This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/nS12X_FMQVUUwkWnLYmgJW732kk.roa
File:                     nS12X_FMQVUUwkWnLYmgJW732kk.roa (raw, json)
Hash identifier:          GXbiX9J7KWPFCiPzKs7zINZFOvfmZgRDxvmBON8Kk10=
Subject key identifier:   9D:2D:76:5F:F1:4C:41:55:14:C2:45:A7:2D:89:A0:25:6E:F7:DA:49
Certificate issuer:       /CN=e7739f08442e22446621b89a57639b3542ba34dc
Certificate serial:       019B7C12685CE08274E3E6360CC576D4395A
Authority key identifier: E7:73:9F:08:44:2E:22:44:66:21:B8:9A:57:63:9B:35:42:BA:34:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/nS12X_FMQVUUwkWnLYmgJW732kk.roa
Signing time:             Fri 02 Jan 2026 00:18:59 +0000
ROA not before:           Fri 02 Jan 2026 00:18:59 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     47447
IP address blocks:        194.5.62.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 12:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:68:5c:e0:82:74:e3:e6:36:0c:c5:76:d4:39:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7739f08442e22446621b89a57639b3542ba34dc
        Validity
            Not Before: Jan  2 00:18:59 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9d2d765ff14c415514c245a72d89a0256ef7da49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:96:43:30:21:43:ea:98:d8:52:37:36:a7:f3:
                    ee:15:f0:f5:0a:b0:d4:0e:15:30:74:87:83:1a:18:
                    91:ea:af:ba:f9:d7:8c:9a:a1:fb:17:a9:67:4f:6b:
                    45:28:42:c7:c4:12:9e:8e:3b:47:63:19:60:a3:92:
                    f8:5a:a8:87:24:62:0a:41:ac:0d:09:4b:5a:22:a8:
                    41:24:44:06:5d:fe:2b:1f:6a:a9:7c:fd:9d:46:b2:
                    3c:ea:08:c5:28:bf:da:ce:9e:7a:42:ca:d6:9d:80:
                    38:e5:40:1b:0e:d0:70:a8:93:a3:7d:b8:1f:d0:47:
                    39:48:5a:23:31:5e:14:05:ea:97:58:2e:e4:04:11:
                    ad:4c:38:6c:61:ad:17:f9:d0:ec:8e:31:58:1b:97:
                    15:73:c0:ff:43:4c:88:c2:0f:58:31:a1:a6:52:2f:
                    86:8b:e7:74:c3:3c:83:8a:5e:92:42:c8:95:e7:3b:
                    4a:bc:87:f4:c6:35:13:8c:ac:51:1c:c9:e6:4c:9d:
                    05:36:3f:bb:e5:58:45:7c:51:f8:5a:6f:57:10:0c:
                    5e:f7:2d:9a:93:2d:fb:22:d1:f3:ed:88:43:93:f1:
                    28:8e:1e:8d:b0:0d:20:17:cc:68:94:aa:83:9f:b7:
                    11:a3:6d:d9:8b:3a:c3:85:43:f6:91:81:78:0f:d5:
                    54:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:2D:76:5F:F1:4C:41:55:14:C2:45:A7:2D:89:A0:25:6E:F7:DA:49
            X509v3 Authority Key Identifier:
                keyid:E7:73:9F:08:44:2E:22:44:66:21:B8:9A:57:63:9B:35:42:BA:34:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/nS12X_FMQVUUwkWnLYmgJW732kk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.5.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:03:f7:42:b0:76:13:a4:12:73:51:64:72:d2:5b:be:9a:e2:
         ef:f5:0a:1d:bb:ca:f0:0f:e2:7b:df:ab:84:3e:cd:01:23:50:
         ca:ea:91:2e:b9:20:3e:99:6b:d0:b2:b7:a1:b4:bb:b9:13:fa:
         56:2c:1e:82:a4:3d:f5:98:06:91:c6:53:77:24:95:57:3e:1c:
         f2:64:2c:e1:08:d1:39:e2:23:08:9c:6c:fa:cc:52:aa:b4:e9:
         4f:8e:88:9e:4a:db:81:48:a7:15:e1:1f:6e:87:c7:a9:10:20:
         e4:5d:3f:cf:71:c8:81:e6:51:cd:76:cd:8e:47:ce:b2:4c:00:
         9b:ce:52:09:bc:98:30:1c:ba:74:b4:26:9a:b5:fd:ad:b1:ad:
         6c:01:22:bf:f6:be:fc:39:e4:73:50:1a:95:81:4b:fe:9a:90:
         91:f1:31:eb:dd:dd:29:cc:d9:eb:9a:95:1d:77:f9:5d:93:b8:
         5d:eb:c9:5e:15:69:6f:ab:37:7b:9b:2d:14:dc:00:c1:a3:a3:
         4a:9f:c5:b8:12:03:c7:95:1e:b7:59:68:24:68:4c:90:d5:a8:
         11:4d:25:f4:8f:5a:40:e5:f9:df:b5:ef:eb:27:03:34:e0:e5:
         07:10:c6:3d:76:03:fd:c2:c1:95:46:be:df:16:3c:73:59:87:
         f3:54:7b:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8Emhc4IJ04+Y2DMV21DlaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NzM5ZjA4NDQyZTIyNDQ2NjIxYjg5YTU3NjM5YjM1NDJi
YTM0ZGMwHhcNMjYwMTAyMDAxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJkNzY1ZmYxNGM0MTU1MTRjMjQ1YTcyZDg5YTAyNTZlZjdkYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5ZDMCFD6pjYUjc2p/PuFfD1CrDU
DhUwdIeDGhiR6q+6+deMmqH7F6lnT2tFKELHxBKejjtHYxlgo5L4WqiHJGIKQawN
CUtaIqhBJEQGXf4rH2qpfP2dRrI86gjFKL/azp56QsrWnYA45UAbDtBwqJOjfbgf
0Ec5SFojMV4UBeqXWC7kBBGtTDhsYa0X+dDsjjFYG5cVc8D/Q0yIwg9YMaGmUi+G
i+d0wzyDil6SQsiV5ztKvIf0xjUTjKxRHMnmTJ0FNj+75VhFfFH4Wm9XEAxe9y2a
ky37ItHz7YhDk/Eojh6NsA0gF8xolKqDn7cRo23ZizrDhUP2kYF4D9VUkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0tdl/xTEFVFMJFpy2JoCVu99pJMB8GA1UdIwQY
MBaAFOdznwhELiJEZiG4mldjmzVCujTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNPZkNFUXVJa1JtSWJpYVYyT2JOVUs2Tk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lMjBkNTktNDQ1NC00ZWM4LTk2Nzct
NWYyYmYyMmUxODlkLzEvblMxMlhfRk1RVlVVd2tXbkxZbWdKVzczMmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lMjBkNTktNDQ1NC00ZWM4LTk2NzctNWYyYmYyMmUxODlk
LzEvNTNPZkNFUXVJa1JtSWJpYVYyT2JOVUs2Tk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgU+MA0G
CSqGSIb3DQEBCwUAA4IBAQADA/dCsHYTpBJzUWRy0lu+muLv9Qodu8rwD+J736uE
Ps0BI1DK6pEuuSA+mWvQsrehtLu5E/pWLB6CpD31mAaRxlN3JJVXPhzyZCzhCNE5
4iMInGz6zFKqtOlPjoieStuBSKcV4R9uh8epECDkXT/PcciB5lHNds2OR86yTACb
zlIJvJgwHLp0tCaatf2tsa1sASK/9r78OeRzUBqVgUv+mpCR8THr3d0pzNnrmpUd
d/ldk7hd68leFWlvqzd7my0U3ADBo6NKn8W4EgPHlR63WWgkaEyQ1agRTSX0j1pA
5fnfte/rJwM04OUHEMY9dgP9wsGVRr7fFjxzWYfzVHv2
-----END CERTIFICATE-----