This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/O7nTtGlDglrrL-kebizBtELuJW4.roa
File:                     O7nTtGlDglrrL-kebizBtELuJW4.roa (raw, json)
Hash identifier:          DgnoqVB8Ij0H4AcPGrUHeyJbnfW0HuYTGmcCfsZut/g=
Subject key identifier:   3B:B9:D3:B4:69:43:82:5A:EB:2F:E9:1E:6E:2C:C1:B4:42:EE:25:6E
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       019B7C80671C0BA95C497D9AA871C5877FC8
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/O7nTtGlDglrrL-kebizBtELuJW4.roa
Signing time:             Fri 02 Jan 2026 02:19:08 +0000
ROA not before:           Fri 02 Jan 2026 02:19:08 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     62300
IP address blocks:        195.14.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 21:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:67:1c:0b:a9:5c:49:7d:9a:a8:71:c5:87:7f:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan  2 02:19:08 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3bb9d3b46943825aeb2fe91e6e2cc1b442ee256e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4d:f0:36:c0:a0:79:3f:53:0a:a3:d0:6a:33:
                    16:a2:77:13:ec:18:ab:11:6b:3e:80:03:ac:87:9c:
                    d1:01:6f:06:8f:d7:df:93:0d:86:d6:d3:6c:0c:42:
                    7d:ec:6d:f2:86:e5:c5:64:33:33:9b:47:66:92:aa:
                    63:fb:19:8f:fd:08:df:2c:5c:1c:36:b4:00:fe:6a:
                    a5:b1:60:d5:be:bd:51:39:4f:d9:b9:37:12:dd:c8:
                    85:de:9f:d0:2e:dc:70:cf:6d:f2:3e:51:ee:61:91:
                    17:05:3c:6b:2b:35:c4:12:31:1f:78:22:c7:85:99:
                    fd:90:15:df:cc:57:cd:ca:14:1b:df:ad:4d:c7:0c:
                    08:0b:ad:6f:9b:85:fc:9c:b5:32:6b:0c:96:e4:52:
                    3a:2d:53:9c:c8:f3:20:ce:43:0c:f8:e4:a6:fd:da:
                    ba:18:df:ae:d9:c0:3a:a3:5c:79:69:da:59:53:36:
                    42:6e:d9:7f:f8:9c:5d:a9:e0:03:8a:1b:4f:de:d0:
                    f6:0f:e0:37:28:25:2b:64:af:4e:2a:2b:4a:cb:cf:
                    12:05:7a:71:88:bf:4e:00:c6:9c:93:f9:56:a6:20:
                    e0:97:27:ea:17:01:9c:33:cc:2b:22:92:d5:95:4d:
                    cc:4b:a2:42:76:34:e4:42:44:f1:c6:49:aa:c7:82:
                    56:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:B9:D3:B4:69:43:82:5A:EB:2F:E9:1E:6E:2C:C1:B4:42:EE:25:6E
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/O7nTtGlDglrrL-kebizBtELuJW4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.14.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:10:ed:3a:05:7a:e6:fa:cc:5d:de:ee:ee:32:e9:fd:bc:5a:
         46:af:2b:dd:aa:07:84:7a:46:60:95:3f:e8:32:d5:1a:f3:fe:
         62:21:ac:ab:24:1b:ed:50:e5:c1:27:e4:b3:d5:07:94:af:ee:
         91:f5:81:18:a2:d3:af:99:c3:ca:26:28:53:c4:50:c8:4d:44:
         b3:b0:42:68:94:b4:93:ec:eb:90:33:68:20:e8:ed:8e:c6:74:
         63:46:f3:e5:8b:f3:c4:2a:49:0e:6a:fe:40:b7:56:7c:8e:8f:
         b7:49:f2:76:81:c2:5b:99:54:fa:ab:bb:94:f5:ab:d0:10:ef:
         7b:bf:e9:1a:1e:ea:af:b9:45:4a:f1:97:19:23:bf:8d:41:68:
         c4:4f:d8:3a:c3:29:ad:7b:62:20:a5:09:23:b5:3f:41:78:a0:
         05:d4:52:2c:3b:04:78:26:47:c7:f4:11:38:66:25:be:5a:64:
         ec:ad:7f:ca:78:fb:77:5b:49:57:54:62:eb:27:48:2b:96:22:
         1f:94:2a:66:f8:05:4b:27:d4:ba:30:ce:cd:8e:6a:ce:cc:ca:
         bf:1d:0a:7f:34:3c:52:78:41:4e:57:d8:9d:e1:46:86:bc:12:
         c8:9c:a4:4a:7c:6d:5b:74:f9:bb:4e:3e:1d:aa:4d:92:04:f8:
         e8:af:9f:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gGccC6lcSX2aqHHFh3/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwMTAyMDIxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI5ZDNiNDY5NDM4MjVhZWIyZmU5MWU2ZTJjYzFiNDQyZWUyNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk3wNsCgeT9TCqPQajMWoncT7Bir
EWs+gAOsh5zRAW8Gj9ffkw2G1tNsDEJ97G3yhuXFZDMzm0dmkqpj+xmP/QjfLFwc
NrQA/mqlsWDVvr1ROU/ZuTcS3ciF3p/QLtxwz23yPlHuYZEXBTxrKzXEEjEfeCLH
hZn9kBXfzFfNyhQb361NxwwIC61vm4X8nLUyawyW5FI6LVOcyPMgzkMM+OSm/dq6
GN+u2cA6o1x5adpZUzZCbtl/+JxdqeADihtP3tD2D+A3KCUrZK9OKitKy88SBXpx
iL9OAMack/lWpiDglyfqFwGcM8wrIpLVlU3MS6JCdjTkQkTxxkmqx4JWOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu507RpQ4Ja6y/pHm4swbRC7iVuMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvTzduVHRHbERnbHJyTC1rZWJpekJ0RUx1Slc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww52MA0G
CSqGSIb3DQEBCwUAA4IBAQBDEO06BXrm+sxd3u7uMun9vFpGryvdqgeEekZglT/o
MtUa8/5iIayrJBvtUOXBJ+Sz1QeUr+6R9YEYotOvmcPKJihTxFDITUSzsEJolLST
7OuQM2gg6O2OxnRjRvPli/PEKkkOav5At1Z8jo+3SfJ2gcJbmVT6q7uU9avQEO97
v+kaHuqvuUVK8ZcZI7+NQWjET9g6wymte2IgpQkjtT9BeKAF1FIsOwR4JkfH9BE4
ZiW+WmTsrX/KePt3W0lXVGLrJ0grliIflCpm+AVLJ9S6MM7NjmrOzMq/HQp/NDxS
eEFOV9id4UaGvBLInKRKfG1bdPm7Tj4dqk2SBPjor59X
-----END CERTIFICATE-----