Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/fw1iguCmj4qOwcfsFkeFpir65VU.roa
File: fw1iguCmj4qOwcfsFkeFpir65VU.roa (raw, json)
Hash identifier: iKQXq9XoPCUkxxyylDltQ/lPyGgCP1DuZtbwv2OYAAM=
Subject key identifier: 7F:0D:62:82:E0:A6:8F:8A:8E:C1:C7:EC:16:47:85:A6:2A:FA:E5:55
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019C5B334708102E48251131866A614EF6A5
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/fw1iguCmj4qOwcfsFkeFpir65VU.roa
Signing time: Sat 14 Feb 2026 08:10:13 +0000
ROA not before: Sat 14 Feb 2026 08:10:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 138.124.5.0/24 maxlen: 24
138.124.79.0/24 maxlen: 24
138.124.80.0/24 maxlen: 24
138.124.81.0/24 maxlen: 24
138.124.84.0/24 maxlen: 24
138.124.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5b:33:47:08:10:2e:48:25:11:31:86:6a:61:4e:f6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Feb 14 08:10:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f0d6282e0a68f8a8ec1c7ec164785a62afae555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:14:b3:8b:56:e2:47:f0:1a:76:56:76:c8:
00:f4:3e:cf:aa:45:fb:eb:ae:94:fb:96:8a:b4:be:
81:43:4c:06:3e:70:de:7a:81:ef:e4:8c:e2:a3:f4:
81:44:7b:ae:34:8e:59:6a:ba:71:1f:e8:7a:dc:8f:
c3:16:75:d1:8b:77:f4:16:d3:e7:29:6d:17:b5:f0:
4f:da:0c:8e:b0:ab:68:bd:e7:20:dd:dd:9d:21:22:
14:5e:94:29:0b:dc:b4:56:0b:7a:06:a7:19:b8:83:
6f:cd:02:b3:d3:de:63:92:2a:e4:bc:61:04:8a:e8:
7c:4d:c8:50:e1:25:0c:43:97:4c:5e:d4:1b:60:2a:
e3:b5:2f:b9:77:52:54:da:9b:18:ee:72:56:54:4f:
73:b6:07:64:bd:f0:07:f5:e1:4e:f6:94:53:2c:e7:
9b:d3:04:fa:ca:bb:c3:1d:9c:d0:1c:c2:70:8c:7c:
94:2a:25:b7:36:6f:0d:4c:e3:3c:2f:f1:74:45:eb:
97:0a:ee:3f:90:ae:83:73:8d:39:66:0a:d7:99:14:
ec:f4:a8:96:e6:b0:ad:10:02:16:1a:9b:ee:4a:8a:
45:88:f4:4a:42:c8:7a:8d:7b:41:e6:ba:ac:3d:18:
fa:09:f0:88:d4:5d:7f:19:bd:88:62:90:14:cc:a8:
f3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0D:62:82:E0:A6:8F:8A:8E:C1:C7:EC:16:47:85:A6:2A:FA:E5:55
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/fw1iguCmj4qOwcfsFkeFpir65VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.5.0/24
138.124.79.0-138.124.81.255
138.124.84.0/23
Signature Algorithm: sha256WithRSAEncryption
10:db:3c:93:98:f3:4d:ce:5e:0d:3f:8c:eb:29:09:44:ac:88:
cf:86:84:33:f8:73:27:55:a7:57:73:f5:0b:0a:99:c7:3a:71:
68:17:91:40:9d:d1:33:ae:1a:ea:11:8a:20:f0:a9:4f:f8:69:
3e:47:d3:45:0d:6b:db:cd:30:da:5f:b0:ea:3a:00:eb:d5:f4:
26:70:a3:86:87:26:a6:9c:d0:79:43:75:2f:a9:a1:37:58:57:
44:07:bc:74:f7:89:1d:83:07:d3:7b:77:4e:18:f1:28:83:d0:
66:78:59:5f:28:1e:e3:9e:ef:ff:37:34:e0:c7:69:20:50:37:
8a:4a:c2:20:e1:35:97:37:a5:5e:ff:46:45:59:c1:9c:b5:f1:
c9:9d:10:5e:2c:5e:10:e9:a7:c0:a8:94:20:a0:3d:f0:4c:f0:
49:8d:92:85:fd:17:19:69:28:e1:67:e5:d0:02:ff:81:cf:a6:
0a:ac:d5:87:89:d9:97:7b:07:7a:2c:17:b9:2b:ef:00:3c:a5:
12:09:f6:75:3c:a7:56:3c:5c:66:c9:19:85:dc:24:15:0e:09:
32:4c:24:f6:ff:69:58:f7:e2:e1:7c:fa:05:e4:c7:09:c3:5b:
3c:3e:df:17:0a:50:fe:9e:e3:92:c9:6a:a7:fe:8b:e6:f7:af:
76:01:b2:b2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZxbM0cIEC5IJRExhmphTvalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMjE0MDgxMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBkNjI4MmUwYTY4ZjhhOGVjMWM3ZWMxNjQ3ODVhNjJhZmFlNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquIUs4tW4kfwGnZWdsgA9D7PqkX7
666U+5aKtL6BQ0wGPnDeeoHv5Izio/SBRHuuNI5ZarpxH+h63I/DFnXRi3f0FtPn
KW0XtfBP2gyOsKtovecg3d2dISIUXpQpC9y0Vgt6BqcZuINvzQKz095jkirkvGEE
iuh8TchQ4SUMQ5dMXtQbYCrjtS+5d1JU2psY7nJWVE9ztgdkvfAH9eFO9pRTLOeb
0wT6yrvDHZzQHMJwjHyUKiW3Nm8NTOM8L/F0ReuXCu4/kK6Dc405ZgrXmRTs9KiW
5rCtEAIWGpvuSopFiPRKQsh6jXtB5rqsPRj6CfCI1F1/Gb2IYpAUzKjzowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH8NYoLgpo+KjsHH7BZHhaYq+uVVMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvZncxaWd1Q21qNHFPd2Nmc0ZrZUZwaXI2NVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAinwFMAwD
BACKfE8DBAGKfFADBAGKfFQwDQYJKoZIhvcNAQELBQADggEBABDbPJOY803OXg0/
jOspCUSsiM+GhDP4cydVp1dz9QsKmcc6cWgXkUCd0TOuGuoRiiDwqU/4aT5H00UN
a9vNMNpfsOo6AOvV9CZwo4aHJqac0HlDdS+poTdYV0QHvHT3iR2DB9N7d04Y8SiD
0GZ4WV8oHuOe7/83NODHaSBQN4pKwiDhNZc3pV7/RkVZwZy18cmdEF4sXhDpp8Co
lCCgPfBM8EmNkoX9FxlpKOFn5dAC/4HPpgqs1YeJ2Zd7B3osF7kr7wA8pRIJ9nU8
p1Y8XGbJGYXcJBUOCTJMJPb/aVj34uF8+gXkxwnDWzw+3xcKUP6e45LJaqf+i+b3
r3YBsrI=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:26 2026 by rpki-client