This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5FL2WZ1bc6-a3cwpZywcl8gyyxY.roa
File:                     5FL2WZ1bc6-a3cwpZywcl8gyyxY.roa (raw, json)
Hash identifier:          hhCzJXRz+fo1kEHcDRjAbVB/fMhWd/xMn3n4BAiyTAw=
Subject key identifier:   E4:52:F6:59:9D:5B:73:AF:9A:DD:CC:29:67:2C:1C:97:C8:32:CB:16
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       019B797E055168A1BA290E3B57E36CF9A4F9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5FL2WZ1bc6-a3cwpZywcl8gyyxY.roa
Signing time:             Thu 01 Jan 2026 12:17:40 +0000
ROA not before:           Thu 01 Jan 2026 12:17:40 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214172
IP address blocks:        212.192.4.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 08:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:05:51:68:a1:ba:29:0e:3b:57:e3:6c:f9:a4:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Jan  1 12:17:40 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e452f6599d5b73af9addcc29672c1c97c832cb16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a8:d6:45:cd:78:33:07:f0:4d:a5:ba:e5:bd:
                    41:54:6a:0d:f2:25:ad:5a:b0:fc:76:ef:a7:c4:78:
                    a8:9d:10:30:57:34:ce:46:5c:44:6e:d7:eb:88:4f:
                    6a:59:fe:18:04:46:05:45:48:03:eb:ed:36:ee:aa:
                    c7:a3:fb:e1:7b:d7:f3:d2:5a:16:c5:97:16:12:c2:
                    46:97:ea:a5:00:d2:4f:83:c6:6a:19:f3:2f:d5:4e:
                    b8:05:e2:56:3a:68:32:4f:3a:00:5c:cd:03:f6:55:
                    09:ac:79:89:3d:a0:5f:cb:98:c8:79:70:76:18:0e:
                    40:b2:cc:ef:66:d9:f6:4d:00:a6:55:42:35:45:86:
                    b7:50:85:b5:1c:ca:38:b3:c2:ff:21:7c:57:58:a9:
                    e9:b8:e2:15:0a:f8:e9:a7:63:f3:5c:ee:7a:e2:64:
                    ff:ec:5f:b9:6a:55:9c:ae:4e:2c:af:64:2e:2f:cb:
                    b5:c8:d3:4b:6f:28:2f:a8:3a:2a:8c:c2:51:ee:a7:
                    a1:05:41:32:80:c3:a9:82:2f:ee:ae:04:52:7a:b6:
                    88:c7:81:4b:dd:49:c7:3e:6a:db:4e:81:63:fd:5b:
                    01:9a:04:e3:dc:ca:f1:8f:31:3c:e4:3b:9f:57:c5:
                    a0:b5:bb:5d:6f:df:df:36:80:82:e4:e6:4a:3b:60:
                    7e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:52:F6:59:9D:5B:73:AF:9A:DD:CC:29:67:2C:1C:97:C8:32:CB:16
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5FL2WZ1bc6-a3cwpZywcl8gyyxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:c0:e2:bb:a2:cb:f9:e6:cd:f6:5b:16:0c:bc:07:2f:d0:e1:
         48:f5:e5:5b:8f:9f:88:b5:60:0a:a8:7f:8e:b6:fe:51:a0:23:
         c2:a7:f3:46:92:b2:ff:30:a2:b9:e1:f2:1f:ce:ab:3a:65:49:
         78:14:c3:56:4f:14:42:49:04:1a:ea:06:3e:6a:14:00:aa:1b:
         ec:52:61:60:f2:f9:86:a2:31:65:d8:ae:a2:e8:ba:bc:d8:60:
         9f:66:07:1c:17:5d:f6:08:63:40:d6:4c:c1:01:16:60:25:fd:
         a3:53:4a:14:cf:14:8a:72:59:bc:f1:a5:b8:db:74:ee:0a:f4:
         48:a7:3a:ac:7a:57:9e:c1:07:6b:cf:6f:13:df:69:17:3b:2b:
         30:fb:ae:16:5c:3f:78:5f:9a:88:4f:16:59:39:a9:9a:94:13:
         a1:bb:38:00:b9:31:05:13:e9:86:e3:e1:64:f8:de:d6:7f:0c:
         8b:01:e2:d6:e4:76:e5:ff:ed:14:06:e0:68:67:48:95:86:9f:
         39:0d:ab:0f:05:ba:ab:21:f4:39:a1:63:e0:b5:28:b1:16:35:
         2c:96:53:16:42:49:06:41:8f:85:77:4f:36:d8:ce:8c:8c:76:
         45:b3:85:21:7a:3e:e1:97:3e:82:31:3a:7c:cb:d6:e4:71:7e:
         db:68:76:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fgVRaKG6KQ47V+Ns+aT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMTAxMTIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUyZjY1OTlkNWI3M2FmOWFkZGNjMjk2NzJjMWM5N2M4MzJjYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqjWRc14MwfwTaW65b1BVGoN8iWt
WrD8du+nxHionRAwVzTORlxEbtfriE9qWf4YBEYFRUgD6+027qrHo/vhe9fz0loW
xZcWEsJGl+qlANJPg8ZqGfMv1U64BeJWOmgyTzoAXM0D9lUJrHmJPaBfy5jIeXB2
GA5AsszvZtn2TQCmVUI1RYa3UIW1HMo4s8L/IXxXWKnpuOIVCvjpp2PzXO564mT/
7F+5alWcrk4sr2QuL8u1yNNLbygvqDoqjMJR7qehBUEygMOpgi/urgRSeraIx4FL
3UnHPmrbToFj/VsBmgTj3MrxjzE85DufV8Wgtbtdb9/fNoCC5OZKO2B+SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORS9lmdW3Ovmt3MKWcsHJfIMssWMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNUZMMldaMWJjNi1hM2N3cFp5d2NsOGd5eXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAEMA0G
CSqGSIb3DQEBCwUAA4IBAQAMwOK7osv55s32WxYMvAcv0OFI9eVbj5+ItWAKqH+O
tv5RoCPCp/NGkrL/MKK54fIfzqs6ZUl4FMNWTxRCSQQa6gY+ahQAqhvsUmFg8vmG
ojFl2K6i6Lq82GCfZgccF132CGNA1kzBARZgJf2jU0oUzxSKclm88aW423TuCvRI
pzqseleewQdrz28T32kXOysw+64WXD94X5qITxZZOamalBOhuzgAuTEFE+mG4+Fk
+N7WfwyLAeLW5Hbl/+0UBuBoZ0iVhp85DasPBbqrIfQ5oWPgtSixFjUsllMWQkkG
QY+Fd0822M6MjHZFs4Uhej7hlz6CMTp8y9bkcX7baHbf
-----END CERTIFICATE-----