This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ugSMpFoa2PXMlnSendGnGT1spu8.roa
File:                     ugSMpFoa2PXMlnSendGnGT1spu8.roa (raw, json)
Hash identifier:          gDw2RVYjpneqHm0SbmGzSmkmwB+NhAqnCMN+sFeTxCA=
Subject key identifier:   BA:04:8C:A4:5A:1A:D8:F5:CC:96:74:9E:9D:D1:A7:19:3D:6C:A6:EF
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA40727B1F907E68E76089C30A64CE9
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ugSMpFoa2PXMlnSendGnGT1spu8.roa
Signing time:             Thu 01 Jan 2026 22:18:25 +0000
ROA not before:           Thu 01 Jan 2026 22:18:25 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     199726
IP address blocks:        45.95.200.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:07:27:b1:f9:07:e6:8e:76:08:9c:30:a6:4c:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ba048ca45a1ad8f5cc96749e9dd1a7193d6ca6ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e2:1c:d8:eb:0c:b4:40:7a:3d:18:73:ff:d8:
                    c0:28:b4:06:0d:d3:ee:25:eb:71:9d:30:a3:9c:5b:
                    55:76:af:82:dc:ff:d2:a6:6e:d0:c7:11:3c:82:3f:
                    bd:0d:e3:60:6a:7b:07:a9:86:5b:ff:c1:17:2b:f8:
                    83:26:7b:f1:94:26:b3:b2:77:06:32:1b:5c:13:d3:
                    2a:e7:9d:f8:9f:40:aa:12:c9:fc:b7:e6:d5:35:65:
                    a5:27:8a:04:32:fd:02:4b:5c:36:8e:8d:b0:b8:eb:
                    cb:56:f5:e2:7c:ad:32:02:a3:0d:2c:21:ec:da:29:
                    f2:89:4f:4f:38:38:8d:ec:31:8e:f6:4f:24:09:34:
                    bc:ec:6c:9d:14:f2:c1:95:22:c8:ad:a0:28:48:92:
                    33:8d:a0:a7:0e:0b:9e:13:51:33:98:87:d5:b9:66:
                    c8:4f:53:d5:ca:bd:2c:98:34:cb:04:09:02:ce:bb:
                    d6:b2:9b:60:fe:05:77:d8:31:79:89:86:a1:44:3e:
                    28:27:32:0c:2a:02:05:9d:71:13:e9:00:3b:a7:3d:
                    17:0b:28:82:22:41:18:a5:f6:0a:da:a9:9b:14:28:
                    df:3d:98:97:46:78:b4:7e:e4:6d:c5:fc:09:64:27:
                    83:3b:83:23:9e:ba:06:09:7a:92:e3:0a:45:51:98:
                    25:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:04:8C:A4:5A:1A:D8:F5:CC:96:74:9E:9D:D1:A7:19:3D:6C:A6:EF
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ugSMpFoa2PXMlnSendGnGT1spu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:d3:64:0c:bb:02:4c:a1:27:5b:70:be:b1:9f:7f:15:8d:48:
         ec:84:29:8b:e4:3c:87:cc:20:0d:8d:c9:a3:29:f4:fa:39:c8:
         31:ed:2f:6e:5c:8d:b2:bc:08:80:33:b8:81:bf:dc:3f:af:23:
         65:d9:54:bf:bc:66:76:8a:bc:cf:19:9d:2a:ab:b0:3d:9b:ad:
         b0:bf:2d:76:20:01:9d:37:8b:fe:71:49:90:71:e6:4a:4f:f8:
         2b:a8:25:7d:1d:20:9c:46:02:49:5c:f9:92:a4:e6:4b:2f:32:
         96:6a:92:e6:60:38:d0:1c:23:b1:77:55:2b:d3:85:aa:df:01:
         20:26:fe:22:a9:fa:77:a6:2d:79:6d:1f:de:79:01:8e:6d:d7:
         1e:8d:b3:9f:ab:c5:8d:e6:ca:44:5e:8e:cb:0d:76:f6:fd:23:
         96:74:a6:77:5e:fa:19:b4:c5:f2:35:d0:07:6c:99:1a:55:58:
         60:2c:10:c2:65:4e:b7:98:55:ff:08:90:c0:5b:7e:88:84:a2:
         02:3f:8f:d9:bb:2f:11:a6:33:63:a5:c0:c6:b1:7c:f3:7a:f5:
         f3:7a:78:78:a7:49:d8:c8:fb:c5:cd:b9:a5:2a:93:9e:f7:03:
         64:93:fd:1a:4b:24:76:e9:1c:2e:e6:4b:dc:cb:ca:28:15:23:
         e3:49:ce:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pAcnsfkH5o52CJwwpkzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA0OGNhNDVhMWFkOGY1Y2M5Njc0OWU5ZGQxYTcxOTNkNmNhNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuIc2OsMtEB6PRhz/9jAKLQGDdPu
JetxnTCjnFtVdq+C3P/Spm7QxxE8gj+9DeNgansHqYZb/8EXK/iDJnvxlCazsncG
MhtcE9Mq5534n0CqEsn8t+bVNWWlJ4oEMv0CS1w2jo2wuOvLVvXifK0yAqMNLCHs
2inyiU9PODiN7DGO9k8kCTS87GydFPLBlSLIraAoSJIzjaCnDgueE1EzmIfVuWbI
T1PVyr0smDTLBAkCzrvWsptg/gV32DF5iYahRD4oJzIMKgIFnXET6QA7pz0XCyiC
IkEYpfYK2qmbFCjfPZiXRni0fuRtxfwJZCeDO4MjnroGCXqS4wpFUZglfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoEjKRaGtj1zJZ0np3Rpxk9bKbvMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvdWdTTXBGb2EyUFhNbG5TZW5kR25HVDFzcHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/IMA0G
CSqGSIb3DQEBCwUAA4IBAQA602QMuwJMoSdbcL6xn38VjUjshCmL5DyHzCANjcmj
KfT6Ocgx7S9uXI2yvAiAM7iBv9w/ryNl2VS/vGZ2irzPGZ0qq7A9m62wvy12IAGd
N4v+cUmQceZKT/grqCV9HSCcRgJJXPmSpOZLLzKWapLmYDjQHCOxd1Ur04Wq3wEg
Jv4iqfp3pi15bR/eeQGObdcejbOfq8WN5spEXo7LDXb2/SOWdKZ3XvoZtMXyNdAH
bJkaVVhgLBDCZU63mFX/CJDAW36IhKICP4/Zuy8RpjNjpcDGsXzzevXzenh4p0nY
yPvFzbmlKpOe9wNkk/0aSyR26Rwu5kvcy8ooFSPjSc4Q
-----END CERTIFICATE-----