This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Ug9ynSBXJvbacZUCymyFegFwsdc.roa
File:                     Ug9ynSBXJvbacZUCymyFegFwsdc.roa (raw, json)
Hash identifier:          gneEDKy7z65cw82gMUszrjpGrKuBIM6nLytArcluJiI=
Subject key identifier:   52:0F:72:9D:20:57:26:F6:DA:71:95:02:CA:6C:85:7A:01:70:B1:D7
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       019BDAE7879845BC33B2B80E42CFC6AC34F1
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Ug9ynSBXJvbacZUCymyFegFwsdc.roa
Signing time:             Tue 20 Jan 2026 10:16:05 +0000
ROA not before:           Tue 20 Jan 2026 10:16:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206092
IP address blocks:        109.205.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:da:e7:87:98:45:bc:33:b2:b8:0e:42:cf:c6:ac:34:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jan 20 10:16:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=520f729d205726f6da719502ca6c857a0170b1d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:7d:b2:e2:b9:d8:f0:94:b3:bd:40:15:f3:
                    ff:43:44:c2:53:8d:9a:5e:f9:39:77:b7:d4:27:26:
                    58:ae:a1:d5:bf:dd:4c:1b:d4:38:d2:3a:ac:ef:8b:
                    f9:1c:ed:4b:c9:39:64:d4:3a:b2:d8:c5:2b:1b:1a:
                    d1:d9:98:88:10:cd:06:d2:84:40:c0:02:95:4c:7c:
                    24:bd:3a:4b:9c:71:c4:7d:dc:6e:54:f4:46:3b:cb:
                    6d:93:6e:e2:9c:ca:b4:db:40:ff:1b:8c:d7:89:a5:
                    50:4e:60:72:26:3c:ff:61:8e:3f:8f:19:fa:7a:6a:
                    46:72:ba:4e:a6:31:c0:e0:40:df:a9:79:ce:fc:69:
                    49:51:dd:ec:98:a3:5f:98:7f:86:57:7c:77:27:b3:
                    ba:7b:18:d1:4b:22:44:0e:a4:df:33:a1:56:43:f9:
                    3d:b8:86:ee:3b:f2:66:36:6c:03:17:85:34:20:a3:
                    59:06:59:4d:d4:e1:5c:67:50:f7:e3:21:1b:d9:53:
                    bc:22:ae:ea:e7:8b:c8:1c:82:f4:07:db:6b:0c:00:
                    27:79:f4:58:2e:0e:df:85:a1:34:32:3f:82:06:05:
                    70:7e:33:7c:d6:db:25:46:d8:e6:1a:56:5d:5d:70:
                    5f:e5:c4:28:4a:f6:7b:1b:8f:a0:9c:ca:6a:4d:9c:
                    39:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:0F:72:9D:20:57:26:F6:DA:71:95:02:CA:6C:85:7A:01:70:B1:D7
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Ug9ynSBXJvbacZUCymyFegFwsdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.205.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:c6:08:dc:7e:21:49:2f:ba:d1:1f:e0:3b:45:d9:f9:8d:d4:
         ff:98:ec:0c:0d:23:c8:e2:61:b1:0c:a9:37:36:29:40:65:78:
         0b:f6:7a:2a:37:f7:53:da:97:32:bb:10:97:be:cd:6b:48:94:
         e2:41:a6:d9:60:56:c9:6e:78:7f:fc:0f:ee:72:23:59:59:cc:
         8e:27:e6:1a:04:99:8b:0e:62:42:cb:e6:71:8c:7b:28:92:a1:
         e5:29:2e:2c:9f:cf:07:cd:3c:ec:56:cd:f4:4a:0b:1f:c0:95:
         9a:8a:fa:eb:0a:37:9c:fd:77:95:61:d4:f2:3b:23:9d:29:d3:
         dc:1b:c9:81:7b:f4:52:c2:07:4b:83:19:22:f5:48:6c:5d:bb:
         4c:38:28:6d:78:81:21:46:90:f4:8b:0e:c4:d8:5d:d0:56:68:
         17:ae:7f:58:35:2a:cd:3e:38:b2:d3:32:91:75:a1:30:04:49:
         18:b0:3f:09:51:c6:93:ba:40:b7:b5:93:f4:b0:77:1a:1b:fb:
         71:50:5b:ae:b7:eb:5b:e7:76:64:18:eb:b0:04:99:b0:ec:99:
         41:38:43:8b:35:8d:37:33:01:1e:42:47:03:5e:ba:6d:01:29:
         4a:38:87:3c:23:42:07:d6:5b:f0:0a:05:ac:9a:ff:97:7e:21:
         cd:80:8a:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZva54eYRbwzsrgOQs/GrDTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjYwMTIwMTAxNjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBmNzI5ZDIwNTcyNmY2ZGE3MTk1MDJjYTZjODU3YTAxNzBiMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiB9suK52PCUs71AFfP/Q0TCU42a
Xvk5d7fUJyZYrqHVv91MG9Q40jqs74v5HO1LyTlk1Dqy2MUrGxrR2ZiIEM0G0oRA
wAKVTHwkvTpLnHHEfdxuVPRGO8ttk27inMq020D/G4zXiaVQTmByJjz/YY4/jxn6
empGcrpOpjHA4EDfqXnO/GlJUd3smKNfmH+GV3x3J7O6exjRSyJEDqTfM6FWQ/k9
uIbuO/JmNmwDF4U0IKNZBllN1OFcZ1D34yEb2VO8Iq7q54vIHIL0B9trDAAnefRY
Lg7fhaE0Mj+CBgVwfjN81tslRtjmGlZdXXBf5cQoSvZ7G4+gnMpqTZw5oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIPcp0gVyb22nGVAspshXoBcLHXMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvVWc5eW5TQlhKdmJhY1pVQ3lteUZlZ0Z3c2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc2+MA0G
CSqGSIb3DQEBCwUAA4IBAQBfxgjcfiFJL7rRH+A7Rdn5jdT/mOwMDSPI4mGxDKk3
NilAZXgL9noqN/dT2pcyuxCXvs1rSJTiQabZYFbJbnh//A/uciNZWcyOJ+YaBJmL
DmJCy+ZxjHsokqHlKS4sn88HzTzsVs30SgsfwJWaivrrCjec/XeVYdTyOyOdKdPc
G8mBe/RSwgdLgxki9UhsXbtMOChteIEhRpD0iw7E2F3QVmgXrn9YNSrNPjiy0zKR
daEwBEkYsD8JUcaTukC3tZP0sHcaG/txUFuut+tb53ZkGOuwBJmw7JlBOEOLNY03
MwEeQkcDXrptASlKOIc8I0IH1lvwCgWsmv+XfiHNgIqE
-----END CERTIFICATE-----