This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/SGpevAZGETQFuN0tYIFbuVO-oHU.roa
File:                     SGpevAZGETQFuN0tYIFbuVO-oHU.roa (raw, json)
Hash identifier:          p6/1XP6vhlSrsHHLDARcNdGWShp5rNMH31ibs+saZHQ=
Subject key identifier:   48:6A:5E:BC:06:46:11:34:05:B8:DD:2D:60:81:5B:B9:53:BE:A0:75
Certificate issuer:       /CN=153d072ccef00bf464d660dbd05dada1da33d2c8
Certificate serial:       019B7F8080CB4838F520CAE96CFE3B432E75
Authority key identifier: 15:3D:07:2C:CE:F0:0B:F4:64:D6:60:DB:D0:5D:AD:A1:DA:33:D2:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/SGpevAZGETQFuN0tYIFbuVO-oHU.roa
Signing time:             Fri 02 Jan 2026 16:18:06 +0000
ROA not before:           Fri 02 Jan 2026 16:18:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34984
IP address blocks:        77.73.217.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:80:80:cb:48:38:f5:20:ca:e9:6c:fe:3b:43:2e:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=153d072ccef00bf464d660dbd05dada1da33d2c8
        Validity
            Not Before: Jan  2 16:18:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=486a5ebc0646113405b8dd2d60815bb953bea075
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:8b:2b:f4:e3:2b:7e:3e:aa:fd:2d:14:2f:
                    35:8b:1d:6d:a7:d1:fa:36:aa:a2:e5:75:48:a2:01:
                    28:56:5e:17:41:1c:78:21:7a:20:9b:62:ce:41:d5:
                    88:68:db:ba:74:63:d2:ed:aa:62:d8:a8:ea:98:e7:
                    a8:19:fa:86:5f:77:ab:75:4a:6f:b2:18:d8:dc:db:
                    cf:38:e5:62:f7:f1:77:f3:22:43:a0:41:ef:3f:f6:
                    a3:37:b4:b6:41:16:ef:5f:bf:48:1c:5e:37:dc:5b:
                    59:4e:25:6b:9f:18:b2:3b:d7:1d:28:2b:c0:10:d7:
                    72:6b:2f:da:70:63:b4:c2:e1:1f:ba:f2:f5:cf:c5:
                    c6:6b:8e:43:91:fc:27:30:e1:59:47:c8:e4:8d:29:
                    af:ca:70:99:cf:24:53:b1:04:72:3c:4c:71:f2:79:
                    72:be:a6:2e:fb:f6:ed:d4:0c:bd:71:be:ea:51:58:
                    33:ea:b1:ac:42:d0:5c:15:c4:66:87:ab:5b:d5:dc:
                    60:ad:78:23:6e:ba:82:e7:ab:25:28:1d:f2:7d:26:
                    14:cf:50:fb:76:7b:e4:10:65:e2:d4:42:04:35:b2:
                    61:3f:61:d1:2d:ac:b6:6a:97:40:ca:a0:a0:81:75:
                    d8:0b:8c:cc:06:7c:20:9b:eb:b8:6f:86:cb:d8:b7:
                    31:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6A:5E:BC:06:46:11:34:05:B8:DD:2D:60:81:5B:B9:53:BE:A0:75
            X509v3 Authority Key Identifier:
                keyid:15:3D:07:2C:CE:F0:0B:F4:64:D6:60:DB:D0:5D:AD:A1:DA:33:D2:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/SGpevAZGETQFuN0tYIFbuVO-oHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:2c:53:d9:fe:1e:47:61:82:58:f8:d2:40:f3:b4:1a:0b:78:
         7c:ac:60:2b:3c:ad:c6:61:9c:68:b8:5f:8a:d2:bf:68:4d:3e:
         4a:3e:5d:07:7b:ba:d6:a4:3c:37:e7:a1:d9:86:16:1d:8b:7a:
         65:d8:e0:81:d1:14:1b:f6:37:02:ca:9b:d8:c2:bc:3c:4d:d4:
         15:2f:3f:92:b7:1d:e3:f5:ee:73:a0:dc:3e:b5:e6:71:37:0a:
         b2:df:63:36:82:74:e7:d7:50:44:a1:15:a9:1b:f4:8f:3d:65:
         a9:4d:76:a8:d9:86:5f:01:ef:15:56:8e:81:71:f0:13:26:28:
         e2:39:ca:45:2e:9a:93:83:c2:f8:2f:cd:82:95:5a:83:be:79:
         1b:90:47:23:b0:e2:5f:ca:27:bb:1b:51:c4:0c:71:d5:0c:12:
         d3:2f:46:b1:60:5b:31:05:a8:78:c2:eb:9a:ca:f1:c0:5b:6b:
         68:ea:02:4e:01:0b:a9:65:1d:cd:37:41:88:59:1e:83:d6:09:
         58:15:40:43:2a:b7:ac:3f:4e:8b:5f:28:07:06:ca:f6:3c:02:
         b7:fc:91:4f:56:aa:67:ae:1b:b7:b8:3b:56:bb:0a:b2:d7:7d:
         86:e9:73:99:9d:64:c1:ce:e6:ed:7d:56:c4:39:90:6a:38:87:
         61:ce:91:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gIDLSDj1IMrpbP47Qy51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2QwNzJjY2VmMDBiZjQ2NGQ2NjBkYmQwNWRhZGExZGEz
M2QyYzgwHhcNMjYwMTAyMTYxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZhNWViYzA2NDYxMTM0MDViOGRkMmQ2MDgxNWJiOTUzYmVhMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJiLK/TjK34+qv0tFC81ix1tp9H6
Nqqi5XVIogEoVl4XQRx4IXogm2LOQdWIaNu6dGPS7api2KjqmOeoGfqGX3erdUpv
shjY3NvPOOVi9/F38yJDoEHvP/ajN7S2QRbvX79IHF433FtZTiVrnxiyO9cdKCvA
ENdyay/acGO0wuEfuvL1z8XGa45DkfwnMOFZR8jkjSmvynCZzyRTsQRyPExx8nly
vqYu+/bt1Ay9cb7qUVgz6rGsQtBcFcRmh6tb1dxgrXgjbrqC56slKB3yfSYUz1D7
dnvkEGXi1EIENbJhP2HRLay2apdAyqCggXXYC4zMBnwgm+u4b4bL2LcxXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhqXrwGRhE0BbjdLWCBW7lTvqB1MB8GA1UdIwQY
MBaAFBU9ByzO8Av0ZNZg29BdraHaM9LIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQwSExNN3dDX1JrMW1EYjBGMnRvZG96MHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82NGIxZTYtMGExZi00MGVjLTk0Mzct
MDRhNGMyYzQxYzM0LzEvU0dwZXZBWkdFVFFGdU4wdFlJRmJ1Vk8tb0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82NGIxZTYtMGExZi00MGVjLTk0MzctMDRhNGMyYzQxYzM0
LzEvRlQwSExNN3dDX1JrMW1EYjBGMnRvZG96MHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUnZMA0G
CSqGSIb3DQEBCwUAA4IBAQBpLFPZ/h5HYYJY+NJA87QaC3h8rGArPK3GYZxouF+K
0r9oTT5KPl0He7rWpDw356HZhhYdi3pl2OCB0RQb9jcCypvYwrw8TdQVLz+Stx3j
9e5zoNw+teZxNwqy32M2gnTn11BEoRWpG/SPPWWpTXao2YZfAe8VVo6BcfATJiji
OcpFLpqTg8L4L82ClVqDvnkbkEcjsOJfyie7G1HEDHHVDBLTL0axYFsxBah4wuua
yvHAW2to6gJOAQupZR3NN0GIWR6D1glYFUBDKresP06LXygHBsr2PAK3/JFPVqpn
rhu3uDtWuwqy132G6XOZnWTBzubtfVbEOZBqOIdhzpFl
-----END CERTIFICATE-----