This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/SkR9OA9_dcUyBRQNQpyR0J3fL7U.roa
File:                     SkR9OA9_dcUyBRQNQpyR0J3fL7U.roa (raw, json)
Hash identifier:          ZkaVuswuFGESnBKz9fl3MI+QLEQQbxe2PSzXDPH+HoU=
Subject key identifier:   4A:44:7D:38:0F:7F:75:C5:32:05:14:0D:42:9C:91:D0:9D:DF:2F:B5
Certificate issuer:       /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial:       019B79ED53267649A5A8E903A107E09C5C9C
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/SkR9OA9_dcUyBRQNQpyR0J3fL7U.roa
Signing time:             Thu 01 Jan 2026 14:19:15 +0000
ROA not before:           Thu 01 Jan 2026 14:19:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212570
IP address blocks:        2.58.217.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:53:26:76:49:a5:a8:e9:03:a1:07:e0:9c:5c:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
        Validity
            Not Before: Jan  1 14:19:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4a447d380f7f75c53205140d429c91d09ddf2fb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b6:c6:c2:e2:6f:06:d8:36:34:80:92:83:d9:
                    44:93:8c:66:b3:5e:18:9b:c4:c9:4b:0a:46:02:13:
                    b6:6d:74:ec:2c:07:24:22:01:58:05:06:d0:8d:4e:
                    e4:23:9d:db:68:06:e1:4b:5c:aa:66:66:62:ff:5d:
                    b5:fb:22:f9:b2:8d:fc:ed:37:fa:d7:2e:dd:75:bc:
                    ad:17:da:f5:82:b2:cb:20:64:58:00:52:c3:27:01:
                    46:ca:02:1c:1a:5e:f9:44:20:d1:11:33:77:e7:0e:
                    ac:db:da:ca:76:c7:07:19:8b:0b:c8:b8:58:78:d1:
                    c5:71:bf:5f:e7:9e:2b:22:40:01:e7:7e:29:5c:b7:
                    eb:9e:4f:4a:6d:f8:06:c4:dd:9f:cf:79:86:1a:68:
                    95:9a:1b:04:b7:ef:c3:6d:82:c0:e0:a5:c6:ef:f2:
                    17:3c:80:b3:9e:bf:ad:4c:bc:30:d1:25:28:c3:3e:
                    fe:35:6e:f9:c9:a1:de:c3:c3:9d:58:26:f2:4b:6e:
                    41:a7:ae:29:57:79:72:0a:be:55:a2:06:bf:31:4f:
                    75:76:dd:10:c2:7b:38:36:f1:b2:a6:96:f0:5e:db:
                    18:20:d5:17:6a:08:10:e7:66:7d:3e:8c:eb:04:b3:
                    81:57:1e:39:c6:58:10:7b:75:e5:5e:3e:e5:8a:3c:
                    48:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:44:7D:38:0F:7F:75:C5:32:05:14:0D:42:9C:91:D0:9D:DF:2F:B5
            X509v3 Authority Key Identifier:
                keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/SkR9OA9_dcUyBRQNQpyR0J3fL7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:3f:5d:3c:ae:c7:cc:2f:fd:df:bd:4e:ea:33:94:3b:88:44:
         85:83:2c:2b:6d:0c:82:4a:c4:4d:93:61:08:62:56:1a:ad:65:
         25:0e:11:3d:46:19:b3:ba:8b:45:c4:ee:7a:99:a1:24:d4:6a:
         3f:52:8b:c4:52:0e:10:00:d8:7b:46:98:d8:bd:a8:67:25:88:
         f1:69:5b:6f:c6:72:03:84:0b:8f:ed:5c:ea:b6:b0:3f:a0:26:
         32:c1:b6:be:d1:a4:38:79:c5:c1:d2:6b:71:66:37:bf:b4:b1:
         b4:90:18:d2:4b:5b:0b:56:ef:ea:b4:a8:61:cf:8d:de:4d:8e:
         57:d8:a2:ea:27:8b:86:e3:03:04:16:f3:71:ca:e0:e9:8b:ed:
         2d:23:f6:42:0c:b9:25:3a:5a:4f:15:b5:b4:c5:4e:53:69:8d:
         61:93:34:6d:9a:68:59:6e:29:c6:eb:81:47:6a:52:f7:e9:48:
         6b:02:47:a6:ef:f3:c7:6f:67:b0:5d:9d:78:46:3b:c5:be:46:
         7b:a8:e0:11:ea:d5:df:f5:93:a3:48:f3:43:07:b3:9d:35:40:
         24:c1:ea:00:d7:8e:92:07:23:39:e9:e5:e7:7d:8b:e8:72:35:
         cb:17:37:f9:09:19:d7:11:59:bb:1b:47:0f:22:9b:70:ae:74:
         e4:09:7e:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57VMmdkmlqOkDoQfgnFycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjYwMTAxMTQxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQ0N2QzODBmN2Y3NWM1MzIwNTE0MGQ0MjljOTFkMDlkZGYyZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLbGwuJvBtg2NICSg9lEk4xms14Y
m8TJSwpGAhO2bXTsLAckIgFYBQbQjU7kI53baAbhS1yqZmZi/121+yL5so387Tf6
1y7ddbytF9r1grLLIGRYAFLDJwFGygIcGl75RCDRETN35w6s29rKdscHGYsLyLhY
eNHFcb9f554rIkAB534pXLfrnk9KbfgGxN2fz3mGGmiVmhsEt+/DbYLA4KXG7/IX
PICznr+tTLww0SUowz7+NW75yaHew8OdWCbyS25Bp64pV3lyCr5Voga/MU91dt0Q
wns4NvGyppbwXtsYINUXaggQ52Z9PozrBLOBVx45xlgQe3XlXj7lijxIeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpEfTgPf3XFMgUUDUKckdCd3y+1MB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvU2tSOU9BOV9kY1V5QlJRTlFweVIwSjNmTDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrZMA0G
CSqGSIb3DQEBCwUAA4IBAQBcP108rsfML/3fvU7qM5Q7iESFgywrbQyCSsRNk2EI
YlYarWUlDhE9RhmzuotFxO56maEk1Go/UovEUg4QANh7RpjYvahnJYjxaVtvxnID
hAuP7VzqtrA/oCYywba+0aQ4ecXB0mtxZje/tLG0kBjSS1sLVu/qtKhhz43eTY5X
2KLqJ4uG4wMEFvNxyuDpi+0tI/ZCDLklOlpPFbW0xU5TaY1hkzRtmmhZbinG64FH
alL36UhrAkem7/PHb2ewXZ14RjvFvkZ7qOAR6tXf9ZOjSPNDB7OdNUAkweoA146S
ByM56eXnfYvocjXLFzf5CRnXEVm7G0cPIptwrnTkCX6M
-----END CERTIFICATE-----