This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/0gIiALe6pz1IQicIRlap9JpEjvk.roa
File:                     0gIiALe6pz1IQicIRlap9JpEjvk.roa (raw, json)
Hash identifier:          a8WIdauJpV7mniv+m0G3DWtScZS35ac1cb7lSAK0pD4=
Subject key identifier:   D2:02:22:00:B7:BA:A7:3D:48:42:27:08:46:56:A9:F4:9A:44:8E:F9
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       019B7834D4816DC502BDEB9AC50272C2AFE4
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/0gIiALe6pz1IQicIRlap9JpEjvk.roa
Signing time:             Thu 01 Jan 2026 06:18:06 +0000
ROA not before:           Thu 01 Jan 2026 06:18:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212498
IP address blocks:        83.97.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 Jan 2026 18:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:d4:81:6d:c5:02:bd:eb:9a:c5:02:72:c2:af:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Jan  1 06:18:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d2022200b7baa73d484227084656a9f49a448ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:80:dc:14:1a:7f:b4:77:30:ca:45:d5:1c:4b:
                    6d:68:c7:ff:30:61:47:b3:2b:54:c0:fd:16:47:d9:
                    13:70:2b:f6:30:4b:5d:f8:f8:40:e8:33:ae:ea:84:
                    6f:3e:4f:91:06:85:44:d1:ee:f5:be:99:88:6e:e6:
                    47:7b:55:41:87:b6:70:e4:da:cf:a7:6e:63:97:3b:
                    e5:28:45:7c:84:94:67:84:e3:74:fc:e4:f6:44:6d:
                    36:5f:91:fa:cd:8e:ed:e1:62:e0:53:17:f5:df:de:
                    0a:c1:42:da:8a:67:f6:b0:ae:4e:6a:96:4c:c0:a5:
                    d6:81:21:70:14:ae:89:8b:0f:31:cd:fe:0f:46:8e:
                    49:bb:9b:b8:47:40:a5:87:67:09:d1:86:d5:8a:1f:
                    83:97:ad:98:cb:4f:e3:df:f3:df:e6:31:e4:99:35:
                    96:51:51:2f:3e:8b:b5:f5:48:66:fc:bf:df:e6:6c:
                    62:d9:f1:d6:5d:a5:3e:7d:1a:42:2e:01:92:88:a3:
                    50:25:ec:09:e3:52:16:9c:49:2b:1b:b0:ec:5c:5d:
                    fd:6c:e6:9b:e7:8e:a5:84:84:81:44:80:de:6f:63:
                    ad:86:69:50:00:28:d5:92:b6:6d:08:f4:db:38:86:
                    36:75:3b:20:dc:b2:11:23:ec:1a:50:f4:c0:6d:9b:
                    ba:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:02:22:00:B7:BA:A7:3D:48:42:27:08:46:56:A9:F4:9A:44:8E:F9
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/0gIiALe6pz1IQicIRlap9JpEjvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:86:34:9c:cf:df:d2:cf:b3:59:62:13:96:e7:9c:ca:59:d3:
         f1:21:4d:8d:a8:0a:78:3a:f7:91:73:e2:15:83:1b:d5:14:18:
         1a:58:13:6d:2a:cc:ae:6e:3b:81:31:af:cf:34:9d:98:a3:50:
         3f:01:e6:7e:b1:ae:88:d0:b5:37:3d:ec:e8:50:96:99:59:c0:
         cd:a1:b0:ea:84:e3:5f:a1:01:6d:30:7d:c9:89:61:fa:47:c0:
         5c:6f:4a:1a:30:61:1b:b6:35:cd:92:ff:22:13:c0:35:e7:62:
         1b:d7:fa:a1:27:e1:54:7a:77:3d:37:b1:a8:46:04:0f:d2:e6:
         1b:5f:1c:e9:9f:e3:c7:0b:ee:f4:74:ec:85:9c:71:c9:3a:12:
         89:94:56:38:2f:4f:1d:e0:e7:d1:2b:65:57:af:96:cc:94:98:
         ac:ea:e8:84:03:5b:9b:ee:da:60:6c:e0:cf:7d:94:3a:ed:1d:
         5c:13:13:af:df:c3:b2:86:2c:f0:8c:48:ca:ae:d3:19:cc:20:
         c4:16:c0:35:85:53:01:65:f3:f2:33:ed:f5:9e:b7:1b:cb:86:
         34:3a:96:ca:45:53:67:9d:af:1f:ac:ce:82:23:72:9b:d2:36:
         af:10:52:80:c2:a7:a9:7d:74:f4:ec:f5:ca:36:b4:26:c5:1c:
         0e:82:26:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NNSBbcUCveuaxQJywq/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjYwMTAxMDYxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjAyMjIwMGI3YmFhNzNkNDg0MjI3MDg0NjU2YTlmNDlhNDQ4ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/IDcFBp/tHcwykXVHEttaMf/MGFH
sytUwP0WR9kTcCv2MEtd+PhA6DOu6oRvPk+RBoVE0e71vpmIbuZHe1VBh7Zw5NrP
p25jlzvlKEV8hJRnhON0/OT2RG02X5H6zY7t4WLgUxf1394KwULaimf2sK5OapZM
wKXWgSFwFK6Jiw8xzf4PRo5Ju5u4R0Clh2cJ0YbVih+Dl62Yy0/j3/Pf5jHkmTWW
UVEvPou19Uhm/L/f5mxi2fHWXaU+fRpCLgGSiKNQJewJ41IWnEkrG7DsXF39bOab
546lhISBRIDeb2OthmlQACjVkrZtCPTbOIY2dTsg3LIRI+waUPTAbZu6awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNICIgC3uqc9SEInCEZWqfSaRI75MB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvMGdJaUFMZTZwejFJUWljSVJsYXA5SnBFanZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU2ElMA0G
CSqGSIb3DQEBCwUAA4IBAQB3hjScz9/Sz7NZYhOW55zKWdPxIU2NqAp4OveRc+IV
gxvVFBgaWBNtKsyubjuBMa/PNJ2Yo1A/AeZ+sa6I0LU3PezoUJaZWcDNobDqhONf
oQFtMH3JiWH6R8Bcb0oaMGEbtjXNkv8iE8A152Ib1/qhJ+FUenc9N7GoRgQP0uYb
Xxzpn+PHC+70dOyFnHHJOhKJlFY4L08d4OfRK2VXr5bMlJis6uiEA1ub7tpgbODP
fZQ67R1cExOv38OyhizwjEjKrtMZzCDEFsA1hVMBZfPyM+31nrcby4Y0OpbKRVNn
na8frM6CI3Kb0javEFKAwqepfXT07PXKNrQmxRwOgiaa
-----END CERTIFICATE-----