This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/0Bk51Mjn6qErtAhOivvm_I8c0aE.roa
File:                     0Bk51Mjn6qErtAhOivvm_I8c0aE.roa (raw, json)
Hash identifier:          aq3ZMEYBOh/rpC3SYBAxrvfX3FzvIksQARIozff4ffc=
Subject key identifier:   D0:19:39:D4:C8:E7:EA:A1:2B:B4:08:4E:8A:FB:E6:FC:8F:1C:D1:A1
Certificate issuer:       /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial:       019B7CEE549AE5BE930E8A68970AD5B03141
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/0Bk51Mjn6qErtAhOivvm_I8c0aE.roa
Signing time:             Fri 02 Jan 2026 04:19:12 +0000
ROA not before:           Fri 02 Jan 2026 04:19:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207459
IP address blocks:        45.158.15.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 15:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ee:54:9a:e5:be:93:0e:8a:68:97:0a:d5:b0:31:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
        Validity
            Not Before: Jan  2 04:19:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d01939d4c8e7eaa12bb4084e8afbe6fc8f1cd1a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:36:fc:1f:32:bf:ec:1d:43:51:1f:52:25:40:
                    8f:82:ac:43:4f:b1:c3:ff:ba:ee:49:99:cb:80:7a:
                    0c:88:87:18:36:d0:b1:37:ee:10:d8:2c:c8:8a:ba:
                    75:d5:b0:5c:ab:fb:97:15:24:b8:06:df:0b:ef:5a:
                    8d:4e:f0:f2:c6:17:ba:49:6a:af:ae:24:41:2b:07:
                    07:0a:f2:a2:48:a9:9a:58:e0:44:4f:d9:48:00:f9:
                    b2:ee:99:bc:1e:95:74:34:82:50:be:7f:bd:34:00:
                    50:e9:27:f4:54:88:3f:6a:ce:04:65:e2:66:89:d2:
                    f7:f8:d1:7c:7c:5b:62:9c:40:ee:c3:c7:ce:41:49:
                    9b:3d:03:e1:16:41:a3:a2:8f:99:9f:20:c9:51:c0:
                    35:72:44:7c:f5:67:8a:21:1e:02:78:30:63:36:03:
                    7b:21:c2:6f:09:5e:f8:1d:e2:90:fd:66:c1:c5:3d:
                    4b:14:80:53:3a:9e:f8:38:fe:a5:47:f4:87:d0:ed:
                    1a:37:cb:1d:04:d0:50:74:82:b1:dc:ef:4f:18:63:
                    50:f2:57:dd:ce:1f:13:46:40:65:c4:09:8d:92:40:
                    a0:96:0e:64:54:f5:c1:18:c6:26:9e:ab:f0:06:00:
                    b1:9a:34:73:0d:11:9c:64:95:9b:aa:0a:bf:d7:5c:
                    42:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:19:39:D4:C8:E7:EA:A1:2B:B4:08:4E:8A:FB:E6:FC:8F:1C:D1:A1
            X509v3 Authority Key Identifier:
                keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/0Bk51Mjn6qErtAhOivvm_I8c0aE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:be:99:be:d3:b3:72:8c:37:2c:7b:e4:6d:d2:a1:a3:76:ae:
         0a:6b:e1:ee:9f:d0:c8:67:5d:a2:1f:fa:3c:49:29:df:a4:c3:
         ed:d2:d7:29:21:d9:94:9d:88:d2:28:4e:70:01:4a:dc:f5:8e:
         3c:88:71:8a:a8:cb:96:86:b6:1f:7e:79:b3:4d:14:a7:da:66:
         b6:0c:7b:81:61:2c:bd:1d:85:67:ea:ca:b0:de:b0:4b:37:c1:
         b0:ae:a8:4f:f0:6d:a4:49:65:2c:dc:93:68:4f:10:fc:ca:2f:
         96:78:2d:3d:72:43:0a:46:06:e3:73:df:59:9d:aa:72:f6:c7:
         ce:ca:8d:1c:e1:3d:03:e5:85:af:c3:ae:d4:c5:71:5c:a0:84:
         01:61:ca:e0:49:cc:7e:0c:ca:d2:46:84:bf:3b:f2:9a:34:32:
         d7:d4:01:81:22:a9:d1:48:90:55:de:7d:4b:a7:4e:fb:2f:77:
         f9:d9:a5:3e:50:a5:fa:01:8c:fd:56:a5:0f:37:16:aa:da:29:
         ea:33:80:30:c1:89:4e:97:7b:c0:d6:b4:df:5d:c2:9e:2b:bf:
         7e:7d:12:b2:7c:5e:18:32:b9:c8:f7:93:ad:c6:98:51:7d:ac:
         3a:ee:ee:d3:f2:72:c2:40:06:ef:7d:fd:ea:9c:70:f4:ed:c7:
         28:6f:5b:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87lSa5b6TDopolwrVsDFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjYwMTAyMDQxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE5MzlkNGM4ZTdlYWExMmJiNDA4NGU4YWZiZTZmYzhmMWNkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDb8HzK/7B1DUR9SJUCPgqxDT7HD
/7ruSZnLgHoMiIcYNtCxN+4Q2CzIirp11bBcq/uXFSS4Bt8L71qNTvDyxhe6SWqv
riRBKwcHCvKiSKmaWOBET9lIAPmy7pm8HpV0NIJQvn+9NABQ6Sf0VIg/as4EZeJm
idL3+NF8fFtinEDuw8fOQUmbPQPhFkGjoo+ZnyDJUcA1ckR89WeKIR4CeDBjNgN7
IcJvCV74HeKQ/WbBxT1LFIBTOp74OP6lR/SH0O0aN8sdBNBQdIKx3O9PGGNQ8lfd
zh8TRkBlxAmNkkCglg5kVPXBGMYmnqvwBgCxmjRzDRGcZJWbqgq/11xCqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAZOdTI5+qhK7QITor75vyPHNGhMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvMEJrNTFNam42cUVydEFoT2l2dm1fSThjMGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4PMA0G
CSqGSIb3DQEBCwUAA4IBAQBgvpm+07NyjDcse+Rt0qGjdq4Ka+Hun9DIZ12iH/o8
SSnfpMPt0tcpIdmUnYjSKE5wAUrc9Y48iHGKqMuWhrYffnmzTRSn2ma2DHuBYSy9
HYVn6sqw3rBLN8GwrqhP8G2kSWUs3JNoTxD8yi+WeC09ckMKRgbjc99Znapy9sfO
yo0c4T0D5YWvw67UxXFcoIQBYcrgScx+DMrSRoS/O/KaNDLX1AGBIqnRSJBV3n1L
p077L3f52aU+UKX6AYz9VqUPNxaq2inqM4AwwYlOl3vA1rTfXcKeK79+fRKyfF4Y
MrnI95OtxphRfaw67u7T8nLCQAbvff3qnHD07ccob1sS
-----END CERTIFICATE-----