This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sg7jqSCfk6vdfH37pm3TzVlblT0.roa
File:                     sg7jqSCfk6vdfH37pm3TzVlblT0.roa (raw, json)
Hash identifier:          ZBPGJ9WGvg3FX3KkXrx/GUxbkgnG+QnxoGyWHwFNqn4=
Subject key identifier:   B2:0E:E3:A9:20:9F:93:AB:DD:7C:7D:FB:A6:6D:D3:CD:59:5B:95:3D
Certificate issuer:       /CN=b132e935a10f9ce216e0993ae4199c96f5273af4
Certificate serial:       019B7BA53A86333C0A4CC9E6733D04BB599D
Authority key identifier: B1:32:E9:35:A1:0F:9C:E2:16:E0:99:3A:E4:19:9C:96:F5:27:3A:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTLpNaEPnOIW4Jk65BmclvUnOvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sg7jqSCfk6vdfH37pm3TzVlblT0.roa
Signing time:             Thu 01 Jan 2026 22:19:44 +0000
ROA not before:           Thu 01 Jan 2026 22:19:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15830
IP address blocks:        212.6.39.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sTLpNaEPnOIW4Jk65BmclvUnOvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sTLpNaEPnOIW4Jk65BmclvUnOvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTLpNaEPnOIW4Jk65BmclvUnOvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a5:3a:86:33:3c:0a:4c:c9:e6:73:3d:04:bb:59:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b132e935a10f9ce216e0993ae4199c96f5273af4
        Validity
            Not Before: Jan  1 22:19:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b20ee3a9209f93abdd7c7dfba66dd3cd595b953d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:96:9d:77:18:be:8e:b8:df:06:4d:12:07:41:
                    f6:db:5f:de:18:f1:ef:08:6e:46:8a:90:bd:84:e7:
                    af:42:96:a6:e2:7a:e4:92:01:87:92:93:f5:cd:f0:
                    d0:0b:4e:c2:60:75:55:26:84:c4:99:67:ae:84:e5:
                    5d:4f:7e:54:9e:a4:93:44:dc:d5:f4:6c:3a:98:56:
                    52:73:d8:02:e0:90:0a:58:a9:cc:49:35:bb:f1:6f:
                    0b:e9:1c:4c:24:16:dd:1e:f1:f9:4a:ec:96:79:78:
                    0e:fd:96:fd:04:b4:3d:f2:6f:44:4d:58:d2:e5:9c:
                    bb:1d:2e:f0:3a:9e:6e:48:cd:de:dd:39:48:49:af:
                    ea:97:24:2c:b4:7d:b8:69:bc:2a:c6:2e:ec:e3:43:
                    37:a7:d0:15:e1:b1:91:a0:16:4f:6c:c4:18:9b:81:
                    13:67:4a:ce:1d:99:0e:c8:6a:c2:73:1c:46:22:31:
                    8d:33:17:4d:23:5c:02:91:81:df:bd:4e:2c:40:5f:
                    c5:94:a8:6d:a0:ac:80:2e:76:0a:05:31:24:47:1a:
                    71:f0:55:57:f5:cc:7a:6c:1b:66:05:ce:4c:84:47:
                    c8:d5:f3:93:49:a8:83:65:e6:5d:20:95:8f:57:5f:
                    9e:68:2f:c8:31:53:6f:d8:c4:a8:3f:e1:53:36:0d:
                    8d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:0E:E3:A9:20:9F:93:AB:DD:7C:7D:FB:A6:6D:D3:CD:59:5B:95:3D
            X509v3 Authority Key Identifier:
                keyid:B1:32:E9:35:A1:0F:9C:E2:16:E0:99:3A:E4:19:9C:96:F5:27:3A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTLpNaEPnOIW4Jk65BmclvUnOvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sg7jqSCfk6vdfH37pm3TzVlblT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b38821-23f2-4e5e-941c-a8f0ee00b2ad/1/sTLpNaEPnOIW4Jk65BmclvUnOvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.6.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:05:70:93:b2:3a:e1:2d:d4:d2:11:36:8f:62:55:e2:55:25:
         98:4c:89:12:ff:1e:9a:f0:16:e5:7c:cb:09:7f:76:d2:4b:7c:
         19:87:63:20:6c:d8:95:88:fc:b8:95:f2:76:df:7f:0d:5d:85:
         99:51:34:c6:38:1b:ec:b3:e2:fc:a5:19:c3:15:17:f5:8c:44:
         e3:83:35:7c:d3:d7:a3:b4:9f:f4:0a:1d:a1:19:95:c4:6b:0a:
         61:17:6d:4c:44:7a:94:aa:28:ac:8e:8e:59:2e:4a:8f:ab:29:
         d0:df:0c:f3:65:40:1a:f8:fc:98:6d:d9:0a:df:53:a1:40:d0:
         44:f1:d3:a7:23:92:13:68:db:cb:b7:0a:b6:1c:5e:83:2d:80:
         b1:e1:ea:16:66:24:8a:47:1f:2b:e7:b6:8d:ea:50:47:fa:20:
         6d:5d:6c:0a:26:22:d7:88:43:0f:c5:d5:20:89:4a:e6:7b:99:
         b9:22:bf:bd:27:fa:99:4b:da:49:64:e9:8b:6b:31:33:cd:77:
         58:49:b7:c2:bd:a5:64:0d:c9:49:33:ad:f3:b2:56:25:86:96:
         3a:f4:fd:82:9f:90:e3:39:c9:76:f5:90:ff:be:93:6b:48:8d:
         7b:33:52:89:d7:f7:e5:e8:d1:49:34:1d:4e:30:0b:5f:ae:0e:
         4c:e0:00:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pTqGMzwKTMnmcz0Eu1mdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzJlOTM1YTEwZjljZTIxNmUwOTkzYWU0MTk5Yzk2ZjUy
NzNhZjQwHhcNMjYwMTAxMjIxOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBlZTNhOTIwOWY5M2FiZGQ3YzdkZmJhNjZkZDNjZDU5NWI5NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5addxi+jrjfBk0SB0H221/eGPHv
CG5GipC9hOevQpam4nrkkgGHkpP1zfDQC07CYHVVJoTEmWeuhOVdT35UnqSTRNzV
9Gw6mFZSc9gC4JAKWKnMSTW78W8L6RxMJBbdHvH5SuyWeXgO/Zb9BLQ98m9ETVjS
5Zy7HS7wOp5uSM3e3TlISa/qlyQstH24abwqxi7s40M3p9AV4bGRoBZPbMQYm4ET
Z0rOHZkOyGrCcxxGIjGNMxdNI1wCkYHfvU4sQF/FlKhtoKyALnYKBTEkRxpx8FVX
9cx6bBtmBc5MhEfI1fOTSaiDZeZdIJWPV1+eaC/IMVNv2MSoP+FTNg2NswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIO46kgn5Or3Xx9+6Zt081ZW5U9MB8GA1UdIwQY
MBaAFLEy6TWhD5ziFuCZOuQZnJb1Jzr0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RMcE5hRVBuT0lXNEprNjVCbWNsdlVuT3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iMzg4MjEtMjNmMi00ZTVlLTk0MWMt
YThmMGVlMDBiMmFkLzEvc2c3anFTQ2ZrNnZkZkgzN3BtM1R6VmxibFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iMzg4MjEtMjNmMi00ZTVlLTk0MWMtYThmMGVlMDBiMmFk
LzEvc1RMcE5hRVBuT0lXNEprNjVCbWNsdlVuT3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AYnMA0G
CSqGSIb3DQEBCwUAA4IBAQAbBXCTsjrhLdTSETaPYlXiVSWYTIkS/x6a8BblfMsJ
f3bSS3wZh2MgbNiViPy4lfJ2338NXYWZUTTGOBvss+L8pRnDFRf1jETjgzV809ej
tJ/0Ch2hGZXEawphF21MRHqUqiisjo5ZLkqPqynQ3wzzZUAa+PyYbdkK31OhQNBE
8dOnI5ITaNvLtwq2HF6DLYCx4eoWZiSKRx8r57aN6lBH+iBtXWwKJiLXiEMPxdUg
iUrme5m5Ir+9J/qZS9pJZOmLazEzzXdYSbfCvaVkDclJM63zslYlhpY69P2Cn5Dj
Ocl29ZD/vpNrSI17M1KJ1/fl6NFJNB1OMAtfrg5M4AC+
-----END CERTIFICATE-----