Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/Hax2CM_u8tv_Y_4IhciZMhkDl3c.roa
File: Hax2CM_u8tv_Y_4IhciZMhkDl3c.roa (raw, json)
Hash identifier: e9PckbluSyyzMKimJgtpYDPOMt/2roevlfetav7K+BQ=
Subject key identifier: 1D:AC:76:08:CF:EE:F2:DB:FF:63:FE:08:85:C8:99:32:19:03:97:77
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0199BFE016970D6E5C88189ED2838F5C4C9E
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/Hax2CM_u8tv_Y_4IhciZMhkDl3c.roa
Signing time: Tue 07 Oct 2025 18:12:38 +0000
ROA not before: Tue 07 Oct 2025 18:12:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 138.124.5.0/24 maxlen: 24
138.124.6.0/24 maxlen: 24
138.124.7.0/24 maxlen: 24
138.124.36.0/24 maxlen: 24
138.124.37.0/24 maxlen: 24
138.124.40.0/24 maxlen: 24
138.124.41.0/24 maxlen: 24
138.124.42.0/24 maxlen: 24
138.124.43.0/24 maxlen: 24
138.124.44.0/24 maxlen: 24
138.124.79.0/24 maxlen: 24
138.124.80.0/24 maxlen: 24
138.124.81.0/24 maxlen: 24
138.124.82.0/24 maxlen: 24
138.124.83.0/24 maxlen: 24
138.124.84.0/24 maxlen: 24
138.124.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bf:e0:16:97:0d:6e:5c:88:18:9e:d2:83:8f:5c:4c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Oct 7 18:12:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dac7608cfeef2dbff63fe0885c8993219039777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:6a:9e:14:dd:4f:bd:4e:f2:67:2e:59:15:
90:d7:3b:cc:d2:4b:78:d4:64:de:79:b3:60:2b:1c:
a4:eb:d5:0e:17:c8:0a:e0:94:49:2f:42:8f:37:ba:
69:5c:46:c6:92:9f:84:ad:67:30:ee:2e:78:f4:15:
26:2b:ea:e9:09:a3:95:7b:fa:9f:f7:6f:fd:d0:a9:
95:7b:c1:5c:49:29:11:b4:6a:8a:d4:43:6d:47:b5:
ba:45:5e:91:9c:ac:82:ad:14:48:84:ed:b1:1c:67:
67:9f:db:9b:d6:14:4d:b6:91:58:71:6f:09:9d:6c:
57:15:76:4a:8a:0a:c7:83:bc:b8:a1:ad:e8:94:0b:
f3:53:d5:61:ed:9d:60:29:c2:90:60:3a:59:e6:7d:
62:a7:df:f1:0d:4f:48:fa:30:95:36:20:10:3f:fc:
ed:87:c6:25:42:c9:c6:9a:17:54:f5:1c:34:96:e0:
8d:2f:75:1d:e6:5b:cf:f9:60:8d:39:fb:f9:a7:ab:
14:40:ca:fc:49:14:58:b4:2b:e6:f1:25:e2:39:1e:
98:c6:e0:5e:d6:1f:22:5b:4e:12:52:c8:2b:48:57:
a2:a1:59:a5:8a:43:5d:cb:f6:37:55:17:3a:8a:97:
a6:34:38:e2:a8:77:f6:f6:df:60:ab:e7:4c:cf:64:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AC:76:08:CF:EE:F2:DB:FF:63:FE:08:85:C8:99:32:19:03:97:77
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/Hax2CM_u8tv_Y_4IhciZMhkDl3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.5.0-138.124.7.255
138.124.36.0/23
138.124.40.0-138.124.44.255
138.124.79.0-138.124.85.255
Signature Algorithm: sha256WithRSAEncryption
c8:bb:45:09:e8:2a:a1:ba:92:d0:72:02:f5:7c:9a:fb:73:28:
6d:3d:ae:13:2a:0b:9c:de:f1:07:ae:28:db:d0:a7:e5:f4:a3:
35:38:8d:26:27:75:75:17:f6:0b:eb:a8:08:c4:2d:de:11:cc:
f8:79:d0:39:03:33:59:0f:ea:05:58:64:e2:c9:db:a0:43:ea:
d5:8b:cd:a7:45:5e:1a:57:65:25:d2:69:d0:37:a6:e3:2a:92:
f8:cb:8f:4e:ad:62:2b:81:29:2d:3d:ed:a2:59:d5:39:8d:07:
20:72:7f:e1:d2:fe:94:15:06:b7:fc:83:97:fa:4c:66:7c:00:
28:d3:ea:43:e7:17:ae:18:f4:d5:b6:79:59:17:f8:3b:21:48:
a8:2c:30:da:5f:c4:65:15:fa:91:20:c1:af:52:d6:2e:ab:51:
a1:ea:00:b5:ea:38:36:e9:0f:d7:33:a9:8b:6f:9a:8e:31:fe:
71:f4:e3:0a:4e:7d:20:8a:fa:ce:db:42:0c:ba:ff:dd:3e:6b:
c3:ec:f1:2f:b5:ca:22:2d:d7:0a:e8:08:4b:80:51:a1:8a:93:
45:80:cf:98:fd:03:f4:db:fe:89:15:fa:2d:c1:40:73:aa:77:
66:2a:a7:2b:63:95:6a:28:1f:63:1b:a3:a1:b3:65:b8:72:19:
19:13:b8:0c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZm/4BaXDW5ciBie0oOPXEyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjUxMDA3MTgxMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFjNzYwOGNmZWVmMmRiZmY2M2ZlMDg4NWM4OTkzMjE5MDM5Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytpqnhTdT71O8mcuWRWQ1zvM0kt4
1GTeebNgKxyk69UOF8gK4JRJL0KPN7ppXEbGkp+ErWcw7i549BUmK+rpCaOVe/qf
92/90KmVe8FcSSkRtGqK1ENtR7W6RV6RnKyCrRRIhO2xHGdnn9ub1hRNtpFYcW8J
nWxXFXZKigrHg7y4oa3olAvzU9Vh7Z1gKcKQYDpZ5n1ip9/xDU9I+jCVNiAQP/zt
h8YlQsnGmhdU9Rw0luCNL3Ud5lvP+WCNOfv5p6sUQMr8SRRYtCvm8SXiOR6YxuBe
1h8iW04SUsgrSFeioVmlikNdy/Y3VRc6ipemNDjiqHf29t9gq+dMz2RfZwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB2sdgjP7vLb/2P+CIXImTIZA5d3MB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvSGF4MkNNX3U4dHZfWV80SWhjaVpNaGtEbDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBACKfAUD
BAOKfAADBAGKfCQwDAMEA4p8KAMEAIp8LDAMAwQAinxPAwQBinxUMA0GCSqGSIb3
DQEBCwUAA4IBAQDIu0UJ6CqhupLQcgL1fJr7cyhtPa4TKguc3vEHrijb0Kfl9KM1
OI0mJ3V1F/YL66gIxC3eEcz4edA5AzNZD+oFWGTiydugQ+rVi82nRV4aV2Ul0mnQ
N6bjKpL4y49OrWIrgSktPe2iWdU5jQcgcn/h0v6UFQa3/IOX+kxmfAAo0+pD5xeu
GPTVtnlZF/g7IUioLDDaX8RlFfqRIMGvUtYuq1Gh6gC16jg26Q/XM6mLb5qOMf5x
9OMKTn0givrO20IMuv/dPmvD7PEvtcoiLdcK6AhLgFGhipNFgM+Y/QP02/6JFfot
wUBzqndmKqcrY5VqKB9jG6Ohs2W4chkZE7gM
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:49 2025 by rpki-client