This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/plm1QcopFIGHPBHxAMNWHcEtxcE.roa
File:                     plm1QcopFIGHPBHxAMNWHcEtxcE.roa (raw, json)
Hash identifier:          Z2e5lWyZ4MvTbJer7SCq1IHFfIJipouaHRubvr2Mf8o=
Subject key identifier:   A6:59:B5:41:CA:29:14:81:87:3C:11:F1:00:C3:56:1D:C1:2D:C5:C1
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       019B7C8070EEEDFA211C3D016FC6C5471781
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/plm1QcopFIGHPBHxAMNWHcEtxcE.roa
Signing time:             Fri 02 Jan 2026 02:19:10 +0000
ROA not before:           Fri 02 Jan 2026 02:19:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214463
IP address blocks:        91.235.235.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 21:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:70:ee:ed:fa:21:1c:3d:01:6f:c6:c5:47:17:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan  2 02:19:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a659b541ca291481873c11f100c3561dc12dc5c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:fa:f8:ff:f1:4b:c1:6d:27:36:7b:f4:f8:92:
                    58:76:76:39:5d:37:ea:22:dc:b2:04:35:01:f0:f9:
                    37:7c:6d:ed:a4:68:d3:92:72:36:a6:2b:c1:06:e3:
                    46:d2:8d:a0:de:73:4a:35:42:f8:af:88:10:31:4d:
                    56:4e:31:7e:66:5f:87:a5:b8:22:a1:4a:e1:77:ee:
                    4f:f4:fa:a0:f3:f2:ff:61:3c:d6:06:e7:a9:4f:e9:
                    3b:5d:87:db:21:7b:ae:d4:df:23:d8:d1:e7:7e:26:
                    62:45:ce:fb:29:96:dd:d4:f0:7e:db:9d:80:02:b2:
                    29:46:a8:6c:c5:81:52:e1:6b:ff:f0:58:a1:06:43:
                    6a:be:e9:da:ca:57:4d:41:6d:3d:f0:c8:64:79:14:
                    c9:ac:2c:f5:62:5c:ad:6f:bc:d6:a0:49:8e:36:25:
                    e0:f0:cf:e8:39:97:c4:cc:65:a3:b3:06:9b:d6:55:
                    9e:8d:aa:07:d8:78:ee:b3:db:27:45:ca:45:62:6a:
                    b8:6a:0a:2b:42:20:b6:79:45:87:a1:b8:b0:7a:99:
                    ad:7c:2e:b5:68:bf:7d:0c:60:ac:24:20:2e:88:96:
                    f3:f0:03:ea:35:5f:7b:83:df:73:7d:ae:70:31:24:
                    45:54:77:05:22:ce:11:3a:16:1a:1c:6e:35:75:b9:
                    42:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:59:B5:41:CA:29:14:81:87:3C:11:F1:00:C3:56:1D:C1:2D:C5:C1
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/plm1QcopFIGHPBHxAMNWHcEtxcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:b4:0d:32:dc:34:56:c1:e3:08:73:3e:93:39:01:7a:c5:b8:
         99:43:a6:96:76:55:70:8c:d8:c6:cc:80:13:7d:ea:02:ee:d1:
         10:f8:85:1c:da:cf:91:45:d9:ec:d9:aa:e8:61:81:bc:9a:1f:
         0d:06:fe:5d:5d:96:06:4d:7c:42:04:4b:93:29:f2:6b:6e:79:
         ce:59:57:50:53:51:d8:3b:90:b5:e1:b8:ba:83:72:78:5f:fd:
         78:f0:ab:d0:d1:64:15:a1:10:a9:ec:35:f0:6a:da:dc:25:16:
         0c:40:0c:a7:ff:43:0c:fc:16:19:ca:43:b5:12:78:b9:5d:1a:
         65:6c:2d:c6:73:77:52:e7:58:f9:c8:24:d8:3f:0d:7f:c9:ae:
         0c:4c:60:ee:d8:f8:38:de:94:3b:a2:03:01:af:38:8c:9a:b8:
         8e:d2:d5:7a:aa:c8:78:f4:1b:a6:88:32:5b:b0:57:69:a3:5c:
         e9:09:e2:73:1f:de:c4:2e:05:b2:cc:35:17:15:fc:a9:d2:9e:
         3c:20:4c:18:84:5e:f2:f2:6e:48:ed:b5:13:e4:1c:9f:f8:1d:
         de:8a:95:b4:85:c4:7b:34:9b:c4:30:53:d3:34:a8:b6:e3:52:
         b5:da:bb:55:b2:fc:cc:60:bf:30:b0:31:64:b9:f3:64:b6:8a:
         3d:f6:6e:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gHDu7fohHD0Bb8bFRxeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwMTAyMDIxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjU5YjU0MWNhMjkxNDgxODczYzExZjEwMGMzNTYxZGMxMmRjNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+vr4//FLwW0nNnv0+JJYdnY5XTfq
ItyyBDUB8Pk3fG3tpGjTknI2pivBBuNG0o2g3nNKNUL4r4gQMU1WTjF+Zl+Hpbgi
oUrhd+5P9Pqg8/L/YTzWBuepT+k7XYfbIXuu1N8j2NHnfiZiRc77KZbd1PB+252A
ArIpRqhsxYFS4Wv/8FihBkNqvunayldNQW098MhkeRTJrCz1Ylytb7zWoEmONiXg
8M/oOZfEzGWjswab1lWejaoH2Hjus9snRcpFYmq4agorQiC2eUWHobiwepmtfC61
aL99DGCsJCAuiJbz8APqNV97g99zfa5wMSRFVHcFIs4ROhYaHG41dblCNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZZtUHKKRSBhzwR8QDDVh3BLcXBMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvcGxtMVFjb3BGSUdIUEJIeEFNTldIY0V0eGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+vrMA0G
CSqGSIb3DQEBCwUAA4IBAQCitA0y3DRWweMIcz6TOQF6xbiZQ6aWdlVwjNjGzIAT
feoC7tEQ+IUc2s+RRdns2aroYYG8mh8NBv5dXZYGTXxCBEuTKfJrbnnOWVdQU1HY
O5C14bi6g3J4X/148KvQ0WQVoRCp7DXwatrcJRYMQAyn/0MM/BYZykO1Eni5XRpl
bC3Gc3dS51j5yCTYPw1/ya4MTGDu2Pg43pQ7ogMBrziMmriO0tV6qsh49BumiDJb
sFdpo1zpCeJzH97ELgWyzDUXFfyp0p48IEwYhF7y8m5I7bUT5Byf+B3eipW0hcR7
NJvEMFPTNKi241K12rtVsvzMYL8wsDFkufNktoo99m53
-----END CERTIFICATE-----