This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VZuRySfAEqdKfW5DHqPH7FGGDvM.roa
File:                     VZuRySfAEqdKfW5DHqPH7FGGDvM.roa (raw, json)
Hash identifier:          TJDTDXk0DCXp3fbY1FYZgkrXsfXj3Uy86XKc1SeZVro=
Subject key identifier:   55:9B:91:C9:27:C0:12:A7:4A:7D:6E:43:1E:A3:C7:EC:51:86:0E:F3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       019B7D5CA99AC3B5BAAD9012960DA9DF9BF5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VZuRySfAEqdKfW5DHqPH7FGGDvM.roa
Signing time:             Fri 02 Jan 2026 06:19:43 +0000
ROA not before:           Fri 02 Jan 2026 06:19:43 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     38255
IP address blocks:        2a0e:b107:740::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 18:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5c:a9:9a:c3:b5:ba:ad:90:12:96:0d:a9:df:9b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 06:19:43 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=559b91c927c012a74a7d6e431ea3c7ec51860ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:46:f8:1f:3b:5f:51:6b:45:fc:33:80:52:5c:
                    4a:40:35:6a:c2:65:e2:d7:6f:49:27:e9:b5:0f:00:
                    0a:22:d8:e7:d3:93:12:a3:bc:7b:5b:3c:c6:01:fc:
                    48:c2:68:ce:e1:bb:55:87:8e:4c:92:6b:d9:26:da:
                    a5:a5:03:4d:9f:ae:c5:22:58:74:87:f7:2a:0c:ca:
                    5d:4c:f5:f4:e9:b8:64:ef:b5:ff:e1:31:90:85:28:
                    fc:42:1e:eb:ee:56:f0:a7:ff:47:45:dd:c4:d0:e2:
                    13:29:34:47:56:9f:f0:e8:3b:4f:0b:79:3a:67:f8:
                    24:8f:f0:f1:90:44:64:a7:f5:f3:1b:40:ba:cb:9e:
                    d4:22:cd:75:8f:58:af:7e:0b:22:61:cf:d2:40:02:
                    ee:f9:62:5d:cb:e9:5b:28:07:0e:af:38:dc:e8:45:
                    16:20:0e:0f:d8:ab:72:34:ef:35:10:47:e9:63:ab:
                    aa:22:ed:f9:05:51:ed:db:0f:2c:67:a5:d6:27:e2:
                    50:95:68:ec:50:e0:9a:57:b4:65:5e:3a:32:81:10:
                    73:55:11:f7:15:b3:1b:18:7e:8a:e7:65:6b:c1:8c:
                    86:e8:b5:3f:59:dc:a6:ff:f3:9d:0c:f3:33:a0:ea:
                    b1:00:e4:7b:73:59:db:61:4a:68:60:46:c3:57:a7:
                    8c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:9B:91:C9:27:C0:12:A7:4A:7D:6E:43:1E:A3:C7:EC:51:86:0E:F3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VZuRySfAEqdKfW5DHqPH7FGGDvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:740::/44

    Signature Algorithm: sha256WithRSAEncryption
         0e:17:68:50:5d:42:d5:f2:01:1e:9b:47:ea:b6:ba:72:ef:cc:
         9b:15:78:ee:e8:a3:29:9c:bb:15:ea:d8:39:18:7a:b1:cf:63:
         4c:af:e3:9b:5f:2d:14:58:da:bd:37:05:22:fb:ad:3b:e0:49:
         0c:39:e6:51:f1:38:d8:25:be:5d:05:66:9f:49:79:70:2f:a8:
         96:74:31:df:28:53:4a:2a:46:0c:6f:d2:7e:36:ba:4e:ce:03:
         24:0d:3b:1b:f7:c7:97:f5:55:51:7a:40:d3:30:22:95:b1:98:
         ab:3e:14:fe:e8:bb:2c:7d:3a:23:61:8f:00:f2:6a:c8:b8:b0:
         7a:71:af:09:64:d3:1e:6e:56:4b:5f:75:e3:03:ee:f7:c6:4f:
         e2:5b:dd:d3:ad:d5:4c:57:5e:4e:5e:90:6f:60:8f:76:01:4f:
         ba:da:68:24:67:a6:23:a8:4d:9d:57:f3:4a:69:c8:7b:a8:3b:
         04:45:2c:c8:2a:0f:26:1e:3d:54:a3:4b:97:fc:2b:fd:71:b4:
         1f:6f:e5:70:ce:55:72:d6:ab:e1:47:6b:bb:44:55:ca:70:7e:
         1c:5b:33:21:98:7a:2b:2c:a3:ba:e8:54:51:03:3d:8d:1a:20:
         32:c7:1b:22:cf:80:97:30:d6:97:f6:fd:99:26:fc:89:e0:f7:
         7a:07:7f:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt9XKmaw7W6rZASlg2p35v1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjYwMTAyMDYxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTliOTFjOTI3YzAxMmE3NGE3ZDZlNDMxZWEzYzdlYzUxODYwZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEb4HztfUWtF/DOAUlxKQDVqwmXi
129JJ+m1DwAKItjn05MSo7x7WzzGAfxIwmjO4btVh45MkmvZJtqlpQNNn67FIlh0
h/cqDMpdTPX06bhk77X/4TGQhSj8Qh7r7lbwp/9HRd3E0OITKTRHVp/w6DtPC3k6
Z/gkj/DxkERkp/XzG0C6y57UIs11j1ivfgsiYc/SQALu+WJdy+lbKAcOrzjc6EUW
IA4P2KtyNO81EEfpY6uqIu35BVHt2w8sZ6XWJ+JQlWjsUOCaV7RlXjoygRBzVRH3
FbMbGH6K52VrwYyG6LU/Wdym//OdDPMzoOqxAOR7c1nbYUpoYEbDV6eMJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFWbkcknwBKnSn1uQx6jx+xRhg7zMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVlp1UnlTZkFFcWRLZlc1REhxUEg3RkdHRHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwdA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOF2hQXULV8gEem0fqtrpy78ybFXju6KMpnLsV
6tg5GHqxz2NMr+ObXy0UWNq9NwUi+6074EkMOeZR8TjYJb5dBWafSXlwL6iWdDHf
KFNKKkYMb9J+NrpOzgMkDTsb98eX9VVRekDTMCKVsZirPhT+6LssfTojYY8A8mrI
uLB6ca8JZNMeblZLX3XjA+73xk/iW93TrdVMV15OXpBvYI92AU+62mgkZ6YjqE2d
V/NKach7qDsERSzIKg8mHj1Uo0uX/Cv9cbQfb+VwzlVy1qvhR2u7RFXKcH4cWzMh
mHorLKO66FRRAz2NGiAyxxsiz4CXMNaX9v2ZJvyJ4Pd6B39Z
-----END CERTIFICATE-----
Generated at Sun Jan 11 23:53:50 2026 by rpki-client