Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/txTrVQ7DOwvGZVMuUdOo2yJntLw.roa
File: txTrVQ7DOwvGZVMuUdOo2yJntLw.roa (raw, json)
Hash identifier: X0+eCtLiIKeX5v5KTGC8o4Rtbkm6Pp1VNspLxuoN4nw=
Subject key identifier: B7:14:EB:55:0E:C3:3B:0B:C6:65:53:2E:51:D3:A8:DB:22:67:B4:BC
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019D094E25B6A9ABD82364D6B39961179D89
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/txTrVQ7DOwvGZVMuUdOo2yJntLw.roa
Signing time: Fri 20 Mar 2026 03:33:29 +0000
ROA not before: Fri 20 Mar 2026 03:33:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41745
IP address blocks: 138.124.0.0/24 maxlen: 24
138.124.1.0/24 maxlen: 24
138.124.2.0/24 maxlen: 24
138.124.3.0/24 maxlen: 24
138.124.4.0/24 maxlen: 24
138.124.5.0/24 maxlen: 24
138.124.10.0/24 maxlen: 24
138.124.15.0/24 maxlen: 24
138.124.16.0/24 maxlen: 24
138.124.19.0/24 maxlen: 24
138.124.20.0/24 maxlen: 24
138.124.30.0/24 maxlen: 24
138.124.31.0/24 maxlen: 24
138.124.68.0/24 maxlen: 24
138.124.69.0/24 maxlen: 24
138.124.70.0/24 maxlen: 24
138.124.71.0/24 maxlen: 24
138.124.72.0/24 maxlen: 24
138.124.73.0/24 maxlen: 24
138.124.74.0/24 maxlen: 24
138.124.75.0/24 maxlen: 24
138.124.84.0/24 maxlen: 24
138.124.85.0/24 maxlen: 24
138.124.86.0/24 maxlen: 24
138.124.87.0/24 maxlen: 24
138.124.88.0/24 maxlen: 24
138.124.96.0/24 maxlen: 24
138.124.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:4e:25:b6:a9:ab:d8:23:64:d6:b3:99:61:17:9d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Mar 20 03:33:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b714eb550ec33b0bc665532e51d3a8db2267b4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:6c:90:ab:04:26:c9:de:04:17:42:0d:f2:
6d:07:13:e2:fc:02:a2:0b:5e:ac:c1:25:ac:41:18:
34:79:5b:08:16:ea:5c:f7:0d:79:34:b0:dd:47:63:
ae:42:03:9d:6d:57:fb:d1:ec:64:9b:dc:09:fc:5a:
f1:4d:73:89:e3:fb:27:15:b8:57:e5:62:90:fc:c6:
14:9d:9d:58:a2:77:9a:6c:3f:b1:31:d3:dc:48:29:
ba:d5:47:c7:81:32:da:7b:6a:e9:88:51:bd:a4:32:
32:82:42:32:cc:e5:13:dd:05:2d:da:3a:fc:9d:89:
e5:03:14:25:58:4d:67:6e:35:62:3f:8d:17:89:a2:
b1:4f:61:fc:ae:6e:17:fc:1b:bd:ef:dd:cd:89:72:
31:ea:f5:a9:a3:9d:74:e2:8c:01:f1:e7:aa:9b:e2:
ab:e0:ca:2b:c9:ef:ae:5f:fa:73:fc:9d:c3:01:f3:
ab:ec:64:c9:98:0e:f2:49:a7:ac:4a:5a:c3:0d:67:
6d:e8:76:d7:2d:ee:d1:98:df:4a:ee:85:72:c1:d1:
d9:59:3b:7e:ac:c2:f3:69:ea:7d:2d:7d:4d:06:ca:
48:15:24:ab:aa:1e:41:e5:1c:00:f2:b8:02:03:a5:
b1:68:31:3b:db:c0:a4:0f:f2:11:20:7c:63:a4:65:
a8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:14:EB:55:0E:C3:3B:0B:C6:65:53:2E:51:D3:A8:DB:22:67:B4:BC
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/txTrVQ7DOwvGZVMuUdOo2yJntLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0-138.124.5.255
138.124.10.0/24
138.124.15.0-138.124.16.255
138.124.19.0-138.124.20.255
138.124.30.0/23
138.124.68.0-138.124.75.255
138.124.84.0-138.124.88.255
138.124.96.0/24
138.124.125.0/24
Signature Algorithm: sha256WithRSAEncryption
93:09:fb:e2:4b:1d:64:80:5d:16:ad:09:e2:74:6f:94:30:1f:
39:d6:1f:d3:f9:db:b8:db:42:6b:48:3f:b0:f8:d5:16:eb:07:
dd:00:f6:01:08:ec:6a:53:f7:00:9a:e6:b1:0b:9e:d4:e1:26:
bd:f8:bd:9c:8a:81:7e:5f:1f:07:15:c1:bc:9d:6b:b2:b2:44:
a5:f8:5b:4e:70:63:a1:12:f7:d7:67:e1:91:a1:a9:1b:d1:6f:
e3:d4:32:62:e6:a6:db:4a:20:f1:5e:00:5d:bb:d3:bc:51:92:
fb:c1:01:c7:b2:2f:ee:16:6b:a3:73:df:a9:56:5f:a5:3a:df:
2b:ed:a8:ba:c4:7a:82:13:7e:ef:38:f8:02:46:dc:cd:14:43:
c0:b1:ae:8c:6d:78:7e:38:46:66:85:fd:be:16:70:71:76:86:
28:24:b1:da:bd:4f:57:51:fa:e6:da:c7:84:52:8a:49:b5:c3:
2b:30:1e:b8:f7:7f:d4:56:88:02:7b:b4:89:37:aa:78:ce:eb:
3c:e6:be:a7:d2:44:6d:f6:34:e0:f1:52:1a:dd:fb:5a:9f:db:
ee:02:35:ff:c3:1e:e7:22:cc:5c:c4:14:26:41:53:b9:c1:4b:
84:a7:ec:34:a0:6b:15:e8:9a:e9:3c:87:17:a8:20:31:4b:62:
59:5a:f5:8d
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZ0JTiW2qavYI2TWs5lhF52JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMzIwMDMzMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE0ZWI1NTBlYzMzYjBiYzY2NTUzMmU1MWQzYThkYjIyNjdiNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkJskKsEJsneBBdCDfJtBxPi/AKi
C16swSWsQRg0eVsIFupc9w15NLDdR2OuQgOdbVf70exkm9wJ/FrxTXOJ4/snFbhX
5WKQ/MYUnZ1YoneabD+xMdPcSCm61UfHgTLae2rpiFG9pDIygkIyzOUT3QUt2jr8
nYnlAxQlWE1nbjViP40XiaKxT2H8rm4X/Bu9793NiXIx6vWpo5104owB8eeqm+Kr
4Morye+uX/pz/J3DAfOr7GTJmA7ySaesSlrDDWdt6HbXLe7RmN9K7oVywdHZWTt+
rMLzaep9LX1NBspIFSSrqh5B5RwA8rgCA6WxaDE728CkD/IRIHxjpGWotQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFLcU61UOwzsLxmVTLlHTqNsiZ7S8MB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvdHhUclZRN0RPd3ZHWlZNdVVkT28yeUpudEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdMAsDAwKKfAME
AYp8BAMEAIp8CjAMAwQAinwPAwQAinwQMAwDBACKfBMDBACKfBQDBAGKfB4wDAME
Aop8RAMEAop8SDAMAwQCinxUAwQAinxYAwQAinxgAwQAinx9MA0GCSqGSIb3DQEB
CwUAA4IBAQCTCfviSx1kgF0WrQnidG+UMB851h/T+du420JrSD+w+NUW6wfdAPYB
COxqU/cAmuaxC57U4Sa9+L2cioF+Xx8HFcG8nWuyskSl+FtOcGOhEvfXZ+GRoakb
0W/j1DJi5qbbSiDxXgBdu9O8UZL7wQHHsi/uFmujc9+pVl+lOt8r7ai6xHqCE37v
OPgCRtzNFEPAsa6MbXh+OEZmhf2+FnBxdoYoJLHavU9XUfrm2seEUopJtcMrMB64
93/UVogCe7SJN6p4zus85r6n0kRt9jTg8VIa3ftan9vuAjX/wx7nIsxcxBQmQVO5
wUuEp+w0oGsV6JrpPIcXqCAxS2JZWvWN
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:19 2026 by rpki-client