This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/USwT2SeaguMlyEEPFKrGUCTjicc.roa
File:                     USwT2SeaguMlyEEPFKrGUCTjicc.roa (raw, json)
Hash identifier:          fLXx8GADpNCNj3rL26EzgEHCDr9VafNfGAWI6je4Vrw=
Subject key identifier:   51:2C:13:D9:27:9A:82:E3:25:C8:41:0F:14:AA:C6:50:24:E3:89:C7
Certificate issuer:       /CN=966015578c948f31bf74a1e1fffd7fa3e3460206
Certificate serial:       019B79ED2849B3BC304E7CB9482E9B40179A
Authority key identifier: 96:60:15:57:8C:94:8F:31:BF:74:A1:E1:FF:FD:7F:A3:E3:46:02:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lmAVV4yUjzG_dKHh__1_o-NGAgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/USwT2SeaguMlyEEPFKrGUCTjicc.roa
Signing time:             Thu 01 Jan 2026 14:19:03 +0000
ROA not before:           Thu 01 Jan 2026 14:19:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44909
IP address blocks:        195.66.124.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/lmAVV4yUjzG_dKHh__1_o-NGAgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/lmAVV4yUjzG_dKHh__1_o-NGAgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lmAVV4yUjzG_dKHh__1_o-NGAgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 17:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:28:49:b3:bc:30:4e:7c:b9:48:2e:9b:40:17:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966015578c948f31bf74a1e1fffd7fa3e3460206
        Validity
            Not Before: Jan  1 14:19:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=512c13d9279a82e325c8410f14aac65024e389c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:10:77:8e:57:9f:b0:b4:3a:01:66:0d:c1:f6:
                    a6:da:ae:99:24:26:fd:f1:15:82:77:9b:5d:6d:1d:
                    52:fb:b2:bd:fa:18:7b:7e:3c:6c:84:10:30:ea:86:
                    c7:a7:98:2e:d5:3a:5d:93:9f:d6:d1:ba:99:0a:60:
                    64:63:08:c8:f8:12:eb:7d:d8:81:a8:4b:77:9b:6b:
                    6b:75:96:bc:43:27:7d:b5:b5:ea:1c:8a:b6:15:a3:
                    00:36:e5:13:06:4c:e0:7b:de:84:4a:9e:cd:66:81:
                    bd:da:ab:b5:b9:5f:4b:02:7b:10:b7:33:f2:b5:8f:
                    e9:55:3e:42:ed:80:1b:0a:2e:03:c6:1a:fd:25:70:
                    5d:1d:8a:1d:a9:4a:d8:7d:b0:0a:10:bd:62:71:65:
                    ef:a6:59:56:83:63:24:0c:7c:f5:db:f0:97:49:b5:
                    19:ee:d1:ca:c2:98:99:05:17:29:05:a1:f0:76:fc:
                    55:5b:56:5d:86:e4:82:a4:15:3b:02:d5:70:0f:00:
                    38:70:b7:b5:ab:b2:99:bc:85:3e:33:c3:b4:d6:1d:
                    de:8b:62:fd:9e:78:54:eb:6c:4e:9b:5c:f1:b3:e3:
                    ea:f6:8a:2c:7b:34:72:0a:8f:4e:a0:6f:5a:7d:ed:
                    cf:43:19:5e:e7:e5:41:72:eb:bf:27:cd:40:d7:bb:
                    12:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:2C:13:D9:27:9A:82:E3:25:C8:41:0F:14:AA:C6:50:24:E3:89:C7
            X509v3 Authority Key Identifier:
                keyid:96:60:15:57:8C:94:8F:31:BF:74:A1:E1:FF:FD:7F:A3:E3:46:02:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmAVV4yUjzG_dKHh__1_o-NGAgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/USwT2SeaguMlyEEPFKrGUCTjicc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b50110-02b0-4235-984f-2d80cb25579a/1/lmAVV4yUjzG_dKHh__1_o-NGAgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.66.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:0e:2e:4c:79:60:b3:3d:91:15:e8:00:28:6b:25:47:f0:01:
         4d:28:6a:e6:90:12:2c:25:d8:99:4f:ab:5c:ac:7c:49:85:ad:
         ef:e7:1e:09:1c:12:f7:08:23:82:33:8e:7b:c1:64:23:44:f0:
         47:e2:e9:41:3f:f1:14:f3:40:fc:83:57:ee:4a:0f:32:7d:0f:
         8b:09:a0:36:d4:a1:ce:3d:75:9f:eb:a2:9c:76:30:27:e3:f6:
         0c:ef:9e:34:fe:32:fc:7d:d1:96:12:48:ec:c0:57:7a:5b:b7:
         f5:54:b8:57:5d:f7:a7:7f:ae:f1:cf:31:ae:d3:4c:f7:bc:c6:
         fa:b0:2c:67:47:62:a7:99:2d:82:30:e5:e2:dc:a1:93:4c:6a:
         84:10:5c:74:32:17:9f:42:7e:bc:31:30:46:3a:b2:ae:36:40:
         44:db:af:fa:8a:c1:9d:b8:b2:2a:dd:7d:61:6b:58:ab:00:f4:
         3b:be:4c:26:c1:de:23:7e:c0:62:ee:c2:00:ed:79:c7:52:61:
         ef:7a:82:a4:a2:14:f9:14:c1:14:d8:d1:dc:2a:6f:48:09:a2:
         aa:eb:7c:0d:7f:ab:84:30:ae:67:a1:2f:dc:c7:b0:50:30:3f:
         38:7e:4c:e8:1c:15:85:a0:d5:9b:25:f4:d3:75:dd:e2:0f:33:
         90:f4:6a:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57ShJs7wwTny5SC6bQBeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NjAxNTU3OGM5NDhmMzFiZjc0YTFlMWZmZmQ3ZmEzZTM0
NjAyMDYwHhcNMjYwMTAxMTQxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJjMTNkOTI3OWE4MmUzMjVjODQxMGYxNGFhYzY1MDI0ZTM4OWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRB3jlefsLQ6AWYNwfam2q6ZJCb9
8RWCd5tdbR1S+7K9+hh7fjxshBAw6obHp5gu1Tpdk5/W0bqZCmBkYwjI+BLrfdiB
qEt3m2trdZa8Qyd9tbXqHIq2FaMANuUTBkzge96ESp7NZoG92qu1uV9LAnsQtzPy
tY/pVT5C7YAbCi4Dxhr9JXBdHYodqUrYfbAKEL1icWXvpllWg2MkDHz12/CXSbUZ
7tHKwpiZBRcpBaHwdvxVW1ZdhuSCpBU7AtVwDwA4cLe1q7KZvIU+M8O01h3ei2L9
nnhU62xOm1zxs+Pq9oosezRyCo9OoG9afe3PQxle5+VBcuu/J81A17sSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEsE9knmoLjJchBDxSqxlAk44nHMB8GA1UdIwQY
MBaAFJZgFVeMlI8xv3Sh4f/9f6PjRgIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1BVlY0eVVqekdfZEtIaF9fMV9vLU5HQWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iNTAxMTAtMDJiMC00MjM1LTk4NGYt
MmQ4MGNiMjU1NzlhLzEvVVN3VDJTZWFndU1seUVFUEZLckdVQ1RqaWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iNTAxMTAtMDJiMC00MjM1LTk4NGYtMmQ4MGNiMjU1Nzlh
LzEvbG1BVlY0eVVqekdfZEtIaF9fMV9vLU5HQWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0J8MA0G
CSqGSIb3DQEBCwUAA4IBAQCIDi5MeWCzPZEV6AAoayVH8AFNKGrmkBIsJdiZT6tc
rHxJha3v5x4JHBL3CCOCM457wWQjRPBH4ulBP/EU80D8g1fuSg8yfQ+LCaA21KHO
PXWf66KcdjAn4/YM7540/jL8fdGWEkjswFd6W7f1VLhXXfenf67xzzGu00z3vMb6
sCxnR2KnmS2CMOXi3KGTTGqEEFx0MhefQn68MTBGOrKuNkBE26/6isGduLIq3X1h
a1irAPQ7vkwmwd4jfsBi7sIA7XnHUmHveoKkohT5FMEU2NHcKm9ICaKq63wNf6uE
MK5noS/cx7BQMD84fkzoHBWFoNWbJfTTdd3iDzOQ9Gql
-----END CERTIFICATE-----