This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7_YFdeKSdArQLkxDx2ClmYy0cY.roa
File:                     Q7_YFdeKSdArQLkxDx2ClmYy0cY.roa (raw, json)
Hash identifier:          LEfydHqWRX8gPrZTsU7NIKPYYcova3/4mpP5Kxgmk2A=
Subject key identifier:   43:BF:D8:15:D7:8A:49:D0:2B:40:B9:31:0F:1D:82:96:66:32:D1:C6
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       019BE53F9FF668038A6CC9E91757E3BB6969
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7_YFdeKSdArQLkxDx2ClmYy0cY.roa
Signing time:             Thu 22 Jan 2026 10:28:30 +0000
ROA not before:           Thu 22 Jan 2026 10:28:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204464
IP address blocks:        5.175.223.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:e5:3f:9f:f6:68:03:8a:6c:c9:e9:17:57:e3:bb:69:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Jan 22 10:28:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=43bfd815d78a49d02b40b9310f1d82966632d1c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ae:a9:72:d4:2c:8c:df:7d:ee:69:84:99:10:
                    22:db:fc:28:16:e4:b3:57:00:08:8d:90:67:29:74:
                    1e:67:b6:0b:e5:43:17:42:75:48:08:d3:66:4d:56:
                    27:e8:ab:3e:2b:a0:77:35:79:02:a5:7a:f1:89:ce:
                    f7:6a:2a:6b:1e:94:26:7c:83:a0:f7:52:9a:b2:e8:
                    0e:cd:a6:51:6e:79:ac:d7:cb:d0:5a:27:a5:01:d3:
                    e1:2f:ba:d8:9c:ec:ab:17:ff:cb:b9:ef:5c:cd:84:
                    64:55:f9:1f:1e:2c:76:49:b9:7f:da:15:03:38:99:
                    15:5d:f6:2f:f3:43:ab:a0:1b:6f:f5:9b:fe:da:d0:
                    e2:fd:54:c1:0b:42:b0:b3:d0:ad:42:f0:10:6c:64:
                    a3:e8:0f:8d:a5:8b:43:f9:ec:aa:70:18:ed:3f:4e:
                    00:a8:22:ad:a2:58:7f:87:c4:97:5a:80:54:25:9c:
                    00:62:43:f5:71:22:f3:d4:3e:f0:12:b9:e6:49:e4:
                    43:65:23:ae:a4:ef:e8:a7:e0:8d:f8:e8:a6:32:29:
                    42:3b:50:20:fd:56:da:97:d2:9b:bb:ee:61:88:59:
                    f5:c3:70:ce:07:36:2b:66:5e:00:a5:cb:8e:af:44:
                    ac:62:66:5c:a4:d1:df:c5:31:26:9f:a4:db:7c:bd:
                    a6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:BF:D8:15:D7:8A:49:D0:2B:40:B9:31:0F:1D:82:96:66:32:D1:C6
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7_YFdeKSdArQLkxDx2ClmYy0cY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.175.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:a5:f3:9f:bb:9d:1b:2c:94:31:83:cb:9e:90:05:a5:75:61:
         9f:78:d5:6d:e7:fb:89:83:38:34:16:85:f6:e6:08:ac:c6:97:
         40:d0:9e:dd:d0:32:51:a1:61:d2:5a:47:b3:24:c1:09:ef:03:
         6e:05:55:3b:21:f6:51:07:6e:7b:48:db:e6:a9:3a:47:b1:71:
         f2:ab:55:0c:47:34:f6:b6:e6:59:8d:80:5b:0b:94:77:4b:39:
         a6:3b:c9:59:85:e6:8c:d7:95:53:1f:60:78:21:c7:cc:b8:6d:
         91:bd:06:d7:5c:8a:5f:e4:01:9b:3b:0f:67:0c:70:28:ef:a6:
         97:e4:3e:dc:8c:64:f6:43:76:b8:d4:63:33:40:55:6b:83:36:
         e0:bb:ce:e8:a4:ac:9f:92:b6:b3:8c:6b:ae:56:40:ad:8d:76:
         b9:0c:c2:91:3d:2f:bb:3b:c1:b5:4e:30:d4:ce:13:91:33:4e:
         48:7d:36:c5:67:8d:c7:73:1e:c3:87:b8:08:c9:49:8e:d2:7c:
         90:17:10:fc:08:04:18:02:92:07:48:3b:6f:7d:e8:31:67:19:
         a8:f4:96:0a:4f:66:3e:3d:86:cb:b0:5a:99:aa:4a:35:33:3e:
         2c:6f:4f:08:e3:35:cb:ff:80:34:c7:d1:aa:d8:fa:28:7c:0c:
         78:68:61:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvlP5/2aAOKbMnpF1fju2lpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMTIyMTAyODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JmZDgxNWQ3OGE0OWQwMmI0MGI5MzEwZjFkODI5NjY2MzJkMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa6pctQsjN997mmEmRAi2/woFuSz
VwAIjZBnKXQeZ7YL5UMXQnVICNNmTVYn6Ks+K6B3NXkCpXrxic73aiprHpQmfIOg
91KasugOzaZRbnms18vQWielAdPhL7rYnOyrF//Lue9czYRkVfkfHix2Sbl/2hUD
OJkVXfYv80OroBtv9Zv+2tDi/VTBC0Kws9CtQvAQbGSj6A+NpYtD+eyqcBjtP04A
qCKtolh/h8SXWoBUJZwAYkP1cSLz1D7wErnmSeRDZSOupO/op+CN+OimMilCO1Ag
/Vbal9Kbu+5hiFn1w3DOBzYrZl4ApcuOr0SsYmZcpNHfxTEmn6TbfL2mQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO/2BXXiknQK0C5MQ8dgpZmMtHGMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUTdfWUZkZUtTZEFyUUxreER4MkNsbVl5MGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABa/fMA0G
CSqGSIb3DQEBCwUAA4IBAQBApfOfu50bLJQxg8uekAWldWGfeNVt5/uJgzg0FoX2
5gisxpdA0J7d0DJRoWHSWkezJMEJ7wNuBVU7IfZRB257SNvmqTpHsXHyq1UMRzT2
tuZZjYBbC5R3SzmmO8lZheaM15VTH2B4IcfMuG2RvQbXXIpf5AGbOw9nDHAo76aX
5D7cjGT2Q3a41GMzQFVrgzbgu87opKyfkrazjGuuVkCtjXa5DMKRPS+7O8G1TjDU
zhORM05IfTbFZ43Hcx7Dh7gIyUmO0nyQFxD8CAQYApIHSDtvfegxZxmo9JYKT2Y+
PYbLsFqZqko1Mz4sb08I4zXL/4A0x9Gq2PoofAx4aGFt
-----END CERTIFICATE-----