Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/wO7k2vDj77zEzFHJWa2AP6hrFwo.roa
File: wO7k2vDj77zEzFHJWa2AP6hrFwo.roa (raw, json)
Hash identifier: 1sU5o66HTpxQdQlGcQU1k+KfBlwlPYDW3+vPSz4y/K0=
Subject key identifier: C0:EE:E4:DA:F0:E3:EF:BC:C4:CC:51:C9:59:AD:80:3F:A8:6B:17:0A
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019C5B2DC85E8E58CED52315538A0C5CA709
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/wO7k2vDj77zEzFHJWa2AP6hrFwo.roa
Signing time: Sat 14 Feb 2026 08:04:12 +0000
ROA not before: Sat 14 Feb 2026 08:04:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213887
IP address blocks: 138.124.6.0/24 maxlen: 24
138.124.7.0/24 maxlen: 24
138.124.8.0/24 maxlen: 24
138.124.9.0/24 maxlen: 24
138.124.17.0/24 maxlen: 24
138.124.28.0/24 maxlen: 24
138.124.32.0/24 maxlen: 24
138.124.33.0/24 maxlen: 24
138.124.36.0/24 maxlen: 24
138.124.37.0/24 maxlen: 24
138.124.38.0/24 maxlen: 24
138.124.39.0/24 maxlen: 24
138.124.40.0/24 maxlen: 24
138.124.41.0/24 maxlen: 24
138.124.42.0/24 maxlen: 24
138.124.43.0/24 maxlen: 24
138.124.44.0/24 maxlen: 24
138.124.45.0/24 maxlen: 24
138.124.46.0/24 maxlen: 24
138.124.47.0/24 maxlen: 24
138.124.48.0/24 maxlen: 24
138.124.56.0/24 maxlen: 24
138.124.57.0/24 maxlen: 24
138.124.82.0/24 maxlen: 24
138.124.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5b:2d:c8:5e:8e:58:ce:d5:23:15:53:8a:0c:5c:a7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Feb 14 08:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0eee4daf0e3efbcc4cc51c959ad803fa86b170a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:3c:f2:42:e8:38:e4:f9:cc:50:fa:7b:46:
27:93:c3:ec:29:6f:1b:36:7e:1d:05:d8:17:b0:d0:
15:16:7e:98:9a:bb:d7:fe:30:c7:e7:d8:f0:08:ef:
cb:b9:c7:54:06:2f:a9:ea:11:55:be:bd:00:e8:8b:
5c:a8:f2:52:15:14:dd:ef:76:20:54:e5:70:cc:e7:
86:70:61:71:b7:21:95:0e:6b:2b:9a:88:09:f9:b4:
de:e3:b5:0d:aa:d6:41:db:19:ce:5b:f0:2c:4f:5d:
72:d9:69:dc:75:a0:e4:df:b7:b5:c1:e4:56:61:a9:
8b:4c:0e:a8:2b:18:f3:7e:da:dd:38:a6:12:92:12:
fb:16:7b:8b:fe:37:75:aa:0d:32:fb:2c:a4:91:70:
fb:28:71:7d:7e:bc:3d:58:f5:e4:cd:b4:df:9d:15:
e6:3e:93:e7:d3:00:3c:e8:66:7c:d3:89:bc:57:1d:
d4:e6:8b:10:f5:22:d0:ab:96:b3:57:95:2e:d0:26:
b1:58:be:19:e4:27:4f:c2:76:96:ba:4f:bc:e4:a4:
0c:0e:2d:4b:0b:f2:46:d6:24:7c:ec:e1:e7:2d:af:
d3:32:08:c0:06:a4:94:68:bd:bf:82:6d:1b:37:1f:
4a:4b:fe:7e:7f:34:cf:3b:00:b4:cc:3c:13:41:52:
a7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:EE:E4:DA:F0:E3:EF:BC:C4:CC:51:C9:59:AD:80:3F:A8:6B:17:0A
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/wO7k2vDj77zEzFHJWa2AP6hrFwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.6.0-138.124.9.255
138.124.17.0/24
138.124.28.0/24
138.124.32.0/23
138.124.36.0-138.124.48.255
138.124.56.0/23
138.124.82.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:0f:c1:57:84:37:e7:9c:57:a9:fb:c2:5f:0a:34:86:97:26:
b6:a4:2f:03:bf:51:6d:d0:6d:e6:12:47:3e:63:4b:83:ab:1d:
75:09:d3:1c:96:80:21:38:60:11:30:12:f7:48:69:28:e7:2a:
eb:99:23:18:41:c8:fa:a8:ed:9a:49:ca:94:7a:27:84:0f:a7:
40:6a:3b:9e:dc:04:e1:a2:b5:3c:a5:b6:f4:be:b6:ec:b6:a3:
91:fe:06:d8:33:15:b2:93:91:2b:ef:2b:e8:17:3e:48:a9:e6:
86:04:51:29:16:84:c7:52:86:d2:b1:86:62:30:65:93:e3:4b:
82:e9:07:75:23:5e:b3:e3:9c:1b:7f:3b:95:64:2b:86:66:cb:
5b:4b:ee:2a:9a:fb:ba:92:19:71:3b:37:af:12:08:60:a6:d0:
a3:58:7d:d5:56:65:19:2e:dc:d4:53:d9:12:73:b1:8e:a8:ab:
69:26:0c:df:9b:53:1c:17:1e:be:27:23:20:fa:ba:83:33:2c:
0f:d9:9b:98:5a:a8:12:43:09:e6:d7:9e:1e:bd:46:b9:fc:a7:
9a:02:f5:56:76:4e:b4:79:17:a2:a9:f1:db:44:fe:76:9a:db:
77:86:5b:2a:75:49:89:50:28:e5:96:f8:55:dc:e2:af:94:0a:
c3:84:ac:b3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZxbLchejljO1SMVU4oMXKcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMjE0MDgwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGVlZTRkYWYwZTNlZmJjYzRjYzUxYzk1OWFkODAzZmE4NmIxNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+s88kLoOOT5zFD6e0Ynk8PsKW8b
Nn4dBdgXsNAVFn6YmrvX/jDH59jwCO/LucdUBi+p6hFVvr0A6ItcqPJSFRTd73Yg
VOVwzOeGcGFxtyGVDmsrmogJ+bTe47UNqtZB2xnOW/AsT11y2WncdaDk37e1weRW
YamLTA6oKxjzftrdOKYSkhL7FnuL/jd1qg0y+yykkXD7KHF9frw9WPXkzbTfnRXm
PpPn0wA86GZ804m8Vx3U5osQ9SLQq5azV5Uu0CaxWL4Z5CdPwnaWuk+85KQMDi1L
C/JG1iR87OHnLa/TMgjABqSUaL2/gm0bNx9KS/5+fzTPOwC0zDwTQVKnTQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMDu5Nrw4++8xMxRyVmtgD+oaxcKMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvd083azJ2RGo3N3pFekZISldhMkFQNmhyRndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAGKfAYD
BAGKfAgDBACKfBEDBACKfBwDBAGKfCAwDAMEAop8JAMEAIp8MAMEAYp8OAMEAYp8
UjANBgkqhkiG9w0BAQsFAAOCAQEASg/BV4Q355xXqfvCXwo0hpcmtqQvA79RbdBt
5hJHPmNLg6sddQnTHJaAIThgETAS90hpKOcq65kjGEHI+qjtmknKlHonhA+nQGo7
ntwE4aK1PKW29L627Lajkf4G2DMVspORK+8r6Bc+SKnmhgRRKRaEx1KG0rGGYjBl
k+NLgukHdSNes+OcG387lWQrhmbLW0vuKpr7upIZcTs3rxIIYKbQo1h91VZlGS7c
1FPZEnOxjqiraSYM35tTHBcevicjIPq6gzMsD9mbmFqoEkMJ5teeHr1GufynmgL1
VnZOtHkXoqnx20T+dprbd4ZbKnVJiVAo5Zb4Vdzir5QKw4Sssw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:42 2026 by rpki-client