This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BGGU2qpVJ-i-elp0Usd9w-Vajrw.roa
File:                     BGGU2qpVJ-i-elp0Usd9w-Vajrw.roa (raw, json)
Hash identifier:          T7kDA7VjEHVOuMYl45uGHXeCIYOeV3qz7Kd4nntTDjQ=
Subject key identifier:   04:61:94:DA:AA:55:27:E8:BE:7A:5A:74:52:C7:7D:C3:E5:5A:8E:BC
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B358559729B0E0898D002E7873B4774
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BGGU2qpVJ-i-elp0Usd9w-Vajrw.roa
Signing time:             Thu 01 Jan 2026 20:17:43 +0000
ROA not before:           Thu 01 Jan 2026 20:17:43 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     62342
IP address blocks:        80.96.52.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:85:59:72:9b:0e:08:98:d0:02:e7:87:3b:47:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:43 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=046194daaa5527e8be7a5a7452c77dc3e55a8ebc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bd:a4:f2:7c:56:e3:2d:4c:25:cb:52:5f:da:
                    23:e5:2a:66:7b:aa:3e:9e:75:49:d5:a9:b9:eb:f4:
                    46:ba:ad:68:7a:41:b9:43:fb:e2:21:77:2e:9d:b5:
                    75:bb:f0:23:e6:58:ab:2a:46:9c:ac:70:22:d9:92:
                    4f:2b:55:c9:e3:5c:5e:33:c2:a5:27:c4:ed:46:f6:
                    a0:6b:38:4f:24:6b:e8:f8:e2:b8:79:33:70:d1:7b:
                    41:d1:73:13:58:5d:e2:cf:41:b7:d4:b3:30:2f:55:
                    73:95:6c:aa:36:e4:c7:cb:35:35:22:fa:4b:73:69:
                    23:94:cf:6c:c1:36:ac:98:ee:5e:12:ff:00:58:f2:
                    d4:81:5a:bd:86:ba:26:31:67:78:68:7e:b7:8a:67:
                    2b:47:52:61:4f:30:f4:70:03:24:f1:f4:33:5b:8a:
                    50:2e:a2:5c:6d:d1:54:79:b4:23:36:25:62:c8:c7:
                    2f:73:5f:40:95:7f:de:65:1e:1e:13:26:fc:cf:1f:
                    6e:87:a4:d2:75:94:4d:d6:dc:1b:50:a3:2d:2d:43:
                    b1:13:c2:f3:3b:d7:e7:62:1e:11:e7:9b:30:59:b8:
                    7d:b6:f1:62:55:19:8e:cf:97:92:6c:c6:ef:58:28:
                    ac:40:bb:22:45:9d:28:82:22:1b:60:a0:dc:b7:59:
                    65:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:61:94:DA:AA:55:27:E8:BE:7A:5A:74:52:C7:7D:C3:E5:5A:8E:BC
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/BGGU2qpVJ-i-elp0Usd9w-Vajrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:82:2b:ea:9d:65:af:95:6c:70:54:26:5b:af:5c:41:6e:0d:
         b8:ab:9b:ba:24:ba:46:56:0c:01:ca:cf:85:46:24:17:83:e1:
         c2:c5:d2:af:11:90:11:35:28:9b:36:8d:3c:eb:5b:2a:03:43:
         ed:37:6d:f6:34:8f:18:4b:a2:4b:8c:ce:c6:5d:16:6c:99:e0:
         05:72:a8:66:72:36:91:85:7b:fb:d5:64:d9:db:26:84:76:e2:
         98:15:fe:6f:c2:6e:21:0f:f6:fc:0e:63:4d:5d:fd:10:f8:61:
         b1:c9:cb:eb:11:6a:5c:17:71:8b:d9:17:07:ab:4e:c3:bb:b1:
         7e:6e:21:bd:a5:7b:e5:3f:0c:a4:1d:48:95:ab:76:03:42:3e:
         ff:7c:2e:0e:90:30:ac:d6:05:1d:eb:40:48:5f:c1:09:54:20:
         3f:76:85:e7:51:f7:0e:7f:ec:69:fd:7f:db:e9:3c:ae:9b:e4:
         a3:a9:0e:8b:61:bc:e3:77:f3:ff:e4:e4:30:1c:84:fc:d7:1f:
         f6:2a:d4:28:b1:44:91:3e:f2:55:4c:90:61:45:96:bd:38:53:
         d4:d6:b5:90:f2:0d:76:d7:7f:ec:59:ae:68:b0:f1:22:9c:9f:
         f2:88:9a:68:12:d9:c4:23:5c:04:48:83:cb:4e:09:90:bb:3e:
         6d:d5:88:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NYVZcpsOCJjQAueHO0d0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYxOTRkYWFhNTUyN2U4YmU3YTVhNzQ1MmM3N2RjM2U1NWE4ZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL2k8nxW4y1MJctSX9oj5Spme6o+
nnVJ1am56/RGuq1oekG5Q/viIXcunbV1u/Aj5lirKkacrHAi2ZJPK1XJ41xeM8Kl
J8TtRvagazhPJGvo+OK4eTNw0XtB0XMTWF3iz0G31LMwL1VzlWyqNuTHyzU1IvpL
c2kjlM9swTasmO5eEv8AWPLUgVq9hromMWd4aH63imcrR1JhTzD0cAMk8fQzW4pQ
LqJcbdFUebQjNiViyMcvc19AlX/eZR4eEyb8zx9uh6TSdZRN1twbUKMtLUOxE8Lz
O9fnYh4R55swWbh9tvFiVRmOz5eSbMbvWCisQLsiRZ0ogiIbYKDct1ll6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARhlNqqVSfovnpadFLHfcPlWo68MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQkdHVTJxcFZKLWktZWxwMFVzZDl3LVZhanJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUGA0MA0G
CSqGSIb3DQEBCwUAA4IBAQCbgivqnWWvlWxwVCZbr1xBbg24q5u6JLpGVgwBys+F
RiQXg+HCxdKvEZARNSibNo0861sqA0PtN232NI8YS6JLjM7GXRZsmeAFcqhmcjaR
hXv71WTZ2yaEduKYFf5vwm4hD/b8DmNNXf0Q+GGxycvrEWpcF3GL2RcHq07Du7F+
biG9pXvlPwykHUiVq3YDQj7/fC4OkDCs1gUd60BIX8EJVCA/doXnUfcOf+xp/X/b
6Tyum+SjqQ6LYbzjd/P/5OQwHIT81x/2KtQosUSRPvJVTJBhRZa9OFPU1rWQ8g12
13/sWa5osPEinJ/yiJpoEtnEI1wESIPLTgmQuz5t1Yh+
-----END CERTIFICATE-----