Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/v4JvY9wMe53smhk2zRvJ5lMTrGE.roa
File: v4JvY9wMe53smhk2zRvJ5lMTrGE.roa (raw, json)
Hash identifier: 3s3UDWjb1KYZ+q2gqU6kquutAKC7VSuocZYMkU1M+wA=
Subject key identifier: BF:82:6F:63:DC:0C:7B:9D:EC:9A:19:36:CD:1B:C9:E6:53:13:AC:61
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019C5B3346C0AF56D676047B5484AEA2486E
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/v4JvY9wMe53smhk2zRvJ5lMTrGE.roa
Signing time: Sat 14 Feb 2026 08:10:12 +0000
ROA not before: Sat 14 Feb 2026 08:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 138.124.0.0/24 maxlen: 24
138.124.1.0/24 maxlen: 24
138.124.5.0/24 maxlen: 24
138.124.11.0/24 maxlen: 24
138.124.12.0/24 maxlen: 24
138.124.62.0/24 maxlen: 24
138.124.63.0/24 maxlen: 24
138.124.64.0/24 maxlen: 24
138.124.65.0/24 maxlen: 24
138.124.66.0/24 maxlen: 24
138.124.67.0/24 maxlen: 24
138.124.68.0/24 maxlen: 24
138.124.69.0/24 maxlen: 24
138.124.70.0/24 maxlen: 24
138.124.71.0/24 maxlen: 24
138.124.72.0/24 maxlen: 24
138.124.73.0/24 maxlen: 24
138.124.74.0/24 maxlen: 24
138.124.75.0/24 maxlen: 24
138.124.76.0/24 maxlen: 24
138.124.77.0/24 maxlen: 24
138.124.79.0/24 maxlen: 24
138.124.80.0/24 maxlen: 24
138.124.83.0/24 maxlen: 24
138.124.84.0/24 maxlen: 24
138.124.85.0/24 maxlen: 24
138.124.86.0/24 maxlen: 24
138.124.87.0/24 maxlen: 24
138.124.88.0/24 maxlen: 24
138.124.94.0/24 maxlen: 24
138.124.95.0/24 maxlen: 24
138.124.96.0/24 maxlen: 24
138.124.97.0/24 maxlen: 24
138.124.98.0/24 maxlen: 24
138.124.100.0/24 maxlen: 24
138.124.104.0/24 maxlen: 24
138.124.105.0/24 maxlen: 24
138.124.106.0/24 maxlen: 24
138.124.120.0/24 maxlen: 24
138.124.121.0/24 maxlen: 24
138.124.122.0/24 maxlen: 24
138.124.228.0/24 maxlen: 24
138.124.229.0/24 maxlen: 24
138.124.230.0/24 maxlen: 24
138.124.231.0/24 maxlen: 24
138.124.240.0/24 maxlen: 24
138.124.241.0/24 maxlen: 24
138.124.242.0/24 maxlen: 24
138.124.243.0/24 maxlen: 24
138.124.244.0/24 maxlen: 24
138.124.245.0/24 maxlen: 24
138.124.246.0/24 maxlen: 24
138.124.247.0/24 maxlen: 24
138.124.248.0/24 maxlen: 24
138.124.249.0/24 maxlen: 24
138.124.250.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
138.124.254.0/24 maxlen: 24
138.124.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5b:33:46:c0:af:56:d6:76:04:7b:54:84:ae:a2:48:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Feb 14 08:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf826f63dc0c7b9dec9a1936cd1bc9e65313ac61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:93:8c:7d:c2:3c:4c:4c:84:65:30:ec:0d:
dd:b4:f9:4f:78:5c:56:50:5e:b6:a8:2c:63:8f:c0:
5f:ae:a4:8f:c4:a0:65:69:89:8f:31:e1:02:8c:c3:
cf:32:50:fd:15:24:d1:81:95:0d:47:0d:dc:2b:d7:
72:bb:0c:fe:b3:a0:43:26:0b:dd:a9:cd:1c:79:5a:
64:b8:39:ab:11:89:5b:e1:5e:75:4c:90:4a:e1:f8:
ba:5b:e0:0c:a5:42:43:ba:7d:b5:6e:58:5d:e0:7c:
57:d1:ca:80:04:9d:4f:72:1c:52:34:a3:e4:4e:29:
f3:cf:4d:77:e4:73:9a:22:49:0d:2d:ac:12:98:e8:
35:a3:8d:28:f1:7d:90:98:be:fd:79:c9:06:76:26:
ba:a0:10:72:d1:70:68:c5:db:de:e9:a8:21:50:93:
5c:2c:bf:da:cc:64:e0:cf:a2:91:9d:ca:80:59:6f:
da:7a:a4:18:2e:3a:f2:3f:46:ef:cb:88:3d:dd:bb:
5c:0f:7e:50:f7:1b:b3:e6:bb:b0:d3:f8:c7:98:cd:
5c:62:01:ee:a7:04:d5:91:68:66:3b:ca:3c:a6:fc:
72:f5:09:ca:15:48:69:fc:47:72:03:c2:dd:36:70:
53:b9:dc:95:6d:91:c8:f8:af:5c:7f:d9:21:e7:a0:
5a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:82:6F:63:DC:0C:7B:9D:EC:9A:19:36:CD:1B:C9:E6:53:13:AC:61
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/v4JvY9wMe53smhk2zRvJ5lMTrGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0/23
138.124.5.0/24
138.124.11.0-138.124.12.255
138.124.62.0-138.124.77.255
138.124.79.0-138.124.80.255
138.124.83.0-138.124.88.255
138.124.94.0-138.124.98.255
138.124.100.0/24
138.124.104.0-138.124.106.255
138.124.120.0-138.124.122.255
138.124.228.0/22
138.124.240.0/20
Signature Algorithm: sha256WithRSAEncryption
15:2c:1f:bd:60:80:0a:85:5c:a5:61:8d:3f:32:a7:9e:f7:e9:
17:6c:0d:95:4f:af:d1:85:b7:6a:12:ef:3e:63:ca:3c:18:74:
60:b1:5e:c5:2b:af:3f:70:2a:09:4a:be:32:be:ef:4f:31:50:
2a:b6:8e:0f:9f:78:b6:11:1c:98:85:7c:57:90:e9:0c:43:47:
38:6d:9b:09:a3:4b:e6:31:69:33:c2:71:9f:46:ff:24:ca:f1:
52:20:45:36:6f:fa:2f:9f:c1:44:7c:3c:50:1a:47:bc:86:97:
2e:af:8b:b4:01:87:0f:97:4d:eb:fd:1c:35:25:d4:74:a4:0e:
16:16:89:24:ed:a2:ec:fc:34:60:18:99:06:21:97:a1:61:04:
dd:e1:4e:33:4e:e1:9b:c8:4e:d6:c2:a6:3a:f0:fb:16:33:98:
e7:32:c6:39:3a:4e:24:cd:b6:02:96:ef:6c:55:64:e0:d5:08:
f7:d9:02:88:f9:f2:f4:2c:44:1e:65:8a:bf:1d:1b:fb:5b:71:
82:1c:55:3a:49:7f:9b:1d:c1:86:2f:4a:ed:dd:86:dd:ea:2b:
e3:80:3a:41:16:15:b3:dc:ff:4f:d4:17:f7:df:a6:74:bb:82:
89:31:f8:bb:bb:e9:b2:89:5a:28:94:8f:bf:bb:b5:77:28:40:
3d:92:60:bd
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZxbM0bAr1bWdgR7VISuokhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMjE0MDgxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgyNmY2M2RjMGM3YjlkZWM5YTE5MzZjZDFiYzllNjUzMTNhYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojeTjH3CPExMhGUw7A3dtPlPeFxW
UF62qCxjj8BfrqSPxKBlaYmPMeECjMPPMlD9FSTRgZUNRw3cK9dyuwz+s6BDJgvd
qc0ceVpkuDmrEYlb4V51TJBK4fi6W+AMpUJDun21blhd4HxX0cqABJ1PchxSNKPk
Tinzz0135HOaIkkNLawSmOg1o40o8X2QmL79eckGdia6oBBy0XBoxdve6aghUJNc
LL/azGTgz6KRncqAWW/aeqQYLjryP0bvy4g93btcD35Q9xuz5ruw0/jHmM1cYgHu
pwTVkWhmO8o8pvxy9QnKFUhp/EdyA8LdNnBTudyVbZHI+K9cf9kh56BaAwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFL+Cb2PcDHud7JoZNs0byeZTE6xhMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvdjRKdlk5d01lNTNzbWhrMnpSdko1bE1UckdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAGK
fAADBACKfAUwDAMEAIp8CwMEAIp8DDAMAwQBinw+AwQBinxMMAwDBACKfE8DBACK
fFAwDAMEAIp8UwMEAIp8WDAMAwQBinxeAwQAinxiAwQAinxkMAwDBAOKfGgDBACK
fGowDAMEA4p8eAMEAIp8egMEAop85AMEBIp88DANBgkqhkiG9w0BAQsFAAOCAQEA
FSwfvWCACoVcpWGNPzKnnvfpF2wNlU+v0YW3ahLvPmPKPBh0YLFexSuvP3AqCUq+
Mr7vTzFQKraOD594thEcmIV8V5DpDENHOG2bCaNL5jFpM8Jxn0b/JMrxUiBFNm/6
L5/BRHw8UBpHvIaXLq+LtAGHD5dN6/0cNSXUdKQOFhaJJO2i7Pw0YBiZBiGXoWEE
3eFOM07hm8hO1sKmOvD7FjOY5zLGOTpOJM22ApbvbFVk4NUI99kCiPny9CxEHmWK
vx0b+1txghxVOkl/mx3Bhi9K7d2G3eor44A6QRYVs9z/T9QX99+mdLuCiTH4u7vp
solaKJSPv7u1dyhAPZJgvQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:17:58 2026 by rpki-client