This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/sGL0IpkAAnhvKoGAh5UWQwRpfVM.roa
File:                     sGL0IpkAAnhvKoGAh5UWQwRpfVM.roa (raw, json)
Hash identifier:          mpibMWOyOdzjLVDF60aD5dDfWs60rSKxiTiv1sDZLv8=
Subject key identifier:   B0:62:F4:22:99:00:02:78:6F:2A:81:80:87:95:16:43:04:69:7D:53
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       019B79106DE3B7EF5375D042C914891AC03F
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/sGL0IpkAAnhvKoGAh5UWQwRpfVM.roa
Signing time:             Thu 01 Jan 2026 10:17:58 +0000
ROA not before:           Thu 01 Jan 2026 10:17:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     31631
IP address blocks:        5.39.248.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 08:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:6d:e3:b7:ef:53:75:d0:42:c9:14:89:1a:c0:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jan  1 10:17:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b062f422990002786f2a81808795164304697d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f8:4c:56:42:f6:af:77:d3:b6:78:74:c9:f2:
                    3e:31:98:ab:bc:61:8a:c6:03:3c:82:65:46:6f:ec:
                    49:49:04:18:1f:f0:8c:68:cd:05:e0:e1:8f:ae:a8:
                    c6:72:7d:1b:0a:95:ed:3a:43:23:66:eb:89:a6:99:
                    e6:f2:88:6a:3c:81:b8:09:d2:8b:b4:ca:97:83:32:
                    0a:58:2c:d4:74:4e:17:fe:c3:42:cd:aa:7d:b6:9b:
                    d0:3c:76:7f:90:66:41:f0:3e:4e:58:ed:53:9d:41:
                    9c:41:38:ae:e2:95:d3:6a:c1:87:06:76:37:cc:31:
                    51:fa:41:3b:95:5f:90:3a:a5:24:58:0d:a3:94:d3:
                    b4:3a:78:43:6d:1b:27:65:f0:4e:22:e3:bc:8e:52:
                    0c:1f:b2:ba:ff:6f:71:53:52:b8:93:a9:33:5b:0d:
                    4f:9b:d2:6f:ad:fd:48:e2:59:84:e5:dc:9c:4b:1b:
                    25:1a:2f:4f:10:d4:d8:c7:bb:eb:5f:e2:08:3d:a6:
                    41:32:e8:55:6f:28:08:ef:de:11:88:da:24:ec:ed:
                    9d:b9:5f:2b:a2:66:23:5c:fd:c7:e7:55:07:af:f8:
                    bd:4e:64:09:80:34:d6:fe:20:39:42:d7:43:3c:e5:
                    90:c3:ce:7c:d3:68:35:7d:e2:89:a1:82:41:f8:4d:
                    95:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:62:F4:22:99:00:02:78:6F:2A:81:80:87:95:16:43:04:69:7D:53
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/sGL0IpkAAnhvKoGAh5UWQwRpfVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:93:e7:43:4d:a6:fe:83:b7:8e:05:9b:05:73:de:5a:df:7e:
         d0:b0:4e:ee:01:c1:b9:65:0b:b7:c8:09:b8:8f:24:ad:db:5f:
         5d:53:d6:a3:e7:67:3d:68:c6:09:d5:f1:72:fe:83:93:26:c6:
         76:97:19:dd:e4:8b:2f:7b:ff:47:1e:09:b2:52:59:2c:64:20:
         d2:85:d9:0c:92:1c:6e:db:9a:67:9d:ff:6d:2e:d5:d9:f2:6a:
         75:46:50:8b:11:18:9b:c8:27:db:b1:17:e3:58:33:30:8d:9a:
         b1:4b:9a:45:51:19:95:5a:fc:69:26:fb:7b:6e:ae:7a:6d:c2:
         de:de:a7:49:96:58:f3:6b:ef:15:1b:94:99:ed:a5:8e:dc:bb:
         01:e6:1f:e4:f1:a5:68:ae:56:13:c2:ba:9a:e2:68:64:38:b9:
         ac:b1:4f:77:7e:df:89:09:b5:81:85:4a:16:96:07:f8:93:0a:
         98:51:62:16:22:a9:1f:b9:52:bc:06:7a:bb:ae:53:d7:ea:1f:
         cd:6e:72:26:86:8b:7a:b3:64:f4:e9:fe:70:5a:56:26:87:79:
         02:43:ca:a4:2f:55:ef:5d:5b:81:a6:06:7c:74:19:0a:b8:58:
         dd:eb:72:fb:63:ec:2d:f2:91:e9:16:c6:cd:25:c2:35:a0:d5:
         27:72:b3:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EG3jt+9TddBCyRSJGsA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjYwMTAxMTAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYyZjQyMjk5MDAwMjc4NmYyYTgxODA4Nzk1MTY0MzA0Njk3ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/hMVkL2r3fTtnh0yfI+MZirvGGK
xgM8gmVGb+xJSQQYH/CMaM0F4OGPrqjGcn0bCpXtOkMjZuuJppnm8ohqPIG4CdKL
tMqXgzIKWCzUdE4X/sNCzap9tpvQPHZ/kGZB8D5OWO1TnUGcQTiu4pXTasGHBnY3
zDFR+kE7lV+QOqUkWA2jlNO0OnhDbRsnZfBOIuO8jlIMH7K6/29xU1K4k6kzWw1P
m9Jvrf1I4lmE5dycSxslGi9PENTYx7vrX+IIPaZBMuhVbygI794RiNok7O2duV8r
omYjXP3H51UHr/i9TmQJgDTW/iA5QtdDPOWQw85802g1feKJoYJB+E2VHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBi9CKZAAJ4byqBgIeVFkMEaX1TMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvc0dMMElwa0FBbmh2S29HQWg1VVdRd1JwZlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSf4MA0G
CSqGSIb3DQEBCwUAA4IBAQBCk+dDTab+g7eOBZsFc95a337QsE7uAcG5ZQu3yAm4
jySt219dU9aj52c9aMYJ1fFy/oOTJsZ2lxnd5Isve/9HHgmyUlksZCDShdkMkhxu
25pnnf9tLtXZ8mp1RlCLERibyCfbsRfjWDMwjZqxS5pFURmVWvxpJvt7bq56bcLe
3qdJlljza+8VG5SZ7aWO3LsB5h/k8aVorlYTwrqa4mhkOLmssU93ft+JCbWBhUoW
lgf4kwqYUWIWIqkfuVK8Bnq7rlPX6h/NbnImhot6s2T06f5wWlYmh3kCQ8qkL1Xv
XVuBpgZ8dBkKuFjd63L7Y+wt8pHpFsbNJcI1oNUncrMD
-----END CERTIFICATE-----