjrT1
5frP0G8qnnaD1QRdMGyIk6FMbO1xfaNQbCtuK5o+1gBjhJZ+PBzsQhu1k6J0GnYr
6dra5m2EYlaDzODC3kqdP7jYjTmq1++c9o+pgcokZjDTIL5WzTtfVCmQ+QIDAQAB
o4IEADCCA/wwHQYDVR0OBBYEFCHBmLbBHUambCyBOsnZSBj/52vdMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvSWNHWXRzRWRScVpzTElFNnlkbElHUF9uYTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFAYIKwYBBQUHAQcBAf8EggIDMIIB/zCCAdAEAgABMIIB
yAMEBB8HEAMEAy62cAMDAD6OAwQFPpTAAwQFPthgAwQFPvBAAwQHPviAAwQGTW3A
AwQFUFGgAwQEUFiwAwMAULoDBAVQ+GADAwBRxQMEB1HRAAMEBlJnwAMEBVJ2wAME
BlKNQAMEBlLXwAMEB1P1gAMDAVTmAwMCVUwDAwFVnAMEB1XZAAMDAlhwAwMDW5gD
AwBeFgMEA23oUAMDAIthAwQDsvs4AwQCwE14AwQAwGYgMAwDBALAZiQDBADAZiow
DAMEAMBmMQMEAMBmMgMEAMB+ATAMAwQAwH4XAwQAwH4YAwQAwH4jAwQAwH4sAwQA
wH4uMAwDBAXAoyADBAXAo4AwCgMDBsFAAwMAwUIDAwDBXgMEAMGOMwMDAcG4AwMA
wccDAwDB5QMDAMJWAwMAwogDAwDCnQMDAMK8AwMAwtMDAwHC8AMEBcMQwAMEBcNK
AAMEBcOqgAMDAMPFAwQFw9pAAwMBw+wDBAXD7sADAwDD/wMEBdQm4AMEBdQywAME
BdQ2AAMEBdQ/AAMDANTiAwMA1PYDBAXVguADBAXVoSADBAXVqQADBAbVwIADBAbV
+kADBATZGGADBATZGWADBATZTcADAwDZmDApBAIAAjAjAwUDIAEGcAMFAyABCZgD
BQMgAQnwAwUDIAEWWAMFAyoAHdAwDQYJKoZIhvcNAQELBQADggEBAFKsTxUUpW+7
Byb5dTlPZPpIpeaKtViLfiEOXWqRi7PLHflHvflDgK5JzmgVkJx2ciP6SOQeVvKB
f5PrFLH1qGFTeVjzm9y1QSeRcGZTgvbQ3byFB6mVY3slLTiPuRy0AInna6mu6fE5
1h1TeCNHevboXF4zQ8UrG26PyaNfuUzA1wb/grSj49LHfCn0+MXakZPiOcO5IACm
krZsKRTr1vH60bsMSI9DAVWpg6IbHDbpNp9TQgthLWmqxf/ME4IWiymkCu3H1l10
44ec4k0nfZwrOBr9uYa7W86xzimBKqdgHiFRMMF4s1G36yGnqikDmvd+zq2Lei02
RmIPufSk2Pc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:28 2024 by rpki-client on console-fra.rpki-client.org