This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/53H4kGtC_SbzrsI-Vzd9TCGN8wY.roa
File:                     53H4kGtC_SbzrsI-Vzd9TCGN8wY.roa (raw, json)
Hash identifier:          rLB3dTRqcK5WY3gJz81sl+g0PUHVo5VwKbPsiJ+N2Ok=
Subject key identifier:   E7:71:F8:90:6B:42:FD:26:F3:AE:C2:3E:57:37:7D:4C:21:8D:F3:06
Certificate issuer:       /CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Certificate serial:       019B76EB3A0D139D4E23DF51ABF3C1D7E8E5
Authority key identifier: 7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/53H4kGtC_SbzrsI-Vzd9TCGN8wY.roa
Signing time:             Thu 01 Jan 2026 00:18:05 +0000
ROA not before:           Thu 01 Jan 2026 00:18:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42482
IP address blocks:        185.14.5.0/24 maxlen: 32
                          185.14.6.0/23 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 Jan 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:3a:0d:13:9d:4e:23:df:51:ab:f3:c1:d7:e8:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
        Validity
            Not Before: Jan  1 00:18:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e771f8906b42fd26f3aec23e57377d4c218df306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0b:96:be:67:99:2e:4f:89:36:1d:da:aa:dd:
                    34:3c:42:8d:6f:bd:ed:14:7d:e7:1a:8a:a1:30:fb:
                    d7:21:0b:0b:6e:6c:16:f2:af:e6:3e:a6:a8:3a:59:
                    ee:86:c4:1a:54:e5:6d:06:b3:78:7e:d1:4f:7a:06:
                    bc:68:41:a6:2f:af:9e:c3:87:11:d8:3a:5f:a5:c1:
                    bc:6e:ca:cd:37:4d:38:c1:96:c4:01:1e:be:26:5d:
                    f3:fa:d8:df:e8:9a:f2:ea:76:6c:25:1b:e1:a9:1d:
                    d5:4a:7a:4d:b8:4e:3e:16:5a:86:ff:30:01:e8:f3:
                    81:2e:fa:9e:2a:30:38:2a:85:6f:34:bb:42:e2:03:
                    6b:14:22:01:c8:05:0c:a3:27:c2:11:2d:db:be:c5:
                    95:1c:92:3c:7f:09:d7:80:38:d1:7d:49:f1:e5:d3:
                    f2:29:d1:1d:ff:46:fd:63:92:87:ba:33:c3:08:10:
                    26:69:e3:e2:b1:32:ce:aa:7a:2e:0b:83:3f:0e:55:
                    c7:f2:ba:08:b7:49:8f:8a:53:80:43:90:8f:26:c4:
                    bd:7d:55:c5:ab:03:b5:14:e1:6c:cd:56:69:5c:5e:
                    9a:b7:02:72:ee:b4:8a:3a:b4:a5:04:a5:7b:40:de:
                    04:b3:a7:00:ee:33:07:4a:43:19:b8:57:a7:2b:0a:
                    db:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:71:F8:90:6B:42:FD:26:F3:AE:C2:3E:57:37:7D:4C:21:8D:F3:06
            X509v3 Authority Key Identifier:
                keyid:7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/53H4kGtC_SbzrsI-Vzd9TCGN8wY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.5.0-185.14.7.255

    Signature Algorithm: sha256WithRSAEncryption
         3c:5b:45:9f:32:6e:ab:79:29:6a:4a:89:8f:0d:ac:f0:fc:44:
         ab:d0:21:1f:4a:37:5d:c7:2e:ef:fc:d1:e8:31:e8:d2:4c:02:
         b0:0f:88:88:29:ab:4c:74:d8:65:8f:73:7a:8f:9f:48:47:2d:
         54:e2:ea:b3:ea:6a:aa:e9:ad:49:6c:55:0d:51:6b:d7:7d:20:
         92:59:65:16:e1:1c:3e:01:55:ba:bf:fe:5d:ed:40:d6:b8:94:
         6c:4e:d6:b7:07:bf:8f:5f:93:35:12:0a:b3:c6:60:c0:12:82:
         01:02:46:fa:86:c8:15:e3:04:50:f3:ee:bc:50:b6:3d:f7:35:
         1f:19:e2:03:34:02:c5:aa:b4:7e:99:53:84:15:f6:8f:b9:68:
         c9:d7:d7:59:a4:7c:f2:3e:75:a8:a4:88:64:cb:47:df:df:2d:
         10:8a:31:80:c4:b0:9b:2f:39:12:dc:75:c3:2a:b2:54:47:dc:
         67:71:79:fc:29:8c:ef:38:ca:f8:11:8b:39:5a:61:aa:80:c7:
         74:56:71:33:56:76:9c:31:a9:e0:ae:e8:b8:93:cc:73:9c:2e:
         a6:af:81:6b:d4:a1:43:70:d1:23:a9:4e:41:60:7b:49:bb:23:
         9c:45:26:45:31:be:ec:67:69:02:fc:83:a7:c8:15:f7:20:f2:
         92:92:8b:08
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZt26zoNE51OI99Rq/PB1+jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGJjZGVlOGNlODM5YzRkMjA0MTNjODYyNDIzY2NhMDRm
ZGM2MGEwHhcNMjYwMTAxMDAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcxZjg5MDZiNDJmZDI2ZjNhZWMyM2U1NzM3N2Q0YzIxOGRmMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArguWvmeZLk+JNh3aqt00PEKNb73t
FH3nGoqhMPvXIQsLbmwW8q/mPqaoOlnuhsQaVOVtBrN4ftFPega8aEGmL6+ew4cR
2DpfpcG8bsrNN004wZbEAR6+Jl3z+tjf6Jry6nZsJRvhqR3VSnpNuE4+FlqG/zAB
6POBLvqeKjA4KoVvNLtC4gNrFCIByAUMoyfCES3bvsWVHJI8fwnXgDjRfUnx5dPy
KdEd/0b9Y5KHujPDCBAmaePisTLOqnouC4M/DlXH8roIt0mPilOAQ5CPJsS9fVXF
qwO1FOFszVZpXF6atwJy7rSKOrSlBKV7QN4Es6cA7jMHSkMZuFenKwrb4wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOdx+JBrQv0m867CPlc3fUwhjfMGMB8GA1UdIwQY
MBaAFHoLze6M6DnE0gQTyGJCPMoE/cYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMt
NGRlZjU3MzY1MTY5LzEvNTNINGtHdENfU2J6cnNJLVZ6ZDlUQ0dOOHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMtNGRlZjU3MzY1MTY5
LzEvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5DgUD
BAO5DgAwDQYJKoZIhvcNAQELBQADggEBADxbRZ8ybqt5KWpKiY8NrPD8RKvQIR9K
N13HLu/80egx6NJMArAPiIgpq0x02GWPc3qPn0hHLVTi6rPqaqrprUlsVQ1Ra9d9
IJJZZRbhHD4BVbq//l3tQNa4lGxO1rcHv49fkzUSCrPGYMASggECRvqGyBXjBFDz
7rxQtj33NR8Z4gM0AsWqtH6ZU4QV9o+5aMnX11mkfPI+daikiGTLR9/fLRCKMYDE
sJsvORLcdcMqslRH3GdxefwpjO84yvgRizlaYaqAx3RWcTNWdpwxqeCu6LiTzHOc
LqavgWvUoUNw0SOpTkFge0m7I5xFJkUxvuxnaQL8g6fIFfcg8pKSiwg=
-----END CERTIFICATE-----