This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/uMgy9mSN4M6Tkk_b5KpTL6EISmU.roa
File:                     uMgy9mSN4M6Tkk_b5KpTL6EISmU.roa (raw, json)
Hash identifier:          iwm1H/C5w6/e24iulhDBPTWg/eHtZ2JKGfTV0V4+BsQ=
Subject key identifier:   B8:C8:32:F6:64:8D:E0:CE:93:92:4F:DB:E4:AA:53:2F:A1:08:4A:65
Certificate issuer:       /CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Certificate serial:       019B775933EB66D5D18A77FC7293BE1D5FBC
Authority key identifier: 15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/uMgy9mSN4M6Tkk_b5KpTL6EISmU.roa
Signing time:             Thu 01 Jan 2026 02:18:13 +0000
ROA not before:           Thu 01 Jan 2026 02:18:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208203
IP address blocks:        72.251.252.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 05:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:33:eb:66:d5:d1:8a:77:fc:72:93:be:1d:5f:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
        Validity
            Not Before: Jan  1 02:18:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b8c832f6648de0ce93924fdbe4aa532fa1084a65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:68:c8:77:4a:8c:59:a9:e1:68:59:b6:db:b4:
                    f0:c3:fd:ff:b5:5a:7b:02:a2:a0:46:a7:58:c1:7d:
                    dd:20:44:f0:8c:a7:57:28:02:af:45:59:9e:dc:b3:
                    46:49:95:0b:38:03:ca:0e:58:c1:33:47:6c:ad:6d:
                    08:85:d7:34:f2:01:3d:5e:f6:19:1b:81:03:63:6a:
                    18:75:a7:1b:0f:41:a8:2a:23:2f:9d:70:ff:2d:f2:
                    45:8d:a3:fd:ee:c1:1e:21:3f:3a:8c:79:f1:da:11:
                    b2:52:4a:f1:46:3d:a8:fa:b1:51:f2:f5:87:74:cb:
                    a3:fa:3b:14:eb:46:30:0b:ed:69:56:41:b8:a6:d8:
                    61:67:fa:9a:ae:65:1b:bc:44:72:81:02:ec:c5:3b:
                    c1:4f:d3:7f:ee:f7:49:7d:c5:c6:70:3e:ee:9d:bb:
                    d9:64:18:b3:0a:d7:a0:26:91:0c:1f:c8:83:d7:d1:
                    51:ee:df:06:13:a0:b7:d3:d9:e3:ea:0a:2e:0d:60:
                    d1:e8:9f:02:73:1d:d3:e8:ec:a7:46:1a:1b:d1:ca:
                    02:8a:9f:a7:19:6d:58:60:b7:39:66:9b:09:ed:d8:
                    57:97:b3:f9:66:d3:7a:4f:8f:83:fb:c8:69:ba:c4:
                    a0:43:e8:b3:33:5d:ab:63:65:34:32:64:ab:14:c1:
                    81:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:C8:32:F6:64:8D:E0:CE:93:92:4F:DB:E4:AA:53:2F:A1:08:4A:65
            X509v3 Authority Key Identifier:
                keyid:15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/uMgy9mSN4M6Tkk_b5KpTL6EISmU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.251.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:cd:97:c5:07:1e:a9:69:15:b5:7d:65:9a:21:ff:3d:23:d4:
         18:5f:c6:b7:0a:92:75:f2:db:80:6e:85:af:cf:52:bd:08:6a:
         a7:a9:19:25:5e:dc:e6:bd:68:45:eb:ee:52:a8:71:9c:f3:0c:
         b3:99:f5:29:75:b3:b4:a1:26:69:de:2b:6b:6b:9a:cd:d8:81:
         9c:d9:66:eb:47:91:8f:60:c3:30:3c:87:06:57:65:7b:ce:ea:
         bc:82:4d:97:9d:df:d7:9c:7e:55:fa:04:11:7d:85:00:b9:d4:
         21:6f:b6:7b:fc:9c:ba:60:43:cb:a5:59:cd:9d:ae:58:5c:26:
         34:c0:d9:ee:f2:6c:87:c7:6f:a3:78:7c:54:e6:92:61:07:49:
         e9:c5:1b:7f:71:41:b5:02:4c:96:41:23:e2:40:67:9b:c2:aa:
         9b:dd:fa:dd:f3:91:13:57:4f:61:66:a8:76:b5:c5:ea:e4:a4:
         e5:26:c6:35:1b:8d:72:82:26:cd:65:02:91:6c:b4:c7:3b:c5:
         a6:76:48:4a:5b:bb:41:9e:e1:e2:dc:c7:71:5d:e5:77:d3:78:
         0a:c9:aa:e9:5f:4f:de:eb:e4:95:d0:c4:9b:04:3d:ac:3a:73:
         ba:2a:47:df:30:47:37:1d:28:f0:2d:e4:66:c9:c4:8a:9d:35:
         e8:b1:18:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WTPrZtXRinf8cpO+HV+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Zjg4OWZlZDAwODVmYzIxYjA4ZmNiYmIyNTJjMzEwNmRm
OTlhYTgwHhcNMjYwMTAxMDIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM4MzJmNjY0OGRlMGNlOTM5MjRmZGJlNGFhNTMyZmExMDg0YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGjId0qMWanhaFm227Tww/3/tVp7
AqKgRqdYwX3dIETwjKdXKAKvRVme3LNGSZULOAPKDljBM0dsrW0Ihdc08gE9XvYZ
G4EDY2oYdacbD0GoKiMvnXD/LfJFjaP97sEeIT86jHnx2hGyUkrxRj2o+rFR8vWH
dMuj+jsU60YwC+1pVkG4pthhZ/qarmUbvERygQLsxTvBT9N/7vdJfcXGcD7unbvZ
ZBizCtegJpEMH8iD19FR7t8GE6C309nj6gouDWDR6J8Ccx3T6OynRhob0coCip+n
GW1YYLc5ZpsJ7dhXl7P5ZtN6T4+D+8hpusSgQ+izM12rY2U0MmSrFMGBewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjIMvZkjeDOk5JP2+SqUy+hCEplMB8GA1UdIwQY
MBaAFBX4if7QCF/CGwj8u7JSwxBt+ZqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYt
MWUzYTE5NTQ3OGUwLzEvdU1neTltU040TTZUa2tfYjVLcFRMNkVJU21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYtMWUzYTE5NTQ3OGUw
LzEvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCSPv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAKzZfFBx6paRW1fWWaIf89I9QYX8a3CpJ18tuAboWv
z1K9CGqnqRklXtzmvWhF6+5SqHGc8wyzmfUpdbO0oSZp3itra5rN2IGc2WbrR5GP
YMMwPIcGV2V7zuq8gk2Xnd/XnH5V+gQRfYUAudQhb7Z7/Jy6YEPLpVnNna5YXCY0
wNnu8myHx2+jeHxU5pJhB0npxRt/cUG1AkyWQSPiQGebwqqb3frd85ETV09hZqh2
tcXq5KTlJsY1G41ygibNZQKRbLTHO8WmdkhKW7tBnuHi3MdxXeV303gKyarpX0/e
6+SV0MSbBD2sOnO6KkffMEc3HSjwLeRmycSKnTXosRgK
-----END CERTIFICATE-----