This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/TxQ0636d2LwXH2VImycVLeg_GD4.roa
File:                     TxQ0636d2LwXH2VImycVLeg_GD4.roa (raw, json)
Hash identifier:          Cd3bRS1ODPCLQTHK/bSamcQr7JmtV/0UDeqKAMmW1WI=
Subject key identifier:   4F:14:34:EB:7E:9D:D8:BC:17:1F:65:48:9B:27:15:2D:E8:3F:18:3E
Certificate issuer:       /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial:       019B797F142F831756C941BF4A453BA22F72
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/TxQ0636d2LwXH2VImycVLeg_GD4.roa
Signing time:             Thu 01 Jan 2026 12:18:49 +0000
ROA not before:           Thu 01 Jan 2026 12:18:49 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     25605
IP address blocks:        155.190.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7f:14:2f:83:17:56:c9:41:bf:4a:45:3b:a2:2f:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
        Validity
            Not Before: Jan  1 12:18:49 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4f1434eb7e9dd8bc171f65489b27152de83f183e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:7d:f8:d6:18:d6:61:2e:a0:cd:54:b6:44:b9:
                    80:e9:b8:32:a4:5d:9b:22:18:5e:a0:f6:ed:9f:2b:
                    0c:f4:bd:34:cb:fe:10:47:34:5f:32:c6:4e:d9:73:
                    e9:7e:d7:a8:02:6a:2b:05:7c:ea:99:5e:02:fc:1f:
                    44:f5:91:b3:40:9e:c7:1e:12:dd:8c:a1:81:6f:8e:
                    88:42:04:ba:0b:f0:b5:1b:2d:30:b8:f6:fb:ce:de:
                    ad:54:89:31:bf:6f:b9:b7:be:25:dc:b0:ba:a2:b6:
                    bc:2d:cf:74:03:c7:05:b0:e0:58:0d:95:67:3f:8e:
                    44:9e:8d:30:ab:8a:60:1d:f9:8d:b1:0b:4b:3e:0f:
                    bf:aa:f7:3a:99:86:0e:72:91:5f:d5:10:84:aa:15:
                    5d:e9:a7:6b:3e:19:5a:4a:7d:49:52:22:32:e2:69:
                    d2:72:d8:79:5d:a5:4f:ca:e6:72:22:ea:5e:c6:ba:
                    dd:29:29:cd:b3:65:e4:aa:21:b0:9c:1b:d1:39:17:
                    a5:ec:93:da:0a:a3:24:20:1a:9f:f1:1d:78:3a:19:
                    27:86:58:46:73:16:15:e7:f0:91:5d:ba:44:68:66:
                    53:7d:b0:c5:72:40:f0:04:42:84:53:0a:37:2a:e2:
                    8a:a5:9d:59:97:9b:ec:99:41:6a:32:40:3c:67:06:
                    b4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:14:34:EB:7E:9D:D8:BC:17:1F:65:48:9B:27:15:2D:E8:3F:18:3E
            X509v3 Authority Key Identifier:
                keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/TxQ0636d2LwXH2VImycVLeg_GD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.190.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:41:22:f4:20:c4:d2:d1:ea:55:fc:b4:20:7b:5c:ef:20:3e:
         9a:cd:28:f5:da:1b:cc:dc:99:55:2b:2b:9a:00:d0:e7:0e:11:
         1d:22:df:2f:15:87:08:57:61:80:be:6b:71:ce:61:d9:68:c9:
         2e:be:f1:ee:60:22:7f:a3:3d:69:0d:5e:3c:46:4c:35:a2:e2:
         1d:c6:b2:3a:3e:72:e6:4a:47:0b:c4:03:93:6f:82:2e:bf:f7:
         c8:3f:95:e2:bf:15:b6:88:94:12:10:5b:67:6a:33:72:5e:94:
         b6:fe:d4:81:1d:52:a6:c7:67:0a:48:ee:d4:5a:18:2d:dc:2b:
         5e:8a:8d:19:75:05:3a:94:49:f6:9e:95:42:99:46:d7:6b:7d:
         0e:de:53:6d:4d:9f:5e:0b:37:8c:f8:21:f3:54:a3:e4:96:d9:
         d5:57:38:a0:34:a1:bd:3b:e8:c4:d6:5e:8e:8a:a8:d7:ad:b3:
         76:79:50:43:d6:89:ad:39:ab:21:c9:b3:e2:8f:c1:18:82:68:
         fc:f6:9b:26:84:0f:2c:5b:68:48:c9:a5:2f:08:2c:e2:dd:55:
         71:9a:ae:88:05:36:1b:1a:8a:c0:b2:5f:53:00:29:2d:73:3c:
         b3:8f:2d:6c:38:85:94:be:52:7f:2a:08:85:cc:a8:a4:2e:74:
         b5:5f:35:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fxQvgxdWyUG/SkU7oi9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjYwMTAxMTIxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjE0MzRlYjdlOWRkOGJjMTcxZjY1NDg5YjI3MTUyZGU4M2YxODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn341hjWYS6gzVS2RLmA6bgypF2b
IhheoPbtnysM9L00y/4QRzRfMsZO2XPpfteoAmorBXzqmV4C/B9E9ZGzQJ7HHhLd
jKGBb46IQgS6C/C1Gy0wuPb7zt6tVIkxv2+5t74l3LC6ora8Lc90A8cFsOBYDZVn
P45Eno0wq4pgHfmNsQtLPg+/qvc6mYYOcpFf1RCEqhVd6adrPhlaSn1JUiIy4mnS
cth5XaVPyuZyIupexrrdKSnNs2XkqiGwnBvRORel7JPaCqMkIBqf8R14OhknhlhG
cxYV5/CRXbpEaGZTfbDFckDwBEKEUwo3KuKKpZ1Zl5vsmUFqMkA8Zwa0/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8UNOt+ndi8Fx9lSJsnFS3oPxg+MB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvVHhRMDYzNmQyTHdYSDJWSW15Y1ZMZWdfR0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAm775MA0G
CSqGSIb3DQEBCwUAA4IBAQBbQSL0IMTS0epV/LQge1zvID6azSj12hvM3JlVKyua
ANDnDhEdIt8vFYcIV2GAvmtxzmHZaMkuvvHuYCJ/oz1pDV48Rkw1ouIdxrI6PnLm
SkcLxAOTb4Iuv/fIP5XivxW2iJQSEFtnajNyXpS2/tSBHVKmx2cKSO7UWhgt3Cte
io0ZdQU6lEn2npVCmUbXa30O3lNtTZ9eCzeM+CHzVKPkltnVVzigNKG9O+jE1l6O
iqjXrbN2eVBD1omtOashybPij8EYgmj89psmhA8sW2hIyaUvCCzi3VVxmq6IBTYb
GorAsl9TACktczyzjy1sOIWUvlJ/KgiFzKikLnS1XzVZ
-----END CERTIFICATE-----