This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/nEGo15KsyAjBD-x5zbk8ARJINQU.roa
File:                     nEGo15KsyAjBD-x5zbk8ARJINQU.roa (raw, json)
Hash identifier:          0lT9gQ6lEsFlDbleFuI9ud8vDG/jc8OcFzQhfPnweOI=
Subject key identifier:   9C:41:A8:D7:92:AC:C8:08:C1:0F:EC:79:CD:B9:3C:01:12:48:35:05
Certificate issuer:       /CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Certificate serial:       019B791058038C9F3767A146ABB0418B01B8
Authority key identifier: 4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/nEGo15KsyAjBD-x5zbk8ARJINQU.roa
Signing time:             Thu 01 Jan 2026 10:17:52 +0000
ROA not before:           Thu 01 Jan 2026 10:17:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     14618
IP address blocks:        195.82.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 Jan 2026 15:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:58:03:8c:9f:37:67:a1:46:ab:b0:41:8b:01:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
        Validity
            Not Before: Jan  1 10:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9c41a8d792acc808c10fec79cdb93c0112483505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:1e:a7:ff:ec:e6:59:25:51:a5:a9:3c:69:fc:
                    48:a1:c8:11:83:06:92:dd:34:af:81:be:4d:07:e1:
                    2d:e4:5e:b6:d9:4c:b0:08:b1:29:b2:37:c0:e6:48:
                    39:e7:15:e5:19:d7:aa:b7:b3:a9:7a:d6:38:74:61:
                    af:e4:53:20:88:8a:7b:e7:9e:f0:bb:81:8a:a6:e4:
                    bf:c2:db:01:1f:ce:b3:5c:63:f3:16:ca:d0:11:90:
                    ca:16:66:7d:3a:bd:44:24:05:3d:5a:2d:e8:e3:ae:
                    4c:62:c8:a6:a2:42:22:80:d2:23:15:fd:07:5e:f3:
                    d9:11:e8:65:b2:b9:ee:8f:b4:79:57:f2:a6:09:95:
                    a8:fe:9f:d7:ee:2a:da:34:85:1e:a0:c5:41:b4:95:
                    19:40:68:a4:0b:cb:3f:a5:6c:f7:6a:00:43:b8:3c:
                    b2:1d:12:fe:71:70:99:cb:64:b3:6f:29:61:91:25:
                    14:fd:a4:fd:79:54:17:5e:7c:a7:ac:41:19:2a:fb:
                    03:a8:41:3c:de:96:70:43:15:27:6c:bf:86:4e:65:
                    07:97:b2:a1:85:b7:cf:f3:0e:24:b3:22:77:91:e2:
                    eb:ba:ff:ce:3b:aa:33:65:bc:47:5a:63:00:3e:bb:
                    8c:8a:ca:cb:97:39:4c:d6:99:2d:c9:82:99:b7:e5:
                    43:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:41:A8:D7:92:AC:C8:08:C1:0F:EC:79:CD:B9:3C:01:12:48:35:05
            X509v3 Authority Key Identifier:
                keyid:4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/nEGo15KsyAjBD-x5zbk8ARJINQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.82.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:92:51:aa:e3:e9:3f:b9:db:f7:59:d2:aa:ec:d2:e4:e4:dd:
         7f:23:67:44:e4:81:7a:c4:b9:de:5a:28:cf:8d:46:b9:8a:0a:
         10:00:75:6b:20:0b:14:a7:17:c2:cb:25:c9:dd:30:4a:e2:77:
         3e:1d:ba:f0:39:96:9d:c8:a2:2c:94:d1:50:f6:71:4b:22:bf:
         29:2d:11:b9:7f:05:5a:12:3f:a9:e4:2c:24:08:f6:47:0c:b2:
         ae:fa:b4:30:4e:06:62:78:f9:3a:06:ec:af:5a:ce:aa:3f:5d:
         31:bd:8c:db:94:49:10:54:33:b7:25:3c:a5:63:64:81:29:ac:
         b0:43:e5:af:21:ff:0e:9f:9e:7e:76:85:c0:23:41:31:b0:9e:
         8e:0b:e4:07:e6:de:19:e1:46:ed:b7:8d:0a:45:fd:4a:67:d2:
         76:0c:7e:ba:3b:4c:c0:c6:35:de:59:17:bf:a7:2b:06:54:71:
         45:e8:60:64:35:86:ce:b5:06:c5:df:01:84:28:a9:c9:6f:18:
         e6:85:0d:c6:57:8d:8d:26:b5:a8:54:6e:96:68:45:f1:e0:77:
         a3:35:ff:dd:3f:e0:b6:df:e9:dc:97:9c:6f:8b:b7:94:40:25:
         c0:2c:8d:5d:b5:12:48:db:e7:66:61:e9:34:16:86:e9:54:ff:
         ce:11:a3:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EFgDjJ83Z6FGq7BBiwG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNTRlY2NlNmNiYzljNTQ5MjllYWE0YjIyYjMzN2IwZmQ5
YjM2YmYwHhcNMjYwMTAxMTAxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQxYThkNzkyYWNjODA4YzEwZmVjNzljZGI5M2MwMTEyNDgzNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h6n/+zmWSVRpak8afxIocgRgwaS
3TSvgb5NB+Et5F622UywCLEpsjfA5kg55xXlGdeqt7OpetY4dGGv5FMgiIp7557w
u4GKpuS/wtsBH86zXGPzFsrQEZDKFmZ9Or1EJAU9Wi3o465MYsimokIigNIjFf0H
XvPZEehlsrnuj7R5V/KmCZWo/p/X7iraNIUeoMVBtJUZQGikC8s/pWz3agBDuDyy
HRL+cXCZy2SzbylhkSUU/aT9eVQXXnynrEEZKvsDqEE83pZwQxUnbL+GTmUHl7Kh
hbfP8w4ksyJ3keLruv/OO6ozZbxHWmMAPruMisrLlzlM1pktyYKZt+VD0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxBqNeSrMgIwQ/sec25PAESSDUFMB8GA1UdIwQY
MBaAFExU7M5svJxUkp6qSyKzN7D9mza/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTct
MzA1OWM4OWI3MmVhLzEvbkVHbzE1S3N5QWpCRC14NXpiazhBUkpJTlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTctMzA1OWM4OWI3MmVh
LzEvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1JhMA0G
CSqGSIb3DQEBCwUAA4IBAQB7klGq4+k/udv3WdKq7NLk5N1/I2dE5IF6xLneWijP
jUa5igoQAHVrIAsUpxfCyyXJ3TBK4nc+HbrwOZadyKIslNFQ9nFLIr8pLRG5fwVa
Ej+p5CwkCPZHDLKu+rQwTgZiePk6BuyvWs6qP10xvYzblEkQVDO3JTylY2SBKayw
Q+WvIf8On55+doXAI0ExsJ6OC+QH5t4Z4Ubtt40KRf1KZ9J2DH66O0zAxjXeWRe/
pysGVHFF6GBkNYbOtQbF3wGEKKnJbxjmhQ3GV42NJrWoVG6WaEXx4HejNf/dP+C2
3+ncl5xvi7eUQCXALI1dtRJI2+dmYek0FobpVP/OEaO4
-----END CERTIFICATE-----