Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/8xP7SvrqNDDUIf7ErNtYgRY6F6A.roa
File: 8xP7SvrqNDDUIf7ErNtYgRY6F6A.roa (raw, json)
Hash identifier: U6lRFQt/WgoeTpDrJcFjH+zyys2ywY9lEhPCU7k4p30=
Subject key identifier: F3:13:FB:4A:FA:EA:34:30:D4:21:FE:C4:AC:DB:58:81:16:3A:17:A0
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019BFD6BAC51EBCD4A707F38CCA07A450FD4
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/8xP7SvrqNDDUIf7ErNtYgRY6F6A.roa
Signing time: Tue 27 Jan 2026 03:07:30 +0000
ROA not before: Tue 27 Jan 2026 03:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207567
IP address blocks: 138.124.100.0/24 maxlen: 24
138.124.104.0/24 maxlen: 24
138.124.105.0/24 maxlen: 24
138.124.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fd:6b:ac:51:eb:cd:4a:70:7f:38:cc:a0:7a:45:0f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Jan 27 03:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f313fb4afaea3430d421fec4acdb5881163a17a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:75:b8:36:c0:99:b9:a4:94:51:c7:bf:5f:f8:
ea:4b:94:81:c5:f9:42:76:56:94:9b:f7:a0:3f:5c:
a4:c7:82:d7:46:04:e3:6e:33:c0:20:a7:ad:5e:20:
b0:54:97:0c:27:8b:6c:81:ee:25:fd:29:87:49:2b:
06:39:c3:e3:ac:df:f9:85:18:ca:cc:27:99:c9:05:
4b:03:f3:1f:81:d0:02:95:d5:f7:7b:42:9c:a6:19:
2a:f2:ea:18:dd:13:3a:3c:bc:8b:8a:07:7f:6c:dd:
8f:4b:ca:dd:a5:e2:50:f6:5d:96:1b:1c:1a:92:7b:
fa:e7:1d:1d:73:8f:fc:7a:20:20:d1:f6:12:8f:9e:
13:f4:04:b3:1f:30:7f:22:2e:d7:e7:4e:7b:26:a9:
a3:65:e6:3d:a6:40:25:b6:ca:5b:a7:a7:32:ef:de:
d9:ca:d7:3c:95:03:f9:2c:6f:27:09:db:75:f8:d5:
5e:be:45:da:cf:19:d4:33:45:00:99:1a:51:90:41:
d1:18:55:9c:2d:8f:6c:fb:56:eb:37:63:6a:75:b9:
f3:6a:0f:ca:e7:d1:aa:52:fa:45:11:9d:16:d1:57:
b5:f7:59:1a:ae:8c:76:31:7b:78:ad:ac:09:56:e1:
61:f2:9a:be:c6:62:43:b9:13:42:b3:41:07:fb:42:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:13:FB:4A:FA:EA:34:30:D4:21:FE:C4:AC:DB:58:81:16:3A:17:A0
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/8xP7SvrqNDDUIf7ErNtYgRY6F6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.100.0/24
138.124.104.0-138.124.106.255
Signature Algorithm: sha256WithRSAEncryption
62:bd:5a:29:ba:0d:f9:8e:45:00:99:29:92:fa:72:72:a7:f9:
21:8f:5d:a5:b5:61:d4:cc:ff:23:f4:34:3c:ee:40:d6:6a:77:
d3:e2:3d:0e:c7:0a:96:5e:06:50:26:d8:3c:84:91:85:b9:c6:
ef:e0:30:31:3a:08:d5:84:e9:9e:54:cc:47:f5:e3:6d:c4:25:
9c:b2:93:c8:c0:97:a0:50:2f:c1:99:26:ed:29:7a:a1:57:3d:
b1:73:0b:fb:68:7f:25:25:77:de:3d:80:58:da:8f:2c:37:60:
22:c0:13:a0:bd:0a:34:db:a3:19:86:01:54:9e:75:dd:a7:9e:
64:da:96:81:e2:cd:0f:a8:7e:de:dc:43:2e:c7:65:48:4e:64:
0a:2f:f2:5a:86:e2:4e:43:e1:a2:bf:fb:af:2e:e2:58:eb:ff:
c5:de:ab:5d:e1:b1:89:b3:08:01:59:4f:c6:4e:05:36:29:ae:
97:d8:46:95:ec:d0:a6:7a:fa:2b:3b:24:af:ff:f7:e6:4f:0d:
28:fc:c8:f5:6a:5c:3a:b5:6c:ac:d3:7e:d8:5a:3b:33:71:19:
6b:b8:7d:4c:14:26:c3:6a:64:0a:9d:4f:79:ca:9a:ff:a1:8c:
6e:b3:78:af:f7:db:b1:8e:43:ab:5c:ad:10:3b:3e:81:a7:ba:
4c:a5:80:c7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZv9a6xR681KcH84zKB6RQ/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMTI3MDMwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzEzZmI0YWZhZWEzNDMwZDQyMWZlYzRhY2RiNTg4MTE2M2ExN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXW4NsCZuaSUUce/X/jqS5SBxflC
dlaUm/egP1ykx4LXRgTjbjPAIKetXiCwVJcMJ4tsge4l/SmHSSsGOcPjrN/5hRjK
zCeZyQVLA/MfgdACldX3e0Kcphkq8uoY3RM6PLyLigd/bN2PS8rdpeJQ9l2WGxwa
knv65x0dc4/8eiAg0fYSj54T9ASzHzB/Ii7X5057JqmjZeY9pkAltspbp6cy797Z
ytc8lQP5LG8nCdt1+NVevkXazxnUM0UAmRpRkEHRGFWcLY9s+1brN2Nqdbnzag/K
59GqUvpFEZ0W0Ve191karox2MXt4rawJVuFh8pq+xmJDuRNCs0EH+0IogQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPMT+0r66jQw1CH+xKzbWIEWOhegMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvOHhQN1N2cnFORERVSWY3RXJOdFlnUlk2RjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAinxkMAwD
BAOKfGgDBACKfGowDQYJKoZIhvcNAQELBQADggEBAGK9Wim6DfmORQCZKZL6cnKn
+SGPXaW1YdTM/yP0NDzuQNZqd9PiPQ7HCpZeBlAm2DyEkYW5xu/gMDE6CNWE6Z5U
zEf1423EJZyyk8jAl6BQL8GZJu0peqFXPbFzC/tofyUld949gFjajyw3YCLAE6C9
CjTboxmGAVSedd2nnmTaloHizQ+oft7cQy7HZUhOZAov8lqG4k5D4aK/+68u4ljr
/8Xeq13hsYmzCAFZT8ZOBTYprpfYRpXs0KZ6+is7JK//9+ZPDSj8yPVqXDq1bKzT
fthaOzNxGWu4fUwUJsNqZAqdT3nKmv+hjG6zeK/327GOQ6tcrRA7PoGnukylgMc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:10:06 2026 by rpki-client