This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/kT2WLss-xy9pF9s9GarSzQrBM-Q.roa
File:                     kT2WLss-xy9pF9s9GarSzQrBM-Q.roa (raw, json)
Hash identifier:          hYz5jWo4oKQmaTX9l+ApaBrMbMbO4PX2dWQbOQeh4ts=
Subject key identifier:   91:3D:96:2E:CB:3E:C7:2F:69:17:DB:3D:19:AA:D2:CD:0A:C1:33:E4
Certificate issuer:       /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial:       019B29477DCCAC8BBD20E14395A9CC9AA85E
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/kT2WLss-xy9pF9s9GarSzQrBM-Q.roa
Signing time:             Tue 16 Dec 2025 22:28:29 +0000
ROA not before:           Tue 16 Dec 2025 22:28:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     47600
IP address blocks:        185.45.150.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Dec 2025 10:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:29:47:7d:cc:ac:8b:bd:20:e1:43:95:a9:cc:9a:a8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
        Validity
            Not Before: Dec 16 22:28:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=913d962ecb3ec72f6917db3d19aad2cd0ac133e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:12:7f:89:f2:18:e7:1f:cc:38:03:25:40:c5:
                    ec:78:5f:69:0b:c5:c0:03:43:92:51:f2:81:21:a4:
                    6b:03:60:e3:d9:94:c5:5b:a0:ef:ac:b1:6e:6c:3f:
                    26:1f:f6:d6:6a:b4:f1:a7:14:79:f8:1a:bc:53:1a:
                    8e:f5:99:9e:e2:80:2a:b4:c4:c9:4e:d2:8c:5a:e0:
                    83:71:08:2d:c3:9c:a4:3e:60:dc:72:f0:fd:ae:36:
                    66:81:bc:5b:5d:1c:14:3c:d4:46:f5:f3:61:b6:93:
                    cc:b8:12:20:b8:65:c6:46:ff:22:a4:66:4e:88:78:
                    ca:64:50:71:73:c8:ec:ac:3b:b9:63:0d:5c:d3:98:
                    6e:5e:d7:af:81:9b:7c:96:8f:52:df:7c:2f:12:e4:
                    a0:71:8f:6e:c1:f0:72:ca:18:f4:3c:3c:59:99:87:
                    c0:a2:1b:6e:f4:1c:23:8c:c9:49:c7:22:a9:2a:50:
                    2f:54:52:be:a3:18:51:1d:6c:d2:7c:a8:be:12:e0:
                    e2:27:ae:1f:96:16:d0:42:c0:ce:2c:96:ad:12:69:
                    16:3e:ba:9c:54:db:11:5c:26:1a:ef:c0:49:71:c3:
                    23:1b:0f:09:c6:09:7b:ab:45:0a:72:fe:75:d7:25:
                    a5:bb:09:1d:eb:a2:81:43:ce:a6:aa:f6:37:cd:d7:
                    ac:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:3D:96:2E:CB:3E:C7:2F:69:17:DB:3D:19:AA:D2:CD:0A:C1:33:E4
            X509v3 Authority Key Identifier:
                keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/kT2WLss-xy9pF9s9GarSzQrBM-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:af:f4:c2:e2:26:11:99:f6:cd:d8:eb:65:9a:ef:cc:f8:df:
         dd:a6:7b:1b:76:c4:16:44:24:6b:cc:e5:8e:e4:ce:af:97:7f:
         4b:bc:d7:19:94:9f:e5:c9:d2:de:0a:db:de:29:04:dc:19:e1:
         9c:98:bc:0f:42:4b:e2:57:87:63:d7:42:df:da:17:94:2b:70:
         44:c8:58:e6:3b:ea:5c:72:ac:55:11:0c:ef:e7:d0:21:d7:78:
         83:fe:4d:d5:ac:bd:4f:fa:3d:71:3d:8b:19:8f:a6:c2:f8:e6:
         56:92:75:d1:cc:97:e3:cc:80:dc:db:7a:4f:b8:c0:86:10:e6:
         4f:a5:f1:fc:59:a8:57:d0:1f:32:4d:12:2c:0c:3b:0e:bf:8e:
         d7:b8:75:4d:24:67:d5:de:5f:a9:14:5f:d7:86:c8:a0:7f:3b:
         c6:8b:2b:e8:3b:e3:6a:26:26:19:15:eb:74:d4:14:f5:c1:eb:
         26:d8:43:5b:df:67:17:e2:b1:70:32:7c:7c:a1:c5:da:1c:f4:
         93:28:53:fe:dc:cf:5a:20:6f:d6:06:8f:b4:93:e8:b5:81:73:
         70:0c:d2:59:7d:2e:37:c1:94:33:1b:1e:37:c4:cb:3e:ca:36:
         04:f1:4b:db:ac:b4:f1:0a:b7:b7:40:f0:00:37:0e:1f:4c:69:
         e4:98:72:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZspR33MrIu9IOFDlanMmqheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjUxMjE2MjIyODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNkOTYyZWNiM2VjNzJmNjkxN2RiM2QxOWFhZDJjZDBhYzEzM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRJ/ifIY5x/MOAMlQMXseF9pC8XA
A0OSUfKBIaRrA2Dj2ZTFW6DvrLFubD8mH/bWarTxpxR5+Bq8UxqO9Zme4oAqtMTJ
TtKMWuCDcQgtw5ykPmDccvD9rjZmgbxbXRwUPNRG9fNhtpPMuBIguGXGRv8ipGZO
iHjKZFBxc8jsrDu5Yw1c05huXtevgZt8lo9S33wvEuSgcY9uwfByyhj0PDxZmYfA
ohtu9BwjjMlJxyKpKlAvVFK+oxhRHWzSfKi+EuDiJ64flhbQQsDOLJatEmkWPrqc
VNsRXCYa78BJccMjGw8Jxgl7q0UKcv511yWluwkd66KBQ86mqvY3zdesnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJE9li7LPscvaRfbPRmq0s0KwTPkMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEva1QyV0xzcy14eTlwRjlzOUdhclN6UXJCTS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS2WMA0G
CSqGSIb3DQEBCwUAA4IBAQAOr/TC4iYRmfbN2Otlmu/M+N/dpnsbdsQWRCRrzOWO
5M6vl39LvNcZlJ/lydLeCtveKQTcGeGcmLwPQkviV4dj10Lf2heUK3BEyFjmO+pc
cqxVEQzv59Ah13iD/k3VrL1P+j1xPYsZj6bC+OZWknXRzJfjzIDc23pPuMCGEOZP
pfH8WahX0B8yTRIsDDsOv47XuHVNJGfV3l+pFF/XhsigfzvGiyvoO+NqJiYZFet0
1BT1wesm2ENb32cX4rFwMnx8ocXaHPSTKFP+3M9aIG/WBo+0k+i1gXNwDNJZfS43
wZQzGx43xMs+yjYE8UvbrLTxCre3QPAANw4fTGnkmHIw
-----END CERTIFICATE-----