This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g2p638fZZwCrnvRFqg9eTRpbiw4.roa
File:                     g2p638fZZwCrnvRFqg9eTRpbiw4.roa (raw, json)
Hash identifier:          qSK6pl1sLuO5L8q2M8N4Ull7ELILSQAIXlEcO8nJrKo=
Subject key identifier:   83:6A:7A:DF:C7:D9:67:00:AB:9E:F4:45:AA:0F:5E:4D:1A:5B:8B:0E
Certificate issuer:       /CN=83c8d01caf2b0751d035c537566f45627925e4f6
Certificate serial:       019B79ECFEEAB682E48EEC47767BF94FCA26
Authority key identifier: 83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g2p638fZZwCrnvRFqg9eTRpbiw4.roa
Signing time:             Thu 01 Jan 2026 14:18:53 +0000
ROA not before:           Thu 01 Jan 2026 14:18:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57824
IP address blocks:        176.109.144.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 Jan 2026 01:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:fe:ea:b6:82:e4:8e:ec:47:76:7b:f9:4f:ca:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83c8d01caf2b0751d035c537566f45627925e4f6
        Validity
            Not Before: Jan  1 14:18:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=836a7adfc7d96700ab9ef445aa0f5e4d1a5b8b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:cc:a6:23:ed:40:80:ab:85:28:7e:d1:bd:bd:
                    d6:c3:0e:a3:97:7a:9a:51:03:9e:d5:7a:9a:8f:f3:
                    52:e2:aa:4a:97:54:cc:ec:c1:d2:b5:e4:e4:b4:4a:
                    73:b3:a9:0d:7b:44:cb:b8:b1:75:d4:11:87:61:e0:
                    d0:75:43:57:84:3f:e6:fd:65:84:de:40:f9:ea:5a:
                    97:82:10:2f:6f:bf:65:b7:f8:e4:d6:ba:ac:70:b3:
                    28:14:d9:49:fd:35:47:9f:67:a9:97:73:a2:9f:bc:
                    05:7a:9e:9a:88:4e:f8:82:44:5e:bd:c6:2d:ff:ae:
                    bb:8b:56:eb:fa:ba:f2:06:7d:1d:e7:8b:44:1f:a2:
                    a4:ed:7f:f2:77:d2:ff:cc:3e:01:02:7f:91:ff:99:
                    d2:b9:0f:d8:ed:65:31:5a:a6:6d:2f:d3:a1:c7:74:
                    7f:c9:b9:ad:b8:80:9b:dd:ea:a3:fe:91:cd:90:3d:
                    ec:3f:d7:22:56:45:5b:ac:77:db:a8:84:9b:dd:79:
                    4e:4a:74:ea:63:69:4b:81:8b:32:9e:da:1e:ad:ac:
                    b5:21:1d:c0:af:c1:b9:96:db:51:95:ff:38:fc:70:
                    86:a9:71:48:7c:40:16:58:d4:14:46:d5:10:6f:1b:
                    c3:02:ee:aa:7b:2b:48:89:90:91:be:b5:ba:22:4f:
                    b4:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:6A:7A:DF:C7:D9:67:00:AB:9E:F4:45:AA:0F:5E:4D:1A:5B:8B:0E
            X509v3 Authority Key Identifier:
                keyid:83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g2p638fZZwCrnvRFqg9eTRpbiw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.109.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6d:88:d4:a2:30:5f:d7:22:01:32:94:22:2d:f1:32:b5:c1:39:
         1c:4c:80:0b:2d:8d:7b:cc:e7:ce:5d:29:98:fc:aa:a4:19:ac:
         91:96:15:af:93:82:c6:a7:64:81:b0:b5:44:2c:b1:42:db:d1:
         99:78:9b:2c:54:a1:3f:95:0b:df:c0:ec:44:7a:26:62:ed:a5:
         85:13:ef:91:6d:5b:d1:f1:30:9b:bb:26:02:37:23:3a:46:e3:
         84:10:6d:ca:99:f6:53:59:fd:d2:e1:6e:f5:e9:41:a1:0e:fe:
         de:f4:b7:21:51:68:8a:16:44:99:c1:58:8e:91:69:67:c0:09:
         ad:ae:c6:ca:18:7c:aa:63:08:4e:6c:46:52:46:43:58:60:b3:
         47:0a:bb:81:36:1b:c8:e2:77:91:4b:86:4d:42:f4:58:83:d9:
         5f:91:95:83:b9:e8:33:c9:09:0e:c6:4b:eb:3e:ae:23:fe:3f:
         7d:3e:cb:8f:ba:be:c3:65:72:e5:a2:2b:fe:69:ab:af:49:37:
         3f:ce:93:12:5c:9d:99:c9:b1:bb:1b:ab:15:60:03:4e:ef:b8:
         df:34:22:4e:e0:f5:63:e2:48:37:b8:46:0f:19:6f:1d:95:0c:
         c7:a8:e7:31:a8:23:7e:eb:3c:74:5b:3f:ad:85:62:d5:42:b0:
         e7:0c:f4:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57P7qtoLkjuxHdnv5T8omMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzhkMDFjYWYyYjA3NTFkMDM1YzUzNzU2NmY0NTYyNzky
NWU0ZjYwHhcNMjYwMTAxMTQxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZhN2FkZmM3ZDk2NzAwYWI5ZWY0NDVhYTBmNWU0ZDFhNWI4YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MymI+1AgKuFKH7Rvb3Www6jl3qa
UQOe1Xqaj/NS4qpKl1TM7MHSteTktEpzs6kNe0TLuLF11BGHYeDQdUNXhD/m/WWE
3kD56lqXghAvb79lt/jk1rqscLMoFNlJ/TVHn2epl3Oin7wFep6aiE74gkRevcYt
/667i1br+rryBn0d54tEH6Kk7X/yd9L/zD4BAn+R/5nSuQ/Y7WUxWqZtL9Ohx3R/
ybmtuICb3eqj/pHNkD3sP9ciVkVbrHfbqISb3XlOSnTqY2lLgYsyntoeray1IR3A
r8G5lttRlf84/HCGqXFIfEAWWNQURtUQbxvDAu6qeytIiZCRvrW6Ik+0aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINqet/H2WcAq570RaoPXk0aW4sOMB8GA1UdIwQY
MBaAFIPI0ByvKwdR0DXFN1ZvRWJ5JeT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDct
OWFiMjZiMjY2YWE3LzEvZzJwNjM4Zlpad0NybnZSRnFnOWVUUnBiaXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDctOWFiMjZiMjY2YWE3
LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsG2QMA0G
CSqGSIb3DQEBCwUAA4IBAQBtiNSiMF/XIgEylCIt8TK1wTkcTIALLY17zOfOXSmY
/KqkGayRlhWvk4LGp2SBsLVELLFC29GZeJssVKE/lQvfwOxEeiZi7aWFE++RbVvR
8TCbuyYCNyM6RuOEEG3KmfZTWf3S4W716UGhDv7e9LchUWiKFkSZwViOkWlnwAmt
rsbKGHyqYwhObEZSRkNYYLNHCruBNhvI4neRS4ZNQvRYg9lfkZWDuegzyQkOxkvr
Pq4j/j99PsuPur7DZXLloiv+aauvSTc/zpMSXJ2ZybG7G6sVYANO77jfNCJO4PVj
4kg3uEYPGW8dlQzHqOcxqCN+6zx0Wz+thWLVQrDnDPTv
-----END CERTIFICATE-----