This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/gNOVMDvtvsuQYQ-kPKrR7O_nyMk.roa
File:                     gNOVMDvtvsuQYQ-kPKrR7O_nyMk.roa (raw, json)
Hash identifier:          wGDnNcGTA78hmdHu6y6oulR3cEsAnWv+5REEurYIAmQ=
Subject key identifier:   80:D3:95:30:3B:ED:BE:CB:90:61:0F:A4:3C:AA:D1:EC:EF:E7:C8:C9
Certificate issuer:       /CN=e6015f1e2004359cae7656b968adb2a54a434f1e
Certificate serial:       019B77C6CEA6C41AF3A75B20CDA924B15998
Authority key identifier: E6:01:5F:1E:20:04:35:9C:AE:76:56:B9:68:AD:B2:A5:4A:43:4F:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5gFfHiAENZyudla5aK2ypUpDTx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/gNOVMDvtvsuQYQ-kPKrR7O_nyMk.roa
Signing time:             Thu 01 Jan 2026 04:17:56 +0000
ROA not before:           Thu 01 Jan 2026 04:17:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     47866
IP address blocks:        193.134.212.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/5gFfHiAENZyudla5aK2ypUpDTx4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/5gFfHiAENZyudla5aK2ypUpDTx4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5gFfHiAENZyudla5aK2ypUpDTx4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:ce:a6:c4:1a:f3:a7:5b:20:cd:a9:24:b1:59:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6015f1e2004359cae7656b968adb2a54a434f1e
        Validity
            Not Before: Jan  1 04:17:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=80d395303bedbecb90610fa43caad1ecefe7c8c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:74:fa:0c:97:2f:6e:e8:e1:b6:98:23:6a:3e:
                    93:61:c3:c2:1c:d0:85:2f:7e:48:0a:64:6b:e3:ce:
                    a2:55:36:82:a5:01:e1:9d:58:6b:0d:d4:90:94:60:
                    9c:f4:40:68:57:e0:68:03:6b:cf:0e:8a:7e:4d:ab:
                    49:79:82:ef:f8:e0:a3:84:03:0f:51:c1:1c:df:3c:
                    5e:ae:e4:d0:f5:16:ba:a9:fa:95:2b:39:6a:76:c2:
                    c5:fb:78:56:97:e7:98:5f:f4:e0:47:4e:f0:a0:95:
                    d2:e2:af:1c:c3:71:27:a7:35:55:dc:88:93:b0:99:
                    24:52:68:6f:8a:d0:84:13:a3:19:e3:7e:2b:0e:f9:
                    e6:f5:e0:b8:78:25:da:50:41:6c:d0:9a:12:1a:da:
                    75:30:6f:eb:62:29:b0:47:bf:54:9f:10:e9:2a:ef:
                    bb:7f:4c:6e:5d:ac:ce:18:b3:57:61:8d:91:bc:b0:
                    25:0d:a7:f8:8c:9f:32:7c:71:ae:f1:02:23:5d:7e:
                    c3:0a:de:4f:3a:62:90:e4:74:b7:d5:ac:e6:65:41:
                    28:0c:33:64:16:5c:fb:de:09:1b:95:ec:15:93:f4:
                    9d:5e:72:ef:63:aa:ea:e7:34:f3:2b:36:99:56:f3:
                    4b:87:cc:2e:dd:6a:ce:a8:db:b1:5c:88:b1:ed:a8:
                    3a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D3:95:30:3B:ED:BE:CB:90:61:0F:A4:3C:AA:D1:EC:EF:E7:C8:C9
            X509v3 Authority Key Identifier:
                keyid:E6:01:5F:1E:20:04:35:9C:AE:76:56:B9:68:AD:B2:A5:4A:43:4F:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5gFfHiAENZyudla5aK2ypUpDTx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/gNOVMDvtvsuQYQ-kPKrR7O_nyMk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/508321-2dfa-4253-a3cb-2f926510ffbf/1/5gFfHiAENZyudla5aK2ypUpDTx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.134.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:87:8b:da:a8:0b:bf:d9:a0:79:a1:c4:9a:73:f7:0c:3b:13:
         f5:af:00:09:9c:25:d1:c3:6d:1a:57:36:bb:17:c9:25:9b:da:
         18:56:72:d7:5d:a6:d7:66:7c:bb:7c:b9:0b:a5:e5:f1:84:79:
         3b:cd:22:51:e8:e7:6c:d4:c8:9c:3d:cb:b0:ba:f4:e8:8a:a8:
         2d:96:92:dd:3f:08:00:3c:f7:16:a1:17:5c:aa:a0:ff:58:f6:
         f1:29:cd:6b:25:f9:d2:25:c8:2a:61:d1:4c:9a:29:01:08:31:
         83:21:fb:dd:ec:a5:4b:48:b1:98:17:ad:f5:1a:2e:f0:df:7a:
         24:a8:61:14:30:b0:0d:0f:76:0c:68:18:b2:21:fa:3d:fa:76:
         af:16:73:5d:21:06:ce:e7:5f:e0:c6:92:ff:3a:fc:5a:f6:55:
         5b:69:7f:43:01:6c:9a:b2:e3:72:31:81:0f:b5:e4:36:9b:d3:
         6a:c5:da:18:b3:71:79:c7:ac:04:82:07:49:e1:d4:1e:29:6e:
         f7:0d:08:c6:ef:5e:39:07:3f:11:07:eb:55:65:77:81:7f:85:
         d9:3e:60:a9:51:8d:c7:ed:4a:5d:08:b3:91:01:d8:f1:1a:ed:
         f8:0c:6e:a1:ac:09:74:d1:68:51:02:3b:dd:fe:bb:e4:1c:11:
         1f:f8:b2:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xs6mxBrzp1sgzakksVmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MDE1ZjFlMjAwNDM1OWNhZTc2NTZiOTY4YWRiMmE1NGE0
MzRmMWUwHhcNMjYwMTAxMDQxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQzOTUzMDNiZWRiZWNiOTA2MTBmYTQzY2FhZDFlY2VmZTdjOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXT6DJcvbujhtpgjaj6TYcPCHNCF
L35ICmRr486iVTaCpQHhnVhrDdSQlGCc9EBoV+BoA2vPDop+TatJeYLv+OCjhAMP
UcEc3zxeruTQ9Ra6qfqVKzlqdsLF+3hWl+eYX/TgR07woJXS4q8cw3EnpzVV3IiT
sJkkUmhvitCEE6MZ434rDvnm9eC4eCXaUEFs0JoSGtp1MG/rYimwR79UnxDpKu+7
f0xuXazOGLNXYY2RvLAlDaf4jJ8yfHGu8QIjXX7DCt5POmKQ5HS31azmZUEoDDNk
Flz73gkblewVk/SdXnLvY6rq5zTzKzaZVvNLh8wu3WrOqNuxXIix7ag6bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDTlTA77b7LkGEPpDyq0ezv58jJMB8GA1UdIwQY
MBaAFOYBXx4gBDWcrnZWuWitsqVKQ08eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWdGZkhpQUVOWnl1ZGxhNWFLMnlwVXBEVHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81MDgzMjEtMmRmYS00MjUzLWEzY2It
MmY5MjY1MTBmZmJmLzEvZ05PVk1EdnR2c3VRWVEta1BLclI3T19ueU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81MDgzMjEtMmRmYS00MjUzLWEzY2ItMmY5MjY1MTBmZmJm
LzEvNWdGZkhpQUVOWnl1ZGxhNWFLMnlwVXBEVHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwYbUMA0G
CSqGSIb3DQEBCwUAA4IBAQBkh4vaqAu/2aB5ocSac/cMOxP1rwAJnCXRw20aVza7
F8klm9oYVnLXXabXZny7fLkLpeXxhHk7zSJR6Ods1MicPcuwuvToiqgtlpLdPwgA
PPcWoRdcqqD/WPbxKc1rJfnSJcgqYdFMmikBCDGDIfvd7KVLSLGYF631Gi7w33ok
qGEUMLAND3YMaBiyIfo9+navFnNdIQbO51/gxpL/Ovxa9lVbaX9DAWyasuNyMYEP
teQ2m9NqxdoYs3F5x6wEggdJ4dQeKW73DQjG7145Bz8RB+tVZXeBf4XZPmCpUY3H
7UpdCLORAdjxGu34DG6hrAl00WhRAjvd/rvkHBEf+LJP
-----END CERTIFICATE-----