This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/BOgwaBfeVQSIIpapc527zkUmHqU.roa
File:                     BOgwaBfeVQSIIpapc527zkUmHqU.roa (raw, json)
Hash identifier:          nrw7ZZfH7PdSf3N6nWnSJG5fTiZauLCGIT/x1kU9vbo=
Subject key identifier:   04:E8:30:68:17:DE:55:04:88:22:96:A9:73:9D:BB:CE:45:26:1E:A5
Certificate issuer:       /CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Certificate serial:       019B7F15B38FBD5D583F514E02BF76E2E1D0
Authority key identifier: B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/BOgwaBfeVQSIIpapc527zkUmHqU.roa
Signing time:             Fri 02 Jan 2026 14:21:27 +0000
ROA not before:           Fri 02 Jan 2026 14:21:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44477
IP address blocks:        194.88.150.0/24 maxlen: 24
                          194.88.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 03:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:b3:8f:bd:5d:58:3f:51:4e:02:bf:76:e2:e1:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
        Validity
            Not Before: Jan  2 14:21:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=04e8306817de5504882296a9739dbbce45261ea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8f:c2:6a:2b:06:38:e3:6a:24:33:75:4b:40:
                    92:b1:cf:e9:48:51:d1:b4:46:93:e3:56:99:2e:ea:
                    30:d8:ef:00:79:ab:c2:42:62:82:5e:2b:f3:60:6e:
                    8b:94:96:ce:02:d6:9b:20:fc:b2:bd:e3:57:e1:03:
                    34:83:e9:09:e9:cf:89:75:9b:a1:33:da:6a:76:89:
                    a5:30:9a:08:f7:5e:36:51:3e:df:eb:03:58:b9:c1:
                    df:db:be:02:b4:45:6e:b7:e7:c3:da:1e:7e:30:08:
                    44:48:1c:a6:f3:72:0f:d9:e0:19:33:74:87:d4:a0:
                    31:59:57:cb:6d:d9:de:b0:e3:13:1e:c4:b8:e0:79:
                    a6:b8:74:16:f0:c4:27:01:64:0b:d5:b2:84:5d:b4:
                    89:fb:18:7c:4e:a5:2c:40:09:ff:de:59:8a:81:73:
                    3f:6a:ea:f8:6a:52:5c:8d:f8:9c:c2:8b:af:5e:16:
                    a8:17:6b:b1:76:38:99:4e:fd:65:f3:c8:75:b3:3e:
                    ca:ac:b4:64:f8:74:17:5f:0c:4f:c5:fb:88:d7:7a:
                    3c:de:fa:89:df:78:57:a1:a4:98:5f:c2:d4:38:77:
                    4a:4b:44:61:a8:1c:80:15:ba:77:fc:1b:54:88:21:
                    40:cd:11:33:02:94:fb:3f:cb:2b:1a:9d:bd:ef:22:
                    2a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E8:30:68:17:DE:55:04:88:22:96:A9:73:9D:BB:CE:45:26:1E:A5
            X509v3 Authority Key Identifier:
                keyid:B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/BOgwaBfeVQSIIpapc527zkUmHqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.88.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         72:22:ac:05:7e:3c:20:aa:a8:2b:43:5c:99:35:dd:c7:f2:18:
         1a:fe:fe:a3:9d:62:21:3f:fc:d6:f2:78:ac:79:0e:83:88:06:
         e8:b3:0e:05:26:06:2d:be:55:b8:61:2b:95:75:90:27:17:fa:
         6a:fd:c0:d7:4a:d8:41:1f:20:64:96:70:13:d5:6f:68:53:20:
         c7:5a:1d:94:2d:70:dd:e1:07:2c:67:98:78:05:7d:ee:fa:12:
         ac:29:bd:22:9d:04:ff:4f:b3:87:24:39:39:74:dc:bc:41:12:
         e1:9f:eb:a2:56:1a:6e:f2:cc:f3:ab:d2:10:8f:66:2a:7d:ca:
         9a:d5:aa:db:a9:31:75:5c:31:bc:12:e0:ba:d3:5d:ca:72:93:
         f2:4e:14:b4:aa:01:3f:34:93:83:c5:66:e4:4c:62:04:c4:c7:
         46:9e:16:bd:46:e9:9b:d4:47:7e:c5:87:61:73:e2:c4:da:40:
         e9:db:06:66:7b:b0:4c:7c:ff:05:63:2f:a5:0e:6c:3f:11:6f:
         84:18:3b:14:2c:99:13:64:ac:14:7e:cc:74:54:ca:2e:f0:43:
         e2:82:96:cc:47:1c:7c:89:97:25:6e:d2:e9:72:f1:45:00:b5:
         de:43:f7:ac:c6:ac:93:f8:d0:2c:d3:3e:f8:4d:5d:7c:ff:f7:
         53:96:0d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FbOPvV1YP1FOAr924uHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzdkODFlYzRjNDA1NWM2NzNmZjU3MWNjYWQwN2MzYTY5
OTEwNWUwHhcNMjYwMTAyMTQyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU4MzA2ODE3ZGU1NTA0ODgyMjk2YTk3MzlkYmJjZTQ1MjYxZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI/CaisGOONqJDN1S0CSsc/pSFHR
tEaT41aZLuow2O8AeavCQmKCXivzYG6LlJbOAtabIPyyveNX4QM0g+kJ6c+JdZuh
M9pqdomlMJoI9142UT7f6wNYucHf274CtEVut+fD2h5+MAhESBym83IP2eAZM3SH
1KAxWVfLbdnesOMTHsS44HmmuHQW8MQnAWQL1bKEXbSJ+xh8TqUsQAn/3lmKgXM/
aur4alJcjficwouvXhaoF2uxdjiZTv1l88h1sz7KrLRk+HQXXwxPxfuI13o83vqJ
33hXoaSYX8LUOHdKS0RhqByAFbp3/BtUiCFAzREzApT7P8srGp297yIqjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAToMGgX3lUEiCKWqXOdu85FJh6lMB8GA1UdIwQY
MBaAFLXH2B7ExAVcZz/1ccytB8OmmRBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2Qt
YzJiYzE0NTFmMjcxLzEvQk9nd2FCZmVWUVNJSXBhcGM1Mjd6a1VtSHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2QtYzJiYzE0NTFmMjcx
LzEvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwliWMA0G
CSqGSIb3DQEBCwUAA4IBAQByIqwFfjwgqqgrQ1yZNd3H8hga/v6jnWIhP/zW8nis
eQ6DiAbosw4FJgYtvlW4YSuVdZAnF/pq/cDXSthBHyBklnAT1W9oUyDHWh2ULXDd
4QcsZ5h4BX3u+hKsKb0inQT/T7OHJDk5dNy8QRLhn+uiVhpu8szzq9IQj2Yqfcqa
1arbqTF1XDG8EuC6013KcpPyThS0qgE/NJODxWbkTGIExMdGnha9Rumb1Ed+xYdh
c+LE2kDp2wZme7BMfP8FYy+lDmw/EW+EGDsULJkTZKwUfsx0VMou8EPigpbMRxx8
iZclbtLpcvFFALXeQ/esxqyT+NAs0z74TV18//dTlg0m
-----END CERTIFICATE-----