This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/0sgfylOzYf66mTugI6Nw4NmEoA0.roa
File:                     0sgfylOzYf66mTugI6Nw4NmEoA0.roa (raw, json)
Hash identifier:          rmynKrlLEtHhxs5CdFLmEvZsyJ/nbous5DRVLHOuoXI=
Subject key identifier:   D2:C8:1F:CA:53:B3:61:FE:BA:99:3B:A0:23:A3:70:E0:D9:84:A0:0D
Certificate issuer:       /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial:       019B7E37B01277170366A8F6982D6CDE2EE5
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/0sgfylOzYf66mTugI6Nw4NmEoA0.roa
Signing time:             Fri 02 Jan 2026 10:18:57 +0000
ROA not before:           Fri 02 Jan 2026 10:18:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     13213
IP address blocks:        155.2.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 24 Jan 2026 00:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:37:b0:12:77:17:03:66:a8:f6:98:2d:6c:de:2e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
        Validity
            Not Before: Jan  2 10:18:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d2c81fca53b361feba993ba023a370e0d984a00d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:5c:f1:e0:94:6c:88:fe:27:ab:48:1f:58:d6:
                    0e:38:f1:68:1f:5a:25:46:d5:a6:37:ba:f5:5f:9b:
                    ac:b5:f2:2a:78:35:36:cc:ce:3a:b9:88:6e:27:74:
                    22:d8:15:21:cf:3e:b6:89:84:5f:0f:3b:6d:42:c2:
                    18:6f:0b:5e:9d:81:20:92:76:37:ca:b4:84:ac:27:
                    77:8e:9d:83:ff:c8:1f:69:9a:35:84:fb:36:ff:f4:
                    24:4d:7b:fb:9b:fb:9e:32:81:dc:22:c9:cc:b0:7e:
                    13:4a:13:ad:66:da:57:bc:27:f1:3b:63:d8:6c:c5:
                    2d:f9:46:14:ed:21:93:e0:be:b8:0f:c2:6f:da:9d:
                    14:b3:ec:e3:75:47:6a:eb:7a:b1:46:ba:d4:df:05:
                    b9:86:0f:5a:e5:a8:32:fa:ae:e8:0c:93:0d:6e:55:
                    f6:b8:8c:78:f0:94:8e:27:d6:33:22:d6:b2:a8:04:
                    4e:20:b3:14:42:98:05:92:aa:eb:3e:e8:ec:02:91:
                    01:a9:d3:9a:02:16:ab:6f:b0:69:32:9c:b1:11:8c:
                    33:b1:e5:92:39:61:65:3a:80:38:d7:81:c5:c1:90:
                    75:f7:e7:c8:80:80:6c:63:68:60:98:c7:b7:1f:03:
                    0b:ff:ce:33:6b:07:a0:f5:45:76:74:9c:65:bf:fb:
                    f2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:C8:1F:CA:53:B3:61:FE:BA:99:3B:A0:23:A3:70:E0:D9:84:A0:0D
            X509v3 Authority Key Identifier:
                keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/0sgfylOzYf66mTugI6Nw4NmEoA0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.2.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:48:61:0b:df:88:07:60:07:46:44:ed:0c:76:31:71:72:10:
         39:02:c9:8e:b6:79:7f:b0:67:16:97:59:c6:24:56:17:ba:30:
         41:d6:f4:e8:a4:db:08:48:10:30:d2:7c:91:b5:49:d2:6c:dd:
         69:11:2b:91:f1:56:66:4b:a9:25:65:3f:6b:53:ed:85:f2:70:
         00:68:08:da:c3:36:82:2c:af:b7:c5:b3:77:52:f4:82:e0:8b:
         68:12:48:6c:37:8b:8c:6b:7b:fb:f0:ba:55:26:40:a3:e7:27:
         21:9f:fc:24:5d:16:0d:5a:80:74:e5:57:23:fb:0e:41:38:f5:
         f2:40:38:39:cb:56:6d:d5:e2:56:c2:f5:dd:a8:8f:70:40:36:
         2d:4a:00:dd:94:f7:3d:f5:2d:ec:39:32:fc:7d:43:a8:78:d9:
         e9:05:d9:e4:fc:f8:b0:7a:24:c1:6d:2d:48:47:e5:f9:26:85:
         42:8b:c3:9e:c0:d5:42:a4:41:a6:9d:24:1d:b4:eb:90:9f:be:
         82:ee:b1:b3:eb:91:86:79:bb:37:c6:72:2d:aa:ad:da:28:0e:
         2f:1c:1a:73:ec:2f:e5:45:41:1d:5c:bc:69:3c:6b:9e:3f:62:
         9e:0f:a7:2c:ff:c8:5b:aa:8f:15:2b:be:30:c9:1c:6f:e9:b1:
         11:75:f7:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+N7ASdxcDZqj2mC1s3i7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMTAyMTAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM4MWZjYTUzYjM2MWZlYmE5OTNiYTAyM2EzNzBlMGQ5ODRhMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vzx4JRsiP4nq0gfWNYOOPFoH1ol
RtWmN7r1X5ustfIqeDU2zM46uYhuJ3Qi2BUhzz62iYRfDzttQsIYbwtenYEgknY3
yrSErCd3jp2D/8gfaZo1hPs2//QkTXv7m/ueMoHcIsnMsH4TShOtZtpXvCfxO2PY
bMUt+UYU7SGT4L64D8Jv2p0Us+zjdUdq63qxRrrU3wW5hg9a5agy+q7oDJMNblX2
uIx48JSOJ9YzItayqAROILMUQpgFkqrrPujsApEBqdOaAharb7BpMpyxEYwzseWS
OWFlOoA414HFwZB19+fIgIBsY2hgmMe3HwML/84zaweg9UV2dJxlv/vyXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLIH8pTs2H+upk7oCOjcODZhKANMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMHNnZnlsT3pZZjY2bVR1Z0k2Tnc0Tm1Fb0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmwK+MA0G
CSqGSIb3DQEBCwUAA4IBAQAASGEL34gHYAdGRO0MdjFxchA5AsmOtnl/sGcWl1nG
JFYXujBB1vTopNsISBAw0nyRtUnSbN1pESuR8VZmS6klZT9rU+2F8nAAaAjawzaC
LK+3xbN3UvSC4ItoEkhsN4uMa3v78LpVJkCj5ychn/wkXRYNWoB05Vcj+w5BOPXy
QDg5y1Zt1eJWwvXdqI9wQDYtSgDdlPc99S3sOTL8fUOoeNnpBdnk/PiweiTBbS1I
R+X5JoVCi8OewNVCpEGmnSQdtOuQn76C7rGz65GGebs3xnItqq3aKA4vHBpz7C/l
RUEdXLxpPGueP2KeD6cs/8hbqo8VK74wyRxv6bERdfdK
-----END CERTIFICATE-----