This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/GIndhU8ELmsNHmG9wjRWuLwz2bs.roa
File:                     GIndhU8ELmsNHmG9wjRWuLwz2bs.roa (raw, json)
Hash identifier:          PQMP13AMPNG5zd/gezY6JmA04bcuMNJCFye1nndg+RI=
Subject key identifier:   18:89:DD:85:4F:04:2E:6B:0D:1E:61:BD:C2:34:56:B8:BC:33:D9:BB
Certificate issuer:       /CN=56f722a885abeb9aaffb32da764ef091b5b20340
Certificate serial:       019B78A370A28B617745DC9AA9E1541650F5
Authority key identifier: 56:F7:22:A8:85:AB:EB:9A:AF:FB:32:DA:76:4E:F0:91:B5:B2:03:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VvciqIWr65qv-zLadk7wkbWyA0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/GIndhU8ELmsNHmG9wjRWuLwz2bs.roa
Signing time:             Thu 01 Jan 2026 08:18:55 +0000
ROA not before:           Thu 01 Jan 2026 08:18:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15547
IP address blocks:        185.201.216.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/VvciqIWr65qv-zLadk7wkbWyA0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/VvciqIWr65qv-zLadk7wkbWyA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VvciqIWr65qv-zLadk7wkbWyA0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 11:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a3:70:a2:8b:61:77:45:dc:9a:a9:e1:54:16:50:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56f722a885abeb9aaffb32da764ef091b5b20340
        Validity
            Not Before: Jan  1 08:18:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1889dd854f042e6b0d1e61bdc23456b8bc33d9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2f:ed:7a:50:ba:53:1b:9e:4b:4a:89:52:26:
                    1d:e1:e8:de:f4:5f:98:5a:b5:18:71:c4:c8:b9:e5:
                    00:88:24:de:47:67:87:51:f7:4c:61:b3:d7:42:68:
                    1a:7e:33:9a:2a:63:fa:f4:07:0c:de:ed:bc:ce:c4:
                    56:6b:79:85:d6:e9:81:db:66:d0:a9:52:38:83:d0:
                    b7:c0:a2:c6:64:34:ce:fc:a3:ef:d4:02:7d:1a:10:
                    c0:ac:2f:37:fa:47:d9:61:97:f4:90:6f:ca:33:30:
                    7c:28:cd:ea:00:c4:d0:82:f5:26:5b:71:a5:f3:40:
                    e7:36:e9:49:9d:12:93:85:da:c7:94:05:93:6e:a6:
                    87:b0:fe:10:7b:31:8f:1b:34:0c:f1:71:c8:30:60:
                    c3:b0:a7:32:12:65:d5:5c:72:a0:f9:14:69:27:58:
                    9a:42:37:e4:1b:50:dc:ec:2c:f0:91:1e:90:1e:a5:
                    26:bb:47:15:1c:ef:d3:01:10:ce:0c:4c:e0:a3:83:
                    3b:9d:96:02:25:a9:f3:ca:20:3a:11:b0:a5:0f:71:
                    fc:41:4b:1b:e7:64:3a:34:dd:21:5d:93:34:79:09:
                    73:f5:8d:26:8a:b4:a2:ad:7f:95:d7:61:d6:0f:97:
                    db:07:40:09:ff:24:af:f8:13:64:a4:55:91:2d:f7:
                    5b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:89:DD:85:4F:04:2E:6B:0D:1E:61:BD:C2:34:56:B8:BC:33:D9:BB
            X509v3 Authority Key Identifier:
                keyid:56:F7:22:A8:85:AB:EB:9A:AF:FB:32:DA:76:4E:F0:91:B5:B2:03:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VvciqIWr65qv-zLadk7wkbWyA0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/GIndhU8ELmsNHmG9wjRWuLwz2bs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8992b1-1600-4b92-99a5-8140c116f0c8/1/VvciqIWr65qv-zLadk7wkbWyA0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:83:25:46:24:15:1e:55:ea:a5:53:ff:b7:8a:d6:74:cf:4b:
         cd:51:43:4f:24:08:97:c9:35:b2:20:c9:e3:fd:55:0e:87:74:
         c6:1a:f4:a3:7f:e6:75:7d:81:49:40:f4:d0:0f:e0:15:8d:ca:
         88:8a:74:ab:bc:4a:d3:fc:fd:6b:cc:ca:2d:ca:11:40:3e:bf:
         ea:72:94:8d:f6:d4:1b:6c:2e:85:eb:c6:aa:f0:67:1e:46:c4:
         e8:8c:87:59:57:2b:c0:72:44:ea:e8:9f:24:c9:9a:0b:b8:57:
         c6:fb:db:6a:ea:3c:c1:d4:e6:cb:c1:7d:f7:46:75:e2:1a:bb:
         c3:74:b7:34:10:22:da:9f:6b:a9:18:18:b3:f9:42:27:57:3e:
         ab:e0:22:7a:32:9b:9f:cc:a0:55:33:07:39:44:84:39:15:5b:
         d0:57:df:76:8c:7b:28:33:be:24:23:d0:7d:da:99:96:47:3a:
         87:2b:2c:8e:c5:31:82:67:44:5b:01:5e:87:10:da:81:41:03:
         cc:54:5c:de:8a:21:54:a5:db:9b:ff:56:a1:27:f0:d8:dd:d8:
         26:c1:81:d0:70:b4:07:42:fd:d8:c4:14:f4:38:ab:97:97:b5:
         36:d0:4b:21:2b:7f:05:07:c1:83:95:1d:c4:49:22:15:a5:da:
         08:4b:1a:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4o3Cii2F3RdyaqeFUFlD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZjcyMmE4ODVhYmViOWFhZmZiMzJkYTc2NGVmMDkxYjVi
MjAzNDAwHhcNMjYwMTAxMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg5ZGQ4NTRmMDQyZTZiMGQxZTYxYmRjMjM0NTZiOGJjMzNkOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC/telC6UxueS0qJUiYd4eje9F+Y
WrUYccTIueUAiCTeR2eHUfdMYbPXQmgafjOaKmP69AcM3u28zsRWa3mF1umB22bQ
qVI4g9C3wKLGZDTO/KPv1AJ9GhDArC83+kfZYZf0kG/KMzB8KM3qAMTQgvUmW3Gl
80DnNulJnRKThdrHlAWTbqaHsP4QezGPGzQM8XHIMGDDsKcyEmXVXHKg+RRpJ1ia
QjfkG1Dc7CzwkR6QHqUmu0cVHO/TARDODEzgo4M7nZYCJanzyiA6EbClD3H8QUsb
52Q6NN0hXZM0eQlz9Y0mirSirX+V12HWD5fbB0AJ/ySv+BNkpFWRLfdb8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiJ3YVPBC5rDR5hvcI0Vri8M9m7MB8GA1UdIwQY
MBaAFFb3IqiFq+uar/sy2nZO8JG1sgNAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnZjaXFJV3I2NXF2LXpMYWRrN3drYld5QTBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84OTkyYjEtMTYwMC00YjkyLTk5YTUt
ODE0MGMxMTZmMGM4LzEvR0luZGhVOEVMbXNOSG1HOXdqUld1THd6MmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84OTkyYjEtMTYwMC00YjkyLTk5YTUtODE0MGMxMTZmMGM4
LzEvVnZjaXFJV3I2NXF2LXpMYWRrN3drYld5QTBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucnYMA0G
CSqGSIb3DQEBCwUAA4IBAQABgyVGJBUeVeqlU/+3itZ0z0vNUUNPJAiXyTWyIMnj
/VUOh3TGGvSjf+Z1fYFJQPTQD+AVjcqIinSrvErT/P1rzMotyhFAPr/qcpSN9tQb
bC6F68aq8GceRsTojIdZVyvAckTq6J8kyZoLuFfG+9tq6jzB1ObLwX33RnXiGrvD
dLc0ECLan2upGBiz+UInVz6r4CJ6MpufzKBVMwc5RIQ5FVvQV992jHsoM74kI9B9
2pmWRzqHKyyOxTGCZ0RbAV6HENqBQQPMVFzeiiFUpdub/1ahJ/DY3dgmwYHQcLQH
Qv3YxBT0OKuXl7U20EshK38FB8GDlR3ESSIVpdoISxqT
-----END CERTIFICATE-----