This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/s2oUDikarF4p5RcVnQBbs8zbW58.roa
File:                     s2oUDikarF4p5RcVnQBbs8zbW58.roa (raw, json)
Hash identifier:          8QtOVw2pgyTfdU38vBG8N/ErULSzXVOyB/Uh34rHkzM=
Subject key identifier:   B3:6A:14:0E:29:1A:AC:5E:29:E5:17:15:9D:00:5B:B3:CC:DB:5B:9F
Certificate issuer:       /CN=e964776cec62ef13a82a2165e6f8d47890d7734d
Certificate serial:       019B78A2F4C353D9EC9217F6EDBEAB75DC05
Authority key identifier: E9:64:77:6C:EC:62:EF:13:A8:2A:21:65:E6:F8:D4:78:90:D7:73:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6WR3bOxi7xOoKiFl5vjUeJDXc00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/s2oUDikarF4p5RcVnQBbs8zbW58.roa
Signing time:             Thu 01 Jan 2026 08:18:23 +0000
ROA not before:           Thu 01 Jan 2026 08:18:23 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     209242
IP address blocks:        195.26.229.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/6WR3bOxi7xOoKiFl5vjUeJDXc00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/6WR3bOxi7xOoKiFl5vjUeJDXc00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6WR3bOxi7xOoKiFl5vjUeJDXc00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:f4:c3:53:d9:ec:92:17:f6:ed:be:ab:75:dc:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e964776cec62ef13a82a2165e6f8d47890d7734d
        Validity
            Not Before: Jan  1 08:18:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b36a140e291aac5e29e517159d005bb3ccdb5b9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:66:4a:b8:dd:f1:3c:f8:9b:65:87:be:b2:91:
                    6e:09:36:06:94:5b:44:f0:f4:40:c3:8c:ba:14:5f:
                    3c:0a:23:9a:4c:89:9e:b0:24:f7:48:70:3a:56:cb:
                    0a:01:f2:c6:93:2b:06:42:be:1b:86:db:d6:c8:4f:
                    db:e5:38:72:c0:f0:95:4f:ce:9b:79:de:2f:88:07:
                    94:4a:2a:72:7a:cb:e4:cc:3e:32:0b:c7:c7:26:49:
                    bd:bd:08:45:6a:eb:b6:42:81:85:5a:b6:73:04:ee:
                    ae:88:d3:1a:27:04:1d:53:71:be:68:df:43:4a:31:
                    99:3d:04:39:03:b6:07:1b:04:45:2e:88:88:f7:e7:
                    13:b2:18:73:ad:a7:3b:8a:b6:b1:8f:64:59:80:25:
                    14:1a:d5:d8:73:ec:4b:ff:7f:eb:37:d3:3b:e6:17:
                    e6:19:e6:7a:4b:98:e7:5e:d9:53:d5:57:7f:f2:df:
                    67:2c:d2:0e:4d:bb:18:92:f9:c8:2a:bb:05:b9:42:
                    74:07:27:24:12:44:a0:f0:e0:02:cd:54:11:da:d7:
                    87:ec:3d:9c:9e:b3:96:6d:c5:62:5d:96:5a:ae:3b:
                    5b:21:08:bc:02:a6:a0:f9:1e:95:00:a2:73:7d:15:
                    0a:f6:52:91:be:8b:bb:d1:e7:83:77:73:f3:30:36:
                    06:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:6A:14:0E:29:1A:AC:5E:29:E5:17:15:9D:00:5B:B3:CC:DB:5B:9F
            X509v3 Authority Key Identifier:
                keyid:E9:64:77:6C:EC:62:EF:13:A8:2A:21:65:E6:F8:D4:78:90:D7:73:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6WR3bOxi7xOoKiFl5vjUeJDXc00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/s2oUDikarF4p5RcVnQBbs8zbW58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7dc313-42bc-4677-8e91-11a9e9922537/1/6WR3bOxi7xOoKiFl5vjUeJDXc00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.26.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:39:4e:68:96:27:d1:26:72:ed:ba:19:e3:86:9c:64:45:e3:
         fa:91:3d:05:ec:3e:9a:50:b9:02:3c:8a:f9:6b:25:4b:1a:be:
         61:b1:69:b6:c4:30:0e:a4:77:9c:1c:24:7b:cb:b8:a8:6c:9f:
         f4:e4:9c:c2:a5:9b:8a:22:b8:a7:3f:cb:17:e8:ca:2c:9b:bf:
         04:c9:84:bc:0b:2e:9f:b5:ab:64:16:b2:f3:b6:24:1d:a3:e1:
         7b:5f:d6:8f:2b:5a:37:b1:8d:e6:33:0c:34:41:84:e9:fe:cb:
         a2:19:d6:f0:95:67:13:10:82:69:18:05:ab:09:1d:3c:12:11:
         a5:68:12:d2:d7:44:47:1c:b3:4a:5a:bb:02:e0:37:c5:f6:ac:
         e4:69:e1:6f:51:9b:13:a8:25:00:58:fd:32:5a:5c:43:12:92:
         4b:c3:c9:91:ed:68:1d:ca:d2:c1:46:e6:9d:bf:d7:43:00:da:
         54:c9:4c:90:d0:e7:f8:46:b3:09:ab:59:d3:c6:f7:bf:50:e8:
         1f:4f:92:83:fb:1d:01:42:19:2f:d1:2b:1f:29:61:a9:fa:ac:
         c6:90:2c:fa:2b:21:21:01:81:5c:df:e5:91:e4:31:34:f1:18:
         89:83:eb:12:f7:7b:a4:8e:63:ba:40:81:ee:12:9b:57:f9:73:
         19:05:4e:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4ovTDU9nskhf27b6rddwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NjQ3NzZjZWM2MmVmMTNhODJhMjE2NWU2ZjhkNDc4OTBk
NzczNGQwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzZhMTQwZTI5MWFhYzVlMjllNTE3MTU5ZDAwNWJiM2NjZGI1YjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2ZKuN3xPPibZYe+spFuCTYGlFtE
8PRAw4y6FF88CiOaTImesCT3SHA6VssKAfLGkysGQr4bhtvWyE/b5ThywPCVT86b
ed4viAeUSipyesvkzD4yC8fHJkm9vQhFauu2QoGFWrZzBO6uiNMaJwQdU3G+aN9D
SjGZPQQ5A7YHGwRFLoiI9+cTshhzrac7iraxj2RZgCUUGtXYc+xL/3/rN9M75hfm
GeZ6S5jnXtlT1Vd/8t9nLNIOTbsYkvnIKrsFuUJ0ByckEkSg8OACzVQR2teH7D2c
nrOWbcViXZZarjtbIQi8Aqag+R6VAKJzfRUK9lKRvou70eeDd3PzMDYG9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNqFA4pGqxeKeUXFZ0AW7PM21ufMB8GA1UdIwQY
MBaAFOlkd2zsYu8TqCohZeb41HiQ13NNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNldSM2JPeGk3eE9vS2lGbDV2alVlSkRYYzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83ZGMzMTMtNDJiYy00Njc3LThlOTEt
MTFhOWU5OTIyNTM3LzEvczJvVURpa2FyRjRwNVJjVm5RQmJzOHpiVzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83ZGMzMTMtNDJiYy00Njc3LThlOTEtMTFhOWU5OTIyNTM3
LzEvNldSM2JPeGk3eE9vS2lGbDV2alVlSkRYYzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxrlMA0G
CSqGSIb3DQEBCwUAA4IBAQB6OU5olifRJnLtuhnjhpxkReP6kT0F7D6aULkCPIr5
ayVLGr5hsWm2xDAOpHecHCR7y7iobJ/05JzCpZuKIrinP8sX6Mosm78EyYS8Cy6f
tatkFrLztiQdo+F7X9aPK1o3sY3mMww0QYTp/suiGdbwlWcTEIJpGAWrCR08EhGl
aBLS10RHHLNKWrsC4DfF9qzkaeFvUZsTqCUAWP0yWlxDEpJLw8mR7WgdytLBRuad
v9dDANpUyUyQ0Of4RrMJq1nTxve/UOgfT5KD+x0BQhkv0SsfKWGp+qzGkCz6KyEh
AYFc3+WR5DE08RiJg+sS93ukjmO6QIHuEptX+XMZBU5K
-----END CERTIFICATE-----