This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/Sn7_2gib1Z4Y7qV-x5tw5ypzrKg.roa
File:                     Sn7_2gib1Z4Y7qV-x5tw5ypzrKg.roa (raw, json)
Hash identifier:          TvWW8wiVEH/RjPvexCDnTxcGMw5rvsW5sddaZst2n7c=
Subject key identifier:   4A:7E:FF:DA:08:9B:D5:9E:18:EE:A5:7E:C7:9B:70:E7:2A:73:AC:A8
Certificate issuer:       /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial:       019B78A211E3C6892E10C48D278777F7757E
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/Sn7_2gib1Z4Y7qV-x5tw5ypzrKg.roa
Signing time:             Thu 01 Jan 2026 08:17:25 +0000
ROA not before:           Thu 01 Jan 2026 08:17:25 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202289
IP address blocks:        185.155.16.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 Jan 2026 05:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:11:e3:c6:89:2e:10:c4:8d:27:87:77:f7:75:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
        Validity
            Not Before: Jan  1 08:17:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4a7effda089bd59e18eea57ec79b70e72a73aca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:3b:4c:10:df:6d:18:ab:a5:8b:d6:11:4b:61:
                    ea:88:3c:80:d4:3c:00:27:0e:39:cf:49:82:e2:50:
                    3d:7f:7e:06:a2:f7:6b:27:43:b7:6e:e8:3d:1f:0f:
                    d8:de:ca:6f:83:d6:02:7b:ce:30:3e:d2:3b:7a:56:
                    16:a7:a2:7e:c8:1e:18:f0:1f:36:ff:e2:c9:4d:7d:
                    a0:cb:c9:19:d0:0c:e5:59:15:d8:71:e7:21:12:25:
                    f3:83:b5:43:bf:a0:59:7d:a5:4b:77:a4:13:eb:3e:
                    f5:79:b6:0e:7e:a3:15:33:fa:12:f3:ae:47:e0:60:
                    87:e8:2d:ed:ab:2c:e8:5a:6c:52:e9:0f:02:f7:fa:
                    16:aa:b9:03:e3:ed:59:8d:4b:83:12:d1:e2:1e:c5:
                    c0:69:ea:19:bd:ea:9f:6c:e6:70:a5:c0:7a:92:33:
                    20:71:2f:1b:2d:54:a9:74:43:d5:08:7f:e9:06:2b:
                    ab:65:63:1b:10:ca:e7:bf:db:fa:0b:59:9f:e2:0f:
                    b6:f5:eb:13:ed:93:fc:82:68:89:58:46:3a:fd:0a:
                    80:88:7f:63:0c:8a:8c:8b:55:a6:4a:15:6b:c2:e5:
                    bc:6e:36:62:80:36:e1:08:dc:25:2f:6c:07:10:48:
                    a5:df:f9:1c:30:d9:50:17:c2:de:b5:60:52:68:91:
                    ac:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:7E:FF:DA:08:9B:D5:9E:18:EE:A5:7E:C7:9B:70:E7:2A:73:AC:A8
            X509v3 Authority Key Identifier:
                keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/Sn7_2gib1Z4Y7qV-x5tw5ypzrKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:4e:c5:b0:58:3a:f9:9e:a1:b5:c4:d7:9a:6c:52:22:90:3f:
         78:47:25:15:f8:83:d9:6f:28:19:d0:55:03:a0:69:55:2b:6e:
         13:eb:b5:de:85:f5:30:6d:0e:45:f8:c1:90:22:71:bf:a0:5e:
         50:f4:1c:9d:72:f9:0a:58:66:70:73:7f:45:03:f3:21:13:a0:
         ec:a9:04:2c:ce:68:70:44:7c:00:8a:33:24:0d:8b:2d:d4:29:
         36:30:63:f4:a3:a0:94:98:f3:76:bc:94:d3:c0:cc:6d:bb:eb:
         ed:8c:d7:67:ac:67:46:c1:0e:72:ed:f4:f7:0a:d6:b7:75:ff:
         3f:53:08:7f:dd:d1:9a:c5:a8:80:7c:f0:c2:80:bc:7c:81:69:
         1a:48:f1:29:60:6a:fb:63:9d:d9:88:2c:24:8f:5d:21:66:3e:
         a9:bc:e0:bc:09:f6:91:f5:11:a8:ff:e8:c3:d8:97:de:66:e5:
         e9:52:0d:b8:2f:1f:23:7e:01:b0:37:d9:f6:1b:72:80:bd:1d:
         a0:b6:79:09:95:e8:a0:6c:81:de:51:21:b7:a7:1b:5f:6d:64:
         ac:82:e8:b6:46:a0:74:26:b8:30:eb:eb:d3:50:eb:76:98:96:
         35:09:8e:dd:ec:c5:22:c2:b7:c1:1f:fc:35:41:32:30:81:92:
         08:83:cd:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4ohHjxokuEMSNJ4d393V+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjYwMTAxMDgxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdlZmZkYTA4OWJkNTllMThlZWE1N2VjNzliNzBlNzJhNzNhY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzztMEN9tGKuli9YRS2HqiDyA1DwA
Jw45z0mC4lA9f34GovdrJ0O3bug9Hw/Y3spvg9YCe84wPtI7elYWp6J+yB4Y8B82
/+LJTX2gy8kZ0AzlWRXYcechEiXzg7VDv6BZfaVLd6QT6z71ebYOfqMVM/oS865H
4GCH6C3tqyzoWmxS6Q8C9/oWqrkD4+1ZjUuDEtHiHsXAaeoZveqfbOZwpcB6kjMg
cS8bLVSpdEPVCH/pBiurZWMbEMrnv9v6C1mf4g+29esT7ZP8gmiJWEY6/QqAiH9j
DIqMi1WmShVrwuW8bjZigDbhCNwlL2wHEEil3/kcMNlQF8LetWBSaJGsrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEp+/9oIm9WeGO6lfsebcOcqc6yoMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvU243XzJnaWIxWjRZN3FWLXg1dHc1eXB6cktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZsQMA0G
CSqGSIb3DQEBCwUAA4IBAQBLTsWwWDr5nqG1xNeabFIikD94RyUV+IPZbygZ0FUD
oGlVK24T67XehfUwbQ5F+MGQInG/oF5Q9BydcvkKWGZwc39FA/MhE6DsqQQszmhw
RHwAijMkDYst1Ck2MGP0o6CUmPN2vJTTwMxtu+vtjNdnrGdGwQ5y7fT3Cta3df8/
Uwh/3dGaxaiAfPDCgLx8gWkaSPEpYGr7Y53ZiCwkj10hZj6pvOC8CfaR9RGo/+jD
2JfeZuXpUg24Lx8jfgGwN9n2G3KAvR2gtnkJleigbIHeUSG3pxtfbWSsgui2RqB0
Jrgw6+vTUOt2mJY1CY7d7MUiwrfBH/w1QTIwgZIIg824
-----END CERTIFICATE-----