This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/oFUqqzfpz-z60arP7-4bJOUjzkg.roa
File:                     oFUqqzfpz-z60arP7-4bJOUjzkg.roa (raw, json)
Hash identifier:          b00DPHttrwifcINliBXvR0GCUX5oyGcXZZvJ8ECcEDE=
Subject key identifier:   A0:55:2A:AB:37:E9:CF:EC:FA:D1:AA:CF:EF:EE:1B:24:E5:23:CE:48
Certificate issuer:       /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial:       019B77588C8757566DD0295B11245D831554
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/oFUqqzfpz-z60arP7-4bJOUjzkg.roa
Signing time:             Thu 01 Jan 2026 02:17:30 +0000
ROA not before:           Thu 01 Jan 2026 02:17:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     39817
IP address blocks:        83.119.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 02:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:58:8c:87:57:56:6d:d0:29:5b:11:24:5d:83:15:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
        Validity
            Not Before: Jan  1 02:17:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a0552aab37e9cfecfad1aacfefee1b24e523ce48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a3:c0:1e:10:d0:e6:10:c7:d3:67:cd:e0:db:
                    c5:ba:19:31:29:57:9d:74:9e:e3:d1:04:9c:15:cb:
                    18:b3:50:f4:c0:fc:48:2a:d5:dc:89:e6:48:e9:93:
                    c8:ea:c3:99:99:fb:8f:ad:88:76:93:5a:dc:63:a2:
                    ce:a4:11:c9:c2:50:8c:66:a6:04:6e:6d:c5:4a:df:
                    20:5c:f4:24:06:7d:3f:e7:99:50:70:f2:5a:05:f6:
                    4a:00:a4:c8:ae:f2:b1:31:14:8a:32:18:54:6b:20:
                    13:e1:56:83:63:c9:43:c4:59:b2:9d:56:21:73:38:
                    30:df:9f:f7:5c:7d:da:97:ea:be:86:0a:75:db:b7:
                    96:eb:0a:60:16:a4:19:45:90:93:f8:9e:d2:dd:86:
                    e8:70:ea:f6:c2:3f:9f:45:a3:91:2e:fc:04:5e:b2:
                    0b:78:fd:3c:3b:eb:3b:d2:17:5e:7d:8d:9d:c7:84:
                    78:50:8d:ba:a1:36:f2:a4:8d:f6:66:33:9a:b7:1c:
                    df:7d:75:44:81:fb:32:82:5d:bd:91:2a:fc:6a:17:
                    d1:04:13:14:fd:cc:2a:0c:92:35:46:94:38:07:dd:
                    20:30:f3:7f:c3:2d:a0:8a:cd:6f:c0:1b:29:71:75:
                    da:5b:97:f4:dc:11:9a:c4:eb:2d:b9:29:aa:2f:84:
                    ef:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:55:2A:AB:37:E9:CF:EC:FA:D1:AA:CF:EF:EE:1B:24:E5:23:CE:48
            X509v3 Authority Key Identifier:
                keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/oFUqqzfpz-z60arP7-4bJOUjzkg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.119.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:79:6a:c0:6d:f7:ce:5a:43:5f:99:19:61:dc:c1:b1:f9:05:
         e7:42:2d:9d:a8:44:62:6e:6b:b3:dc:fb:87:ac:95:5d:36:bb:
         ab:10:a4:41:f6:20:ac:6a:04:7c:2c:1d:f9:76:91:24:04:0b:
         d5:e3:4a:d7:22:52:4b:8a:f4:9f:53:70:57:fd:49:2c:61:7b:
         5f:e9:da:02:8c:1f:7e:fd:3e:1c:e0:9a:be:50:97:2e:1e:2f:
         1f:7d:04:23:8b:9c:98:6b:f7:01:c1:43:ba:31:f1:66:d4:6e:
         2f:81:5c:58:6c:47:b3:d6:96:1c:fe:a0:09:e6:61:4b:aa:6e:
         a8:ad:8c:4b:0b:37:e6:43:ce:e0:68:3b:09:d0:ec:4e:3a:ab:
         8a:ae:40:55:02:66:73:28:4b:5c:80:84:bc:69:0d:ce:22:6b:
         3e:8e:67:42:6f:e7:a8:44:b0:12:8b:0e:5d:1b:4d:22:ed:f3:
         7e:cc:59:0c:14:9b:a3:dd:ba:00:26:aa:1b:05:ef:85:09:d5:
         8e:c2:bd:bb:92:51:e8:fd:34:fe:79:71:06:50:30:26:a9:1e:
         65:6d:e8:0c:c5:f6:35:34:ba:bc:a2:12:17:6d:08:cd:e2:27:
         24:87:9c:94:ec:50:6a:a2:d7:27:c1:0e:43:30:f9:ac:70:00:
         aa:c9:37:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WIyHV1Zt0ClbESRdgxVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTk2Y2VjYzIxZGQwMjY3N2E3MjdlZjM3ZjA2ODk1NDZl
YTUwOTcwHhcNMjYwMTAxMDIxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU1MmFhYjM3ZTljZmVjZmFkMWFhY2ZlZmVlMWIyNGU1MjNjZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26PAHhDQ5hDH02fN4NvFuhkxKVed
dJ7j0QScFcsYs1D0wPxIKtXcieZI6ZPI6sOZmfuPrYh2k1rcY6LOpBHJwlCMZqYE
bm3FSt8gXPQkBn0/55lQcPJaBfZKAKTIrvKxMRSKMhhUayAT4VaDY8lDxFmynVYh
czgw35/3XH3al+q+hgp127eW6wpgFqQZRZCT+J7S3YbocOr2wj+fRaORLvwEXrIL
eP08O+s70hdefY2dx4R4UI26oTbypI32ZjOatxzffXVEgfsygl29kSr8ahfRBBMU
/cwqDJI1RpQ4B90gMPN/wy2gis1vwBspcXXaW5f03BGaxOstuSmqL4TvWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBVKqs36c/s+tGqz+/uGyTlI85IMB8GA1UdIwQY
MBaAFElZbOzCHdAmd6cn7zfwaJVG6lCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUt
ODk3ZDAwOTc3ZmYyLzEvb0ZVcXF6ZnB6LXo2MGFyUDctNGJKT1VqemtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUtODk3ZDAwOTc3ZmYy
LzEvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU3cOMA0G
CSqGSIb3DQEBCwUAA4IBAQCheWrAbffOWkNfmRlh3MGx+QXnQi2dqERibmuz3PuH
rJVdNrurEKRB9iCsagR8LB35dpEkBAvV40rXIlJLivSfU3BX/UksYXtf6doCjB9+
/T4c4Jq+UJcuHi8ffQQji5yYa/cBwUO6MfFm1G4vgVxYbEez1pYc/qAJ5mFLqm6o
rYxLCzfmQ87gaDsJ0OxOOquKrkBVAmZzKEtcgIS8aQ3OIms+jmdCb+eoRLASiw5d
G00i7fN+zFkMFJuj3boAJqobBe+FCdWOwr27klHo/TT+eXEGUDAmqR5lbegMxfY1
NLq8ohIXbQjN4ickh5yU7FBqotcnwQ5DMPmscACqyTfL
-----END CERTIFICATE-----