This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/dTkV4lIVV3LdS-QtyVd2kESmNcE.roa
File:                     dTkV4lIVV3LdS-QtyVd2kESmNcE.roa (raw, json)
Hash identifier:          OZe4+m0/tBIpier8+gZxd1IxLVhJsfg1e6HAKFROo4c=
Subject key identifier:   75:39:15:E2:52:15:57:72:DD:4B:E4:2D:C9:57:76:90:44:A6:35:C1
Certificate issuer:       /CN=86f4129af869f6f5c85a7388808aad0ac0ba9c4f
Certificate serial:       019B77C66FCC72B7C1B8D0736E4BDCD57A11
Authority key identifier: 86:F4:12:9A:F8:69:F6:F5:C8:5A:73:88:80:8A:AD:0A:C0:BA:9C:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvQSmvhp9vXIWnOIgIqtCsC6nE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/dTkV4lIVV3LdS-QtyVd2kESmNcE.roa
Signing time:             Thu 01 Jan 2026 04:17:32 +0000
ROA not before:           Thu 01 Jan 2026 04:17:32 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     396982
IP address blocks:        195.10.199.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/hvQSmvhp9vXIWnOIgIqtCsC6nE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/hvQSmvhp9vXIWnOIgIqtCsC6nE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hvQSmvhp9vXIWnOIgIqtCsC6nE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 Jan 2026 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:6f:cc:72:b7:c1:b8:d0:73:6e:4b:dc:d5:7a:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f4129af869f6f5c85a7388808aad0ac0ba9c4f
        Validity
            Not Before: Jan  1 04:17:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=753915e252155772dd4be42dc957769044a635c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:78:80:22:8e:db:5c:67:df:9c:0e:d3:3d:52:
                    52:9f:ea:67:6e:1c:bc:f3:29:e2:ae:8b:84:a4:b2:
                    e8:66:52:44:1c:26:4b:67:14:4d:a9:50:e9:52:34:
                    19:df:d0:d2:51:18:f2:fa:64:ba:3c:9f:11:21:64:
                    13:de:ee:40:53:4c:b9:c9:d9:11:aa:d3:f8:8e:ca:
                    b2:3f:4b:bf:06:57:4c:2c:59:09:67:cb:6a:56:6c:
                    b1:c6:84:b7:63:46:30:1b:b0:7f:a2:3c:01:11:01:
                    ce:72:10:20:1b:3b:48:61:84:8c:f9:b9:e1:cb:8d:
                    fb:c4:40:f1:b7:6e:63:f9:f6:20:02:d9:52:d7:c3:
                    c8:7e:ae:00:38:03:c3:72:8c:70:5f:c0:03:50:5b:
                    a8:1b:be:f7:35:7f:52:6d:56:03:b1:c2:b7:6d:d9:
                    5f:e8:4a:d5:65:f0:09:64:cc:73:3e:3b:61:52:d0:
                    7a:e6:71:74:75:c8:67:43:e9:ee:00:3a:28:f5:5f:
                    cc:a1:55:69:0b:29:f9:f1:1e:9c:13:98:74:7c:ca:
                    1c:07:27:63:f5:04:d8:3e:01:50:b6:00:8b:3a:94:
                    ea:2b:7a:ee:7a:5f:77:7c:98:51:6f:3b:f0:f4:20:
                    40:61:b8:e9:9b:90:49:87:96:b0:41:b6:19:35:70:
                    7e:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:39:15:E2:52:15:57:72:DD:4B:E4:2D:C9:57:76:90:44:A6:35:C1
            X509v3 Authority Key Identifier:
                keyid:86:F4:12:9A:F8:69:F6:F5:C8:5A:73:88:80:8A:AD:0A:C0:BA:9C:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvQSmvhp9vXIWnOIgIqtCsC6nE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/dTkV4lIVV3LdS-QtyVd2kESmNcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/hvQSmvhp9vXIWnOIgIqtCsC6nE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:08:0e:44:87:84:fa:be:e0:28:9a:7d:f9:1c:1b:e7:7f:60:
         8e:d7:ee:fa:7e:b9:7f:9e:05:62:d3:dc:4d:a9:72:57:fa:3e:
         92:d4:1a:be:c8:75:35:1d:35:bf:25:5c:db:47:46:c3:48:1e:
         86:e0:02:08:c5:25:a0:f7:43:00:dc:33:e7:12:84:52:17:57:
         e2:5b:9d:6b:4f:63:98:9b:a4:d2:1a:d5:35:ba:49:8d:5f:be:
         34:05:ff:c3:63:b5:a6:fd:70:d0:a2:6e:7b:a8:50:a8:0c:a2:
         1a:c5:ab:31:ef:67:5b:c0:d2:20:57:4e:8b:58:ab:49:db:98:
         23:b0:8f:f6:b5:59:39:1e:c7:86:c6:a9:64:bc:3d:74:ce:db:
         54:3d:db:65:de:57:a6:d1:2c:5e:24:d4:ec:81:63:04:78:b2:
         d8:e3:fa:ac:2c:70:61:ea:4b:cd:35:89:0d:43:db:a3:96:67:
         8b:c6:00:c4:b3:b7:1e:be:1d:50:44:13:d7:1f:5f:5d:a6:21:
         fa:14:27:7b:a7:19:da:57:40:a2:23:ab:20:53:aa:e6:d9:16:
         4a:20:21:40:8c:03:e9:29:03:03:22:3e:e8:f8:fd:a1:6b:91:
         b0:77:12:0a:20:50:14:96:ec:a6:c0:cb:ef:d0:6b:6c:19:12:
         81:42:a7:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xm/McrfBuNBzbkvc1XoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjQxMjlhZjg2OWY2ZjVjODVhNzM4ODgwOGFhZDBhYzBi
YTljNGYwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM5MTVlMjUyMTU1NzcyZGQ0YmU0MmRjOTU3NzY5MDQ0YTYzNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XiAIo7bXGffnA7TPVJSn+pnbhy8
8ynirouEpLLoZlJEHCZLZxRNqVDpUjQZ39DSURjy+mS6PJ8RIWQT3u5AU0y5ydkR
qtP4jsqyP0u/BldMLFkJZ8tqVmyxxoS3Y0YwG7B/ojwBEQHOchAgGztIYYSM+bnh
y437xEDxt25j+fYgAtlS18PIfq4AOAPDcoxwX8ADUFuoG773NX9SbVYDscK3bdlf
6ErVZfAJZMxzPjthUtB65nF0dchnQ+nuADoo9V/MoVVpCyn58R6cE5h0fMocBydj
9QTYPgFQtgCLOpTqK3ruel93fJhRbzvw9CBAYbjpm5BJh5awQbYZNXB+5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHU5FeJSFVdy3UvkLclXdpBEpjXBMB8GA1UdIwQY
MBaAFIb0Epr4afb1yFpziICKrQrAupxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZRU212aHA5dlhJV25PSWdJcXRDc0M2bkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTkxZWMtY2U4Zi00NTc2LWE5NDAt
Y2M1MDEwN2VhMTQ2LzEvZFRrVjRsSVZWM0xkUy1RdHlWZDJrRVNtTmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTkxZWMtY2U4Zi00NTc2LWE5NDAtY2M1MDEwN2VhMTQ2
LzEvaHZRU212aHA5dlhJV25PSWdJcXRDc0M2bkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrHMA0G
CSqGSIb3DQEBCwUAA4IBAQAHCA5Eh4T6vuAomn35HBvnf2CO1+76frl/ngVi09xN
qXJX+j6S1Bq+yHU1HTW/JVzbR0bDSB6G4AIIxSWg90MA3DPnEoRSF1fiW51rT2OY
m6TSGtU1ukmNX740Bf/DY7Wm/XDQom57qFCoDKIaxasx72dbwNIgV06LWKtJ25gj
sI/2tVk5HseGxqlkvD10zttUPdtl3lem0SxeJNTsgWMEeLLY4/qsLHBh6kvNNYkN
Q9ujlmeLxgDEs7cevh1QRBPXH19dpiH6FCd7pxnaV0CiI6sgU6rm2RZKICFAjAPp
KQMDIj7o+P2ha5GwdxIKIFAUluymwMvv0GtsGRKBQqeR
-----END CERTIFICATE-----