This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/TGnGTCkP1dTeSG5Z0jeGksx2_TM.roa
File:                     TGnGTCkP1dTeSG5Z0jeGksx2_TM.roa (raw, json)
Hash identifier:          4RJjvyKtkRooo1Te20TythHJtDrbG5VCS6d6MKrm0hU=
Subject key identifier:   4C:69:C6:4C:29:0F:D5:D4:DE:48:6E:59:D2:37:86:92:CC:76:FD:33
Certificate issuer:       /CN=455f545e2a94f051ceb8f80f446c1cb61c0e6c8e
Certificate serial:       019B7D5AE94C43FB65B95D154FAEEE5786F6
Authority key identifier: 45:5F:54:5E:2A:94:F0:51:CE:B8:F8:0F:44:6C:1C:B6:1C:0E:6C:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RV9UXiqU8FHOuPgPRGwcthwObI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/TGnGTCkP1dTeSG5Z0jeGksx2_TM.roa
Signing time:             Fri 02 Jan 2026 06:17:48 +0000
ROA not before:           Fri 02 Jan 2026 06:17:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     25369
IP address blocks:        193.104.58.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/RV9UXiqU8FHOuPgPRGwcthwObI4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/RV9UXiqU8FHOuPgPRGwcthwObI4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RV9UXiqU8FHOuPgPRGwcthwObI4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 09:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5a:e9:4c:43:fb:65:b9:5d:15:4f:ae:ee:57:86:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=455f545e2a94f051ceb8f80f446c1cb61c0e6c8e
        Validity
            Not Before: Jan  2 06:17:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4c69c64c290fd5d4de486e59d2378692cc76fd33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:11:8c:b5:17:b0:20:7b:c3:37:5c:62:9d:8b:
                    2b:ff:5e:ea:d8:fb:5c:6a:76:ea:9c:30:61:5b:a6:
                    e6:b5:e9:1a:fb:cf:fe:db:44:d2:7f:f0:dc:0d:81:
                    d4:c6:31:7c:20:90:5a:fb:d4:27:b7:84:a2:50:0f:
                    8a:bd:87:b3:0b:55:a0:3d:f9:ee:5b:c0:66:f8:5a:
                    ec:f6:ac:0c:13:9b:ed:fa:19:8e:a8:94:08:86:4b:
                    9b:7d:50:f7:d9:69:0c:e8:5e:d2:f0:41:48:d2:44:
                    0f:1d:7e:9b:3f:b0:d2:18:b4:34:27:39:77:09:26:
                    6b:ad:a3:76:3c:cc:06:c0:0e:e2:37:e2:38:25:fb:
                    9b:82:35:8a:82:59:47:92:08:dc:d3:76:37:02:22:
                    cd:69:a3:8f:7f:ef:56:03:54:7f:00:7e:5c:b9:30:
                    60:92:33:6b:ef:8c:d3:aa:37:e2:8b:f0:86:ab:46:
                    33:55:cb:23:b1:c2:40:48:6a:3a:33:e0:d8:53:d0:
                    a1:d8:73:bd:5f:09:60:82:14:3b:c5:a3:63:9c:15:
                    d8:3a:a9:a0:29:7b:cd:4a:9d:bd:4e:53:08:b1:02:
                    7e:96:68:97:7c:46:87:3f:5d:58:5c:0d:e7:f7:d0:
                    2d:13:5c:09:56:4b:01:cb:35:c0:77:83:52:1a:6d:
                    69:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:69:C6:4C:29:0F:D5:D4:DE:48:6E:59:D2:37:86:92:CC:76:FD:33
            X509v3 Authority Key Identifier:
                keyid:45:5F:54:5E:2A:94:F0:51:CE:B8:F8:0F:44:6C:1C:B6:1C:0E:6C:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RV9UXiqU8FHOuPgPRGwcthwObI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/TGnGTCkP1dTeSG5Z0jeGksx2_TM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e8449a-a797-452b-bdfa-9c4211dda541/1/RV9UXiqU8FHOuPgPRGwcthwObI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:ec:7f:12:f5:e5:b8:42:53:3a:93:d9:66:51:17:d7:df:64:
         f7:d4:ca:15:33:32:f7:2d:2f:e8:5f:4e:8e:d7:c1:fb:6d:fc:
         ac:0b:ec:dd:f9:8b:6f:c2:d9:21:2f:ee:7c:23:fa:f8:84:1b:
         2d:53:2f:3c:26:8f:c3:73:1a:ce:db:b6:7e:4f:f0:f0:f1:e2:
         fd:7d:64:2b:76:12:45:6e:19:67:4f:04:cc:e2:a2:55:7f:59:
         ab:d9:42:a8:bf:4d:98:3e:aa:5e:3f:8d:8d:d5:a5:aa:e6:e7:
         6d:f0:20:b2:d5:8d:d2:b5:7c:61:71:af:d6:b4:de:89:0b:3b:
         00:70:7c:79:67:13:4b:33:bc:ca:f8:0c:2c:fb:2b:44:61:4a:
         0d:4c:62:9b:63:7b:4c:6b:e0:09:92:01:2d:14:e4:dc:3d:36:
         e7:c3:a5:4e:74:c4:fd:b4:7d:9f:82:a6:2e:5f:89:56:8f:ac:
         6d:01:ba:f6:a8:8f:38:49:ad:13:4f:55:3f:55:e2:60:b6:41:
         7e:10:80:c9:2f:8d:f9:87:6e:93:5b:59:11:75:70:5d:a5:ff:
         5a:ae:84:0d:ca:a3:07:d1:43:4c:f8:55:05:d4:cf:72:e1:f9:
         2b:f7:66:f9:8f:85:13:fc:32:07:3f:1a:c5:35:42:d0:3b:08:
         c0:7d:8b:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9WulMQ/tluV0VT67uV4b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NWY1NDVlMmE5NGYwNTFjZWI4ZjgwZjQ0NmMxY2I2MWMw
ZTZjOGUwHhcNMjYwMTAyMDYxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzY5YzY0YzI5MGZkNWQ0ZGU0ODZlNTlkMjM3ODY5MmNjNzZmZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhGMtRewIHvDN1xinYsr/17q2Ptc
anbqnDBhW6bmteka+8/+20TSf/DcDYHUxjF8IJBa+9Qnt4SiUA+KvYezC1WgPfnu
W8Bm+Frs9qwME5vt+hmOqJQIhkubfVD32WkM6F7S8EFI0kQPHX6bP7DSGLQ0Jzl3
CSZrraN2PMwGwA7iN+I4JfubgjWKgllHkgjc03Y3AiLNaaOPf+9WA1R/AH5cuTBg
kjNr74zTqjfii/CGq0YzVcsjscJASGo6M+DYU9Ch2HO9XwlgghQ7xaNjnBXYOqmg
KXvNSp29TlMIsQJ+lmiXfEaHP11YXA3n99AtE1wJVksByzXAd4NSGm1p+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExpxkwpD9XU3khuWdI3hpLMdv0zMB8GA1UdIwQY
MBaAFEVfVF4qlPBRzrj4D0RsHLYcDmyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlY5VVhpcVU4RkhPdVBnUFJHd2N0aHdPYkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lODQ0OWEtYTc5Ny00NTJiLWJkZmEt
OWM0MjExZGRhNTQxLzEvVEduR1RDa1AxZFRlU0c1WjBqZUdrc3gyX1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lODQ0OWEtYTc5Ny00NTJiLWJkZmEtOWM0MjExZGRhNTQx
LzEvUlY5VVhpcVU4RkhPdVBnUFJHd2N0aHdPYkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWg6MA0G
CSqGSIb3DQEBCwUAA4IBAQAm7H8S9eW4QlM6k9lmURfX32T31MoVMzL3LS/oX06O
18H7bfysC+zd+YtvwtkhL+58I/r4hBstUy88Jo/DcxrO27Z+T/Dw8eL9fWQrdhJF
bhlnTwTM4qJVf1mr2UKov02YPqpeP42N1aWq5udt8CCy1Y3StXxhca/WtN6JCzsA
cHx5ZxNLM7zK+Aws+ytEYUoNTGKbY3tMa+AJkgEtFOTcPTbnw6VOdMT9tH2fgqYu
X4lWj6xtAbr2qI84Sa0TT1U/VeJgtkF+EIDJL435h26TW1kRdXBdpf9aroQNyqMH
0UNM+FUF1M9y4fkr92b5j4UT/DIHPxrFNULQOwjAfYvF
-----END CERTIFICATE-----