This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/sfEWFmLBFi8kIni9PxbLJvVQPu4.roa
File:                     sfEWFmLBFi8kIni9PxbLJvVQPu4.roa (raw, json)
Hash identifier:          T0uJkWdr7Y8Livsd/MrYx/Sd7EGtR4cka94f/gVeHmk=
Subject key identifier:   B1:F1:16:16:62:C1:16:2F:24:22:78:BD:3F:16:CB:26:F5:50:3E:EE
Certificate issuer:       /CN=4bd45e58206a1b9d59eddfa8f988b32717bf9c6b
Certificate serial:       019B7A5B6C3950794DDD836943B7C1CA9980
Authority key identifier: 4B:D4:5E:58:20:6A:1B:9D:59:ED:DF:A8:F9:88:B3:27:17:BF:9C:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S9ReWCBqG51Z7d-o-YizJxe_nGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/sfEWFmLBFi8kIni9PxbLJvVQPu4.roa
Signing time:             Thu 01 Jan 2026 16:19:30 +0000
ROA not before:           Thu 01 Jan 2026 16:19:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57469
IP address blocks:        178.22.28.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/S9ReWCBqG51Z7d-o-YizJxe_nGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/S9ReWCBqG51Z7d-o-YizJxe_nGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S9ReWCBqG51Z7d-o-YizJxe_nGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Feb 2026 00:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:6c:39:50:79:4d:dd:83:69:43:b7:c1:ca:99:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bd45e58206a1b9d59eddfa8f988b32717bf9c6b
        Validity
            Not Before: Jan  1 16:19:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b1f1161662c1162f242278bd3f16cb26f5503eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:02:e3:b2:f9:a0:8b:75:9b:42:3f:b2:96:99:
                    e9:c7:97:e8:9b:47:31:2a:61:21:6a:d5:a7:ae:6a:
                    71:a9:80:5b:df:c9:e4:df:f9:a5:0c:6c:b3:b6:00:
                    07:95:35:62:87:6c:b9:eb:a8:fe:22:87:ea:b1:db:
                    b5:d5:3e:e0:46:08:d9:28:ba:94:ef:3e:72:26:f2:
                    cd:4e:17:aa:01:bd:6c:b4:38:00:d1:c4:ea:1e:9c:
                    1e:0a:e5:d1:34:bf:4d:01:93:76:2e:ba:fe:56:b2:
                    1b:a0:6f:b1:1c:fa:fb:42:4a:af:a9:d1:6e:9d:d2:
                    5a:52:e2:19:69:18:e3:cd:fc:56:2f:fe:b5:7b:d5:
                    53:78:c7:02:18:55:e8:fc:11:ed:71:2a:41:3e:e1:
                    c1:0a:f4:24:23:47:f0:bd:db:e2:75:b8:b1:d0:14:
                    65:4e:9c:ad:87:b6:5c:43:3b:61:f0:49:ff:87:cc:
                    1c:cd:95:55:5d:13:73:55:e2:4d:23:bb:bb:71:1c:
                    84:54:14:56:46:ee:28:09:0e:d3:d0:ad:6c:b7:95:
                    89:88:a3:49:4a:b3:84:26:ea:c5:7e:66:39:77:5c:
                    a1:1b:b5:67:96:f6:98:34:df:4b:1e:f0:57:3c:4e:
                    39:1f:22:14:cc:94:d4:09:61:73:79:08:2c:3d:bb:
                    ec:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:F1:16:16:62:C1:16:2F:24:22:78:BD:3F:16:CB:26:F5:50:3E:EE
            X509v3 Authority Key Identifier:
                keyid:4B:D4:5E:58:20:6A:1B:9D:59:ED:DF:A8:F9:88:B3:27:17:BF:9C:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9ReWCBqG51Z7d-o-YizJxe_nGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/sfEWFmLBFi8kIni9PxbLJvVQPu4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2f48bd-a8e3-487b-a274-078510ceac0d/1/S9ReWCBqG51Z7d-o-YizJxe_nGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.22.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:cd:1e:40:31:12:4e:bc:b5:00:f2:a4:2e:a2:2c:54:3f:34:
         db:88:6f:ad:b6:d8:2f:b5:00:a1:e4:4e:e0:77:b6:64:3c:40:
         29:50:32:53:3d:2b:73:b4:2d:80:bb:29:6e:94:08:88:a7:40:
         16:48:59:5d:d8:76:f7:3d:4d:bd:ff:6b:d2:e4:1c:9f:44:4b:
         09:46:09:4c:d6:7c:40:e6:f0:34:6d:44:52:ab:ef:d5:2a:ef:
         79:18:b8:e9:f3:9c:e8:71:af:76:4f:31:5b:80:c9:50:61:f5:
         a2:80:40:94:ce:41:c8:a6:5b:68:85:2a:76:4e:5d:4d:61:fd:
         5e:8c:f3:3d:2a:35:28:92:f7:6e:08:1e:08:d4:eb:1a:c1:0c:
         8e:ba:bb:f2:66:87:d9:55:96:aa:7c:a0:c9:b0:1e:91:c1:18:
         ae:f2:1a:e4:d2:c1:6e:f7:d9:84:e5:75:6e:e1:8a:57:e2:7e:
         52:2a:a7:16:97:09:b9:81:c2:83:8d:3d:8e:d7:04:04:74:47:
         24:2c:d2:8c:28:d0:85:62:08:c1:ba:58:7b:f8:e6:c9:de:4e:
         81:9f:d8:49:ca:6c:a5:7a:9c:3c:23:1e:7b:3e:cd:76:cd:fb:
         68:44:f1:9a:58:79:a5:2c:38:4c:0f:10:43:32:9e:57:5a:e2:
         10:ff:a0:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6W2w5UHlN3YNpQ7fBypmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZDQ1ZTU4MjA2YTFiOWQ1OWVkZGZhOGY5ODhiMzI3MTdi
ZjljNmIwHhcNMjYwMTAxMTYxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYxMTYxNjYyYzExNjJmMjQyMjc4YmQzZjE2Y2IyNmY1NTAzZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugLjsvmgi3WbQj+ylpnpx5fom0cx
KmEhatWnrmpxqYBb38nk3/mlDGyztgAHlTVih2y566j+Iofqsdu11T7gRgjZKLqU
7z5yJvLNTheqAb1stDgA0cTqHpweCuXRNL9NAZN2Lrr+VrIboG+xHPr7QkqvqdFu
ndJaUuIZaRjjzfxWL/61e9VTeMcCGFXo/BHtcSpBPuHBCvQkI0fwvdvidbix0BRl
Tpyth7ZcQzth8En/h8wczZVVXRNzVeJNI7u7cRyEVBRWRu4oCQ7T0K1st5WJiKNJ
SrOEJurFfmY5d1yhG7VnlvaYNN9LHvBXPE45HyIUzJTUCWFzeQgsPbvsxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHxFhZiwRYvJCJ4vT8Wyyb1UD7uMB8GA1UdIwQY
MBaAFEvUXlggahudWe3fqPmIsycXv5xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzlSZVdDQnFHNTFaN2Qtby1ZaXpKeGVfbkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yZjQ4YmQtYThlMy00ODdiLWEyNzQt
MDc4NTEwY2VhYzBkLzEvc2ZFV0ZtTEJGaThrSW5pOVB4YkxKdlZRUHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yZjQ4YmQtYThlMy00ODdiLWEyNzQtMDc4NTEwY2VhYzBk
LzEvUzlSZVdDQnFHNTFaN2Qtby1ZaXpKeGVfbkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshYcMA0G
CSqGSIb3DQEBCwUAA4IBAQCBzR5AMRJOvLUA8qQuoixUPzTbiG+tttgvtQCh5E7g
d7ZkPEApUDJTPStztC2AuylulAiIp0AWSFld2Hb3PU29/2vS5ByfREsJRglM1nxA
5vA0bURSq+/VKu95GLjp85zoca92TzFbgMlQYfWigECUzkHIpltohSp2Tl1NYf1e
jPM9KjUokvduCB4I1OsawQyOurvyZofZVZaqfKDJsB6RwRiu8hrk0sFu99mE5XVu
4YpX4n5SKqcWlwm5gcKDjT2O1wQEdEckLNKMKNCFYgjBulh7+ObJ3k6Bn9hJymyl
epw8Ix57Ps12zftoRPGaWHmlLDhMDxBDMp5XWuIQ/6BC
-----END CERTIFICATE-----
Generated at Tue Feb 10 08:37:33 2026 by rpki-client