Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xbcBspeToVJT23_kb9v-yxWCaOo.roa
File: xbcBspeToVJT23_kb9v-yxWCaOo.roa (raw, json)
Hash identifier: uiKQNYvzJxWcIoeTsx+SbXuZmBITGtgGm2LqBo5NYBY=
Subject key identifier: C5:B7:01:B2:97:93:A1:52:53:DB:7F:E4:6F:DB:FE:CB:15:82:68:EA
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0196A538949AB31FFEC9C2236267A9A041D0
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xbcBspeToVJT23_kb9v-yxWCaOo.roa
Signing time: Tue 06 May 2025 10:51:10 +0000
ROA not before: Tue 06 May 2025 10:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 5.8.0.0/21 maxlen: 22
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.8.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.10.0/24 maxlen: 24
5.8.11.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.16.0/24 maxlen: 24
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/24 maxlen: 24
5.8.49.0/24 maxlen: 24
5.8.50.0/23 maxlen: 23
5.8.50.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.8.52.0/22 maxlen: 22
5.8.52.0/23 maxlen: 23
5.8.52.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.54.0/23 maxlen: 23
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.65.0/24 maxlen: 24
5.8.80.0/21 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.4.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.101.6.0/24 maxlen: 24
5.101.7.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.101.64.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.90.0/23 maxlen: 23
5.101.92.0/22 maxlen: 22
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.46.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.49.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
5.188.210.0/24 maxlen: 24
5.188.211.0/24 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.233.0/24 maxlen: 24
5.188.234.0/23 maxlen: 23
31.44.188.0/22 maxlen: 32
31.184.192.0/22 maxlen: 22
31.184.192.0/23 maxlen: 23
31.184.192.0/24 maxlen: 24
31.184.193.0/24 maxlen: 24
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.196.0/24 maxlen: 24
31.184.197.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.198.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.56.0/22 maxlen: 22
37.139.56.0/23 maxlen: 23
37.139.56.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.58.0/24 maxlen: 24
37.139.59.0/24 maxlen: 24
46.161.2.0/23 maxlen: 23
46.161.8.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.28.0/22 maxlen: 22
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/23 maxlen: 23
46.161.50.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.50.0/23 maxlen: 23
91.243.50.0/24 maxlen: 24
91.243.51.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.56.0/22 maxlen: 22
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.93.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.0.0/23 maxlen: 23
95.215.0.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.2.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
146.185.223.0/24 maxlen: 24
146.185.224.0/21 maxlen: 21
188.143.232.0/22 maxlen: 22
188.143.232.0/23 maxlen: 23
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:38:94:9a:b3:1f:fe:c9:c2:23:62:67:a9:a0:41:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 6 10:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5b701b29793a15253db7fe46fdbfecb158268ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:96:7b:8f:c0:a0:a8:5a:cb:d0:d8:94:a2:af:
92:aa:8c:07:18:02:44:8d:9e:ee:7a:ad:a1:8f:00:
7b:61:4f:8a:91:72:25:b7:ee:2c:d4:a1:5e:c5:f7:
c1:46:4b:d1:c5:1f:48:3c:41:fc:ea:db:b2:88:8b:
ea:3c:c5:26:ae:a9:87:d9:82:34:20:fb:0a:96:ae:
b2:60:05:b8:0a:5d:b0:b4:73:67:a4:6f:f6:39:b2:
92:90:d6:1c:e7:66:b2:81:97:f0:86:d9:ec:db:93:
66:dd:2f:2d:41:cb:13:53:b9:54:13:ac:37:c1:01:
97:f7:a9:3f:1a:c6:93:0a:a9:00:a1:8d:20:0f:62:
1a:9b:75:0a:fa:da:41:22:7b:47:47:40:4f:5c:8e:
7c:34:d0:04:da:19:79:07:69:f3:12:55:06:32:9f:
7d:cc:88:27:ac:18:d0:13:95:db:10:b5:57:cf:3d:
9e:8c:b9:8e:26:bf:11:cb:62:ee:2c:e5:92:5f:3d:
aa:88:59:93:9e:6a:0a:f4:5c:b9:6b:33:a4:e5:e8:
4e:53:4c:26:04:b6:62:13:5c:e2:60:8d:b8:05:c5:
b0:ab:c7:44:02:4a:ba:fa:1a:38:72:6d:ae:1b:a1:
54:c2:1a:a2:af:e6:ff:79:3f:07:27:be:91:71:82:
e7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B7:01:B2:97:93:A1:52:53:DB:7F:E4:6F:DB:FE:CB:15:82:68:EA
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xbcBspeToVJT23_kb9v-yxWCaOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0-5.8.16.255
5.8.48.0/21
5.8.60.0/23
5.8.65.0/24
5.8.80.0/21
5.101.0.0/21
5.101.32.0/22
5.101.64.0/22
5.101.90.0-5.101.95.255
5.188.44.0/22
5.188.49.0/24
5.188.208.0/22
5.188.223.0/24
5.188.233.0-5.188.235.255
31.44.188.0/22
31.184.192.0/21
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.139.53.0/24
37.139.56.0/22
46.161.2.0/23
46.161.8.0/24
46.161.10.0/24
46.161.14.0/23
46.161.20.0/22
46.161.28.0-46.161.35.255
46.161.44.0-46.161.51.255
91.243.48.0-91.243.61.255
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.223.0-146.185.231.255
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
6a:76:67:ab:c9:0b:07:a0:cb:f4:e2:92:9a:c4:52:73:fd:04:
f4:48:88:0f:68:02:36:43:a4:84:72:70:af:35:7f:67:96:13:
14:db:93:4c:5d:19:cd:57:8a:b5:db:43:4f:45:0d:df:44:14:
3c:7d:a6:f2:98:e6:9d:bc:47:07:54:f4:a2:1d:42:90:d6:69:
c2:e2:e1:8c:13:5a:52:79:4c:41:67:75:91:cf:39:ca:7c:43:
d9:b0:b5:f0:71:ef:f0:94:ac:5f:0f:f2:cb:bf:49:2e:00:1b:
2a:91:a2:18:b4:d7:42:1e:68:c0:9a:f7:1b:1b:30:0b:22:3d:
a5:39:82:04:9d:9a:d9:62:7e:61:bc:26:d7:1a:02:dc:39:e4:
fd:24:47:62:d3:75:73:7b:ea:91:da:e5:c1:2a:9a:b0:36:64:
17:4f:35:22:8a:c3:c2:6e:39:2f:a9:9d:a9:35:0c:05:98:71:
ff:7e:15:c3:7c:41:dc:30:5a:7b:5f:55:f4:17:1f:f8:b4:08:
ca:44:f0:3d:83:2e:2b:08:50:79:79:53:46:7d:bf:44:89:15:
4f:da:8f:b7:d6:e5:39:64:77:f2:87:8c:04:cd:04:ea:d8:bd:
47:54:d6:f8:df:4b:9b:13:09:28:a7:c4:b0:31:a0:76:c6:dd:
38:17:1f:bb
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZalOJSasx/+ycIjYmepoEHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNTA2MTA1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI3MDFiMjk3OTNhMTUyNTNkYjdmZTQ2ZmRiZmVjYjE1ODI2OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25Z7j8CgqFrL0NiUoq+SqowHGAJE
jZ7ueq2hjwB7YU+KkXIlt+4s1KFexffBRkvRxR9IPEH86tuyiIvqPMUmrqmH2YI0
IPsKlq6yYAW4Cl2wtHNnpG/2ObKSkNYc52aygZfwhtns25Nm3S8tQcsTU7lUE6w3
wQGX96k/GsaTCqkAoY0gD2Iam3UK+tpBIntHR0BPXI58NNAE2hl5B2nzElUGMp99
zIgnrBjQE5XbELVXzz2ejLmOJr8Ry2LuLOWSXz2qiFmTnmoK9Fy5azOk5ehOU0wm
BLZiE1ziYI24BcWwq8dEAkq6+ho4cm2uG6FUwhqir+b/eT8HJ76RcYLnDwIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFMW3AbKXk6FSU9t/5G/b/ssVgmjqMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEveGJjQnNwZVRvVkpUMjNfa2I5di15eFdDYU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCAREEAgABMIIB
CTALAwMDBQgDBAAFCBADBAMFCDADBAEFCDwDBAAFCEEDBAMFCFADBAMFZQADBAIF
ZSADBAIFZUAwDAMEAQVlWgMEBQVlQAMEAgW8LAMEAAW8MQMEAgW80AMEAAW83zAM
AwQABbzpAwQCBbzoAwQCHyy8AwQDH7jAAwQBH7juAwQAH7jzAwQAJQkwAwQAJYs1
AwQCJYs4AwQBLqECAwQALqEIAwQALqEKAwQBLqEOAwQCLqEUMAwDBAIuoRwDBAIu
oSAwDAMEAi6hLAMEAi6hMDAMAwQEW/MwAwQBW/M8AwQBW/NaAwQAW/NdAwQCX9cA
MAwDBACSud8DBAOSueADBAK8j+gDBAHDAvAwEQQCAAIwCwMJBioAHXgBAAHAMA0G
CSqGSIb3DQEBCwUAA4IBAQBqdmeryQsHoMv04pKaxFJz/QT0SIgPaAI2Q6SEcnCv
NX9nlhMU25NMXRnNV4q120NPRQ3fRBQ8fabymOadvEcHVPSiHUKQ1mnC4uGME1pS
eUxBZ3WRzznKfEPZsLXwce/wlKxfD/LLv0kuABsqkaIYtNdCHmjAmvcbGzALIj2l
OYIEnZrZYn5hvCbXGgLcOeT9JEdi03Vze+qR2uXBKpqwNmQXTzUiisPCbjkvqZ2p
NQwFmHH/fhXDfEHcMFp7X1X0Fx/4tAjKRPA9gy4rCFB5eVNGfb9EiRVP2o+31uU5
ZHfyh4wEzQTq2L1HVNb430ubEwkop8SwMaB2xt04Fx+7
-----END CERTIFICATE-----
Generated at Mon May 12 10:36:38 2025 by rpki-client