Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/LnHLCB1Dv_bxqTA3Y68cEs31zTU.roa
File: LnHLCB1Dv_bxqTA3Y68cEs31zTU.roa (raw, json)
Hash identifier: a35PK3Z13BkNlxOkouLz2QvnCdOqgH34Olf470rW6Gk=
Subject key identifier: 2E:71:CB:08:1D:43:BF:F6:F1:A9:30:37:63:AF:1C:12:CD:F5:CD:35
Certificate issuer: /CN=12b19a65513f9e2ebedef0057bff95417255cffc
Certificate serial: 0199C77A7F85E522CE86297019872316C60C
Authority key identifier: 12:B1:9A:65:51:3F:9E:2E:BE:DE:F0:05:7B:FF:95:41:72:55:CF:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ErGaZVE_ni6-3vAFe_-VQXJVz_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/LnHLCB1Dv_bxqTA3Y68cEs31zTU.roa
Signing time: Thu 09 Oct 2025 05:38:37 +0000
ROA not before: Thu 09 Oct 2025 05:38:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43408
IP address blocks: 87.238.200.0/24 maxlen: 24
87.238.201.0/24 maxlen: 24
87.238.202.0/24 maxlen: 24
87.238.203.0/24 maxlen: 24
87.238.204.0/24 maxlen: 24
87.238.205.0/24 maxlen: 24
87.238.206.0/24 maxlen: 24
87.238.207.0/24 maxlen: 24
2a00:1cd0:1::/48 maxlen: 48
2a00:1cd0:2::/48 maxlen: 48
2a00:1cd0:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/ErGaZVE_ni6-3vAFe_-VQXJVz_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/ErGaZVE_ni6-3vAFe_-VQXJVz_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/ErGaZVE_ni6-3vAFe_-VQXJVz_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c7:7a:7f:85:e5:22:ce:86:29:70:19:87:23:16:c6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12b19a65513f9e2ebedef0057bff95417255cffc
Validity
Not Before: Oct 9 05:38:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e71cb081d43bff6f1a9303763af1c12cdf5cd35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f6:a8:3b:ce:88:6d:13:9d:e5:62:e7:23:7d:
67:cc:39:d2:0a:59:8a:0b:f5:e0:6b:b5:98:41:e6:
78:78:53:cd:c3:7d:62:ee:78:54:10:ec:7b:34:07:
11:ab:02:55:37:74:98:d5:5c:bb:57:90:f7:60:b6:
60:ab:69:25:08:e1:25:a5:24:a2:de:bb:a0:e6:82:
c5:44:8e:42:02:49:08:3e:a5:e3:7e:aa:3c:ed:01:
da:26:58:84:f1:8b:49:0b:e4:ed:e5:75:1a:2b:57:
ca:fe:82:0b:72:b9:aa:94:ab:6f:ae:5d:27:c1:9d:
12:5e:49:50:e3:09:83:96:1a:ba:c0:cb:96:8a:7a:
7f:03:74:a6:22:27:d9:88:73:05:a8:41:9f:29:14:
e9:5d:5d:2c:43:c1:e3:26:f2:e4:34:f1:ec:21:e5:
30:7c:cb:0d:a9:8c:79:69:d2:76:da:02:83:16:c2:
94:c3:5f:ee:ec:df:23:f5:6a:a9:00:6d:07:53:30:
f0:62:00:0b:78:15:81:a5:e1:a8:7b:e8:3c:77:50:
ba:1c:1a:a0:66:59:3b:7c:61:e6:bb:5d:61:f2:0e:
fb:b3:7e:c5:4b:52:0c:fa:7a:79:17:26:8f:b6:c7:
4d:4c:d2:6a:4a:da:fa:bd:e4:dc:bf:2e:f5:51:f6:
43:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:71:CB:08:1D:43:BF:F6:F1:A9:30:37:63:AF:1C:12:CD:F5:CD:35
X509v3 Authority Key Identifier:
keyid:12:B1:9A:65:51:3F:9E:2E:BE:DE:F0:05:7B:FF:95:41:72:55:CF:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ErGaZVE_ni6-3vAFe_-VQXJVz_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/LnHLCB1Dv_bxqTA3Y68cEs31zTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5e28c6-1cb2-4c86-b3ff-e23d8bc720e9/1/ErGaZVE_ni6-3vAFe_-VQXJVz_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.200.0/21
IPv6:
2a00:1cd0:1::-2a00:1cd0:2:ffff:ffff:ffff:ffff:ffff
2a00:1cd0:6::/48
Signature Algorithm: sha256WithRSAEncryption
32:dd:36:6e:10:a5:83:20:38:ed:f7:75:9d:6a:d3:9b:c2:44:
6a:01:73:88:ce:be:0f:ab:4e:1a:91:81:8d:83:ed:42:0d:2d:
76:c1:50:2b:5f:07:e2:b4:e1:80:88:bf:67:e6:3c:b5:f5:c5:
10:82:b1:df:96:e1:fb:39:08:83:be:38:ac:84:22:d0:9b:59:
28:80:f3:be:53:04:a1:59:c3:ac:3a:59:67:1a:9b:43:1a:ff:
f0:38:89:ad:87:93:d7:7f:ca:13:3a:20:92:2a:d9:b3:60:cb:
25:f7:9f:b0:44:dd:87:82:89:29:0e:fe:7d:46:bb:8a:44:01:
2e:2f:44:46:6a:54:68:a6:95:ad:66:24:44:21:6e:13:04:e6:
2d:89:ef:8b:1a:b2:4a:c4:32:9f:a8:cf:71:29:fc:e1:56:99:
fe:ea:bc:37:53:6e:99:01:29:d0:1c:5e:91:85:00:62:9c:e6:
30:30:2c:6d:0a:5d:08:7c:33:f1:43:ca:02:7b:53:28:00:21:
7b:60:00:3a:4b:18:40:27:5d:68:af:f4:f6:f2:88:b3:1f:cb:
b3:3f:34:60:aa:94:69:19:74:0b:44:b6:30:a1:86:d9:b8:db:
ad:87:c9:3d:a7:0e:a9:91:f2:c6:c2:77:d1:c3:46:91:c9:ab:
5f:1f:21:ba
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZnHen+F5SLOhilwGYcjFsYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYjE5YTY1NTEzZjllMmViZWRlZjAwNTdiZmY5NTQxNzI1
NWNmZmMwHhcNMjUxMDA5MDUzODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTcxY2IwODFkNDNiZmY2ZjFhOTMwMzc2M2FmMWMxMmNkZjVjZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/aoO86IbROd5WLnI31nzDnSClmK
C/Xga7WYQeZ4eFPNw31i7nhUEOx7NAcRqwJVN3SY1Vy7V5D3YLZgq2klCOElpSSi
3rug5oLFRI5CAkkIPqXjfqo87QHaJliE8YtJC+Tt5XUaK1fK/oILcrmqlKtvrl0n
wZ0SXklQ4wmDlhq6wMuWinp/A3SmIifZiHMFqEGfKRTpXV0sQ8HjJvLkNPHsIeUw
fMsNqYx5adJ22gKDFsKUw1/u7N8j9WqpAG0HUzDwYgALeBWBpeGoe+g8d1C6HBqg
Zlk7fGHmu11h8g77s37FS1IM+np5FyaPtsdNTNJqStr6veTcvy71UfZDXwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFC5xywgdQ7/28akwN2OvHBLN9c01MB8GA1UdIwQY
MBaAFBKxmmVRP54uvt7wBXv/lUFyVc/8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXJHYVpWRV9uaTYtM3ZBRmVfLVZRWEpWel93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81ZTI4YzYtMWNiMi00Yzg2LWIzZmYt
ZTIzZDhiYzcyMGU5LzEvTG5ITENCMUR2X2J4cVRBM1k2OGNFczMxelRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81ZTI4YzYtMWNiMi00Yzg2LWIzZmYtZTIzZDhiYzcyMGU5
LzEvRXJHYVpWRV9uaTYtM3ZBRmVfLVZRWEpWel93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQDV+7IMCME
AgACMB0wEgMHACoAHNAAAQMHACoAHNAAAgMHACoAHNAABjANBgkqhkiG9w0BAQsF
AAOCAQEAMt02bhClgyA47fd1nWrTm8JEagFziM6+D6tOGpGBjYPtQg0tdsFQK18H
4rThgIi/Z+Y8tfXFEIKx35bh+zkIg744rIQi0JtZKIDzvlMEoVnDrDpZZxqbQxr/
8DiJrYeT13/KEzogkirZs2DLJfefsETdh4KJKQ7+fUa7ikQBLi9ERmpUaKaVrWYk
RCFuEwTmLYnvixqySsQyn6jPcSn84VaZ/uq8N1NumQEp0BxekYUAYpzmMDAsbQpd
CHwz8UPKAntTKAAhe2AAOksYQCddaK/09vKIsx/Lsz80YKqUaRl0C0S2MKGG2bjb
rYfJPacOqZHyxsJ30cNGkcmrXx8hug==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:24 2025 by rpki-client