This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/gugoFb8q0SHtyIBkY0PLePdn0z4.roa
File:                     gugoFb8q0SHtyIBkY0PLePdn0z4.roa (raw, json)
Hash identifier:          PfJgvUjin+qon9RPc3E2cAaH5BLLpJd7HD9BJAEBX68=
Subject key identifier:   82:E8:28:15:BF:2A:D1:21:ED:C8:80:64:63:43:CB:78:F7:67:D3:3E
Certificate issuer:       /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial:       019B7AC8687A9DABBAE08022D4DBBA4BE533
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/gugoFb8q0SHtyIBkY0PLePdn0z4.roa
Signing time:             Thu 01 Jan 2026 18:18:32 +0000
ROA not before:           Thu 01 Jan 2026 18:18:32 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     41969
IP address blocks:        192.108.72.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 03:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:68:7a:9d:ab:ba:e0:80:22:d4:db:ba:4b:e5:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
        Validity
            Not Before: Jan  1 18:18:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=82e82815bf2ad121edc880646343cb78f767d33e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c2:82:fc:15:49:57:5f:03:31:0f:b2:b8:66:
                    aa:99:64:88:2b:06:27:b3:40:19:6f:80:ee:80:7e:
                    fd:c1:63:16:9d:cc:46:5c:29:e6:22:78:8b:b9:90:
                    fb:ea:38:92:e3:4f:59:ec:c2:66:f4:00:5f:1c:a1:
                    0b:8c:86:86:3c:76:b0:5d:56:5d:8b:01:5b:56:71:
                    69:9b:08:60:03:51:a5:28:d1:1b:aa:dd:17:65:19:
                    09:77:9e:6c:17:b7:db:4d:46:16:3d:cd:9b:31:80:
                    d2:59:ba:c8:13:dc:b6:27:f8:0e:18:28:8a:68:67:
                    7e:06:bf:2a:1b:a8:59:02:90:13:36:f3:8a:a5:a3:
                    11:4a:c9:5b:d1:b8:d2:4d:19:34:ca:38:24:96:8d:
                    c5:c1:d2:d9:a0:a7:04:7b:d2:43:b9:57:cc:df:f8:
                    82:50:2f:ee:8b:4c:29:78:c8:c8:02:a7:8d:db:55:
                    2a:5a:d6:a0:f2:34:48:9c:38:d0:31:56:2d:34:d3:
                    e3:37:1c:89:28:5a:ab:e3:c3:f7:de:75:77:3e:b3:
                    cf:61:f7:af:51:df:1c:c2:e2:cf:50:f8:8c:76:92:
                    7a:50:39:19:cf:b3:2c:da:b7:0e:0f:b7:37:b8:3e:
                    da:7e:29:ff:c5:99:fc:b9:5f:01:cf:43:5c:e6:bc:
                    f2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:E8:28:15:BF:2A:D1:21:ED:C8:80:64:63:43:CB:78:F7:67:D3:3E
            X509v3 Authority Key Identifier:
                keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/gugoFb8q0SHtyIBkY0PLePdn0z4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.108.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:b1:29:e4:81:e2:96:0e:87:20:e5:a0:84:38:9c:9e:b4:12:
         bd:5b:b2:f8:33:0a:75:13:b0:af:7a:dd:e1:1e:26:88:d0:03:
         9f:0e:6d:a5:e7:81:a4:67:f3:d2:b0:70:3d:98:a4:90:13:b3:
         fb:3c:7b:53:11:bf:9a:8b:12:a4:12:44:64:2f:e6:b5:d1:06:
         12:57:78:38:73:c0:66:53:87:ea:67:7e:ea:7c:2e:62:83:bc:
         10:e4:2f:8e:29:14:6b:b3:69:9b:49:6a:57:cd:00:c6:e0:b2:
         34:6a:e3:12:7f:f1:0f:6d:aa:9a:17:80:eb:b0:83:c0:2d:91:
         db:9d:cc:ab:9f:6f:df:17:fa:00:40:6c:8f:6d:74:5d:ac:46:
         15:58:df:c2:65:39:d8:d7:a1:e4:b4:99:3d:33:f7:98:7a:67:
         db:02:aa:1d:cd:31:ac:57:f3:96:c4:43:c1:55:ed:05:31:c2:
         f6:5e:de:03:34:d6:a6:12:a1:e6:d5:7a:2e:bd:9d:24:ce:ee:
         cf:a8:83:1e:6c:82:a2:8e:13:b5:ae:78:dc:8f:09:1f:37:3a:
         f9:1c:29:8f:f4:27:ed:ac:24:ef:0a:08:93:93:57:78:04:ca:
         46:db:77:5b:ae:f0:f2:fa:ef:95:3f:bb:c6:36:f9:be:4e:b4:
         e0:cf:04:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yGh6nau64IAi1Nu6S+UzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjYwMTAxMTgxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmU4MjgxNWJmMmFkMTIxZWRjODgwNjQ2MzQzY2I3OGY3NjdkMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMKC/BVJV18DMQ+yuGaqmWSIKwYn
s0AZb4DugH79wWMWncxGXCnmIniLuZD76jiS409Z7MJm9ABfHKELjIaGPHawXVZd
iwFbVnFpmwhgA1GlKNEbqt0XZRkJd55sF7fbTUYWPc2bMYDSWbrIE9y2J/gOGCiK
aGd+Br8qG6hZApATNvOKpaMRSslb0bjSTRk0yjgklo3FwdLZoKcEe9JDuVfM3/iC
UC/ui0wpeMjIAqeN21UqWtag8jRInDjQMVYtNNPjNxyJKFqr48P33nV3PrPPYfev
Ud8cwuLPUPiMdpJ6UDkZz7Ms2rcOD7c3uD7afin/xZn8uV8Bz0Nc5rzyDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILoKBW/KtEh7ciAZGNDy3j3Z9M+MB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvZ3Vnb0ZiOHEwU0h0eUlCa1kwUExlUGRuMHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwGxIMA0G
CSqGSIb3DQEBCwUAA4IBAQAjsSnkgeKWDocg5aCEOJyetBK9W7L4Mwp1E7Cvet3h
HiaI0AOfDm2l54GkZ/PSsHA9mKSQE7P7PHtTEb+aixKkEkRkL+a10QYSV3g4c8Bm
U4fqZ37qfC5ig7wQ5C+OKRRrs2mbSWpXzQDG4LI0auMSf/EPbaqaF4DrsIPALZHb
ncyrn2/fF/oAQGyPbXRdrEYVWN/CZTnY16HktJk9M/eYemfbAqodzTGsV/OWxEPB
Ve0FMcL2Xt4DNNamEqHm1XouvZ0kzu7PqIMebIKijhO1rnjcjwkfNzr5HCmP9Cft
rCTvCgiTk1d4BMpG23dbrvDy+u+VP7vGNvm+TrTgzwSN
-----END CERTIFICATE-----