This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/SGBFgHqWXrPKqcu8kfnGkJkv920.roa
File:                     SGBFgHqWXrPKqcu8kfnGkJkv920.roa (raw, json)
Hash identifier:          4w68C/XOmN5L2JXs1q6sk0hxyeUfPbGSQTUbmmfeGKI=
Subject key identifier:   48:60:45:80:7A:96:5E:B3:CA:A9:CB:BC:91:F9:C6:90:99:2F:F7:6D
Certificate issuer:       /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial:       019B79ECD3947E56AFE347B4D2ABA4CB62CD
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/SGBFgHqWXrPKqcu8kfnGkJkv920.roa
Signing time:             Thu 01 Jan 2026 14:18:42 +0000
ROA not before:           Thu 01 Jan 2026 14:18:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202656
IP address blocks:        45.82.83.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 14:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:d3:94:7e:56:af:e3:47:b4:d2:ab:a4:cb:62:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
        Validity
            Not Before: Jan  1 14:18:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=486045807a965eb3caa9cbbc91f9c690992ff76d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:95:2d:3c:f9:d2:fb:6b:12:38:80:85:a2:72:
                    67:81:b9:eb:0b:35:82:87:2c:46:90:89:b9:28:6c:
                    db:67:a2:b2:db:8f:46:b8:fd:06:69:36:a7:27:65:
                    9b:65:38:14:16:97:c9:f7:bb:78:08:4e:75:28:7b:
                    97:80:22:fb:3c:fc:57:24:fa:b1:d4:4b:7a:ec:90:
                    d2:f6:03:1e:37:25:cd:47:e0:52:e2:c4:31:bf:e1:
                    a0:64:74:df:66:f1:ed:44:6c:f3:45:06:ef:28:b5:
                    f3:76:6c:0f:f1:bb:9d:a1:7c:a6:a5:f7:c3:1b:56:
                    a2:81:eb:e2:da:0c:93:a1:06:65:f6:55:c2:9b:f7:
                    76:d7:0d:c4:68:76:46:a7:94:a9:61:b3:a3:57:4d:
                    d5:90:d3:9f:74:c6:8c:6f:54:a8:49:7d:09:49:90:
                    6a:ba:22:f8:c7:ce:38:d6:ab:2f:a1:5e:9a:ff:c7:
                    ea:9f:ec:ce:64:b9:4e:ac:bc:33:42:fb:58:64:7a:
                    73:6d:80:3f:8d:ed:6e:a8:8e:69:1a:32:61:74:e6:
                    35:e7:07:d5:95:b0:8f:da:5e:26:a2:dd:e8:87:4d:
                    c3:24:9c:b5:78:1b:ac:1c:49:07:87:4e:f8:30:06:
                    57:4c:15:1a:43:00:26:e9:31:22:6d:bf:23:21:3c:
                    bc:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:60:45:80:7A:96:5E:B3:CA:A9:CB:BC:91:F9:C6:90:99:2F:F7:6D
            X509v3 Authority Key Identifier:
                keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/SGBFgHqWXrPKqcu8kfnGkJkv920.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:68:ae:4e:68:b9:19:34:4f:fa:a3:00:b3:c5:3d:cb:78:63:
         20:28:6f:44:21:b4:76:dd:2c:3a:d3:f3:65:3c:ba:9e:64:18:
         e9:85:b8:3a:2a:f3:69:ae:93:61:83:fb:c5:31:ce:45:eb:41:
         36:fa:2d:eb:b2:7b:55:e1:11:27:1c:a0:91:7b:93:ca:79:a1:
         0e:70:51:b9:64:5c:de:1f:21:d5:6d:a4:44:5c:b9:3f:d8:08:
         36:0c:de:1b:d8:da:a6:23:03:8a:3d:1c:1d:21:d7:ab:92:3b:
         10:0c:52:93:c3:d0:ea:0d:11:e8:b8:4b:e5:61:6f:42:47:c0:
         20:32:6b:fb:90:1d:19:e2:97:5e:9c:94:04:a8:2d:77:a4:73:
         55:5b:e2:59:88:e0:18:85:92:de:69:21:04:8c:77:91:e9:46:
         7c:f1:70:09:fd:e9:48:c0:48:09:c7:2a:8e:15:ff:63:5a:60:
         58:a8:b3:42:d6:22:fb:d9:01:0f:49:2a:c2:e4:93:f5:58:dc:
         33:9d:f2:de:54:a1:dc:6c:4b:b5:f7:03:3c:f8:50:1f:df:e9:
         3a:9f:5d:17:24:5e:d6:22:15:cb:9f:72:1b:b6:c6:2f:82:0a:
         2a:a7:94:1c:bc:09:ea:a1:e7:0e:24:9f:c2:b7:1b:f7:3e:d8:
         87:de:c4:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57NOUflav40e00quky2LNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjYwMTAxMTQxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYwNDU4MDdhOTY1ZWIzY2FhOWNiYmM5MWY5YzY5MDk5MmZmNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZUtPPnS+2sSOICFonJngbnrCzWC
hyxGkIm5KGzbZ6Ky249GuP0GaTanJ2WbZTgUFpfJ97t4CE51KHuXgCL7PPxXJPqx
1Et67JDS9gMeNyXNR+BS4sQxv+GgZHTfZvHtRGzzRQbvKLXzdmwP8budoXympffD
G1aigevi2gyToQZl9lXCm/d21w3EaHZGp5SpYbOjV03VkNOfdMaMb1SoSX0JSZBq
uiL4x8441qsvoV6a/8fqn+zOZLlOrLwzQvtYZHpzbYA/je1uqI5pGjJhdOY15wfV
lbCP2l4mot3oh03DJJy1eBusHEkHh074MAZXTBUaQwAm6TEibb8jITy8qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhgRYB6ll6zyqnLvJH5xpCZL/dtMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvU0dCRmdIcVdYclBLcWN1OGtmbkdrSmt2OTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVJTMA0G
CSqGSIb3DQEBCwUAA4IBAQCZaK5OaLkZNE/6owCzxT3LeGMgKG9EIbR23Sw60/Nl
PLqeZBjphbg6KvNprpNhg/vFMc5F60E2+i3rsntV4REnHKCRe5PKeaEOcFG5ZFze
HyHVbaREXLk/2Ag2DN4b2NqmIwOKPRwdIderkjsQDFKTw9DqDRHouEvlYW9CR8Ag
Mmv7kB0Z4pdenJQEqC13pHNVW+JZiOAYhZLeaSEEjHeR6UZ88XAJ/elIwEgJxyqO
Ff9jWmBYqLNC1iL72QEPSSrC5JP1WNwznfLeVKHcbEu19wM8+FAf3+k6n10XJF7W
IhXLn3IbtsYvggoqp5QcvAnqoecOJJ/Ctxv3PtiH3sRt
-----END CERTIFICATE-----