This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/Vx7x_kcOmv3pHdfN4JeJkZMt0-E.roa
File:                     Vx7x_kcOmv3pHdfN4JeJkZMt0-E.roa (raw, json)
Hash identifier:          H/ghuncbtOSKrShu1dgfSXsTU1/uj8pKrjpq8yu2Ers=
Subject key identifier:   57:1E:F1:FE:47:0E:9A:FD:E9:1D:D7:CD:E0:97:89:91:93:2D:D3:E1
Certificate issuer:       /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial:       019B7EA690774A4B179BFA74B7501F94CC6B
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/Vx7x_kcOmv3pHdfN4JeJkZMt0-E.roa
Signing time:             Fri 02 Jan 2026 12:20:03 +0000
ROA not before:           Fri 02 Jan 2026 12:20:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     834
IP address blocks:        178.236.184.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a6:90:77:4a:4b:17:9b:fa:74:b7:50:1f:94:cc:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
        Validity
            Not Before: Jan  2 12:20:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=571ef1fe470e9afde91dd7cde0978991932dd3e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:40:e7:51:84:f3:81:57:68:3d:32:4a:82:e5:
                    5e:55:e1:8b:2d:87:f7:1b:b0:e4:d2:6a:52:82:4e:
                    04:8b:83:7f:0b:59:ad:fa:7b:8f:37:b3:1f:87:af:
                    4d:7d:2a:cf:64:ad:15:06:94:12:aa:9c:8d:ed:cc:
                    b7:57:5d:f3:0e:c8:37:f0:dd:bb:41:e1:71:0b:f5:
                    21:d5:30:99:d3:72:1c:7c:1c:31:4e:70:12:f6:a6:
                    6b:ba:25:26:3c:55:95:c2:bf:66:d5:be:d4:de:fd:
                    64:8e:45:d2:85:f4:26:14:ac:c7:40:45:65:47:59:
                    a3:4d:75:dc:6d:36:7a:82:17:06:5e:b2:6d:85:54:
                    8b:a3:08:eb:8d:de:c4:16:db:c6:26:e3:3d:eb:9b:
                    88:c3:8c:01:5a:3a:a4:bc:3b:af:4d:54:ee:91:d0:
                    db:9a:b8:e5:88:39:95:62:9d:e6:90:d4:b6:b1:cd:
                    51:54:c8:b2:3b:9b:d9:a9:b5:fd:4c:4a:d1:14:b0:
                    bb:35:4d:c4:d3:7d:6a:63:19:67:fa:9d:2f:7d:54:
                    06:b9:9b:a9:4c:65:80:3a:f3:57:ff:bb:25:58:0e:
                    54:db:1c:cf:e0:25:a5:5e:89:f7:e5:e8:87:65:80:
                    07:a2:af:5e:e1:b5:0b:68:ab:c7:92:10:31:3e:a8:
                    0b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:1E:F1:FE:47:0E:9A:FD:E9:1D:D7:CD:E0:97:89:91:93:2D:D3:E1
            X509v3 Authority Key Identifier:
                keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/Vx7x_kcOmv3pHdfN4JeJkZMt0-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:e1:8b:4d:62:e5:c3:a9:bf:5f:7a:f2:ac:05:80:29:f2:70:
         df:2f:59:08:ff:71:07:d3:05:25:0a:22:c9:8f:34:00:17:27:
         65:92:af:c6:75:d4:32:41:c3:4d:c6:82:9f:2a:40:17:c0:f5:
         02:b8:c4:6c:fc:18:a1:db:91:70:ee:11:4d:33:3e:ed:7b:ff:
         e8:4c:24:46:17:a0:86:c7:67:29:b0:60:a0:42:7f:44:41:e7:
         e8:72:64:58:bf:1e:0b:c9:7c:08:ca:8f:ac:52:ba:c0:51:b9:
         bf:59:76:c2:e8:27:c2:58:50:19:2c:03:2d:0e:73:4c:c2:07:
         ca:fe:b8:9f:92:b0:60:92:5b:63:19:bb:67:0d:e1:24:b9:4a:
         cc:22:be:e7:8d:50:ae:e3:3a:23:17:ce:63:17:8b:c7:37:98:
         29:bd:63:8c:42:7b:39:7d:70:cc:8d:8b:26:ed:7f:ae:80:a0:
         63:cd:bd:40:0b:20:9b:9f:e6:8a:8f:70:f6:e0:83:fa:67:84:
         74:a9:21:de:4b:63:e7:99:79:d4:1a:d0:54:46:a7:c3:c9:78:
         09:82:82:d4:cc:08:d3:f4:ec:85:ed:2d:62:d7:7c:93:7c:c7:
         14:f9:03:ab:a6:42:13:11:9b:16:32:0e:f1:66:3e:20:b8:f9:
         f7:4e:04:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+ppB3SksXm/p0t1AflMxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjYwMTAyMTIyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzFlZjFmZTQ3MGU5YWZkZTkxZGQ3Y2RlMDk3ODk5MTkzMmRkM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0DnUYTzgVdoPTJKguVeVeGLLYf3
G7Dk0mpSgk4Ei4N/C1mt+nuPN7Mfh69NfSrPZK0VBpQSqpyN7cy3V13zDsg38N27
QeFxC/Uh1TCZ03IcfBwxTnAS9qZruiUmPFWVwr9m1b7U3v1kjkXShfQmFKzHQEVl
R1mjTXXcbTZ6ghcGXrJthVSLowjrjd7EFtvGJuM965uIw4wBWjqkvDuvTVTukdDb
mrjliDmVYp3mkNS2sc1RVMiyO5vZqbX9TErRFLC7NU3E031qYxln+p0vfVQGuZup
TGWAOvNX/7slWA5U2xzP4CWlXon35eiHZYAHoq9e4bULaKvHkhAxPqgLZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFce8f5HDpr96R3XzeCXiZGTLdPhMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvVng3eF9rY09tdjNwSGRmTjRKZUprWk10MC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsuy4MA0G
CSqGSIb3DQEBCwUAA4IBAQAH4YtNYuXDqb9fevKsBYAp8nDfL1kI/3EH0wUlCiLJ
jzQAFydlkq/GddQyQcNNxoKfKkAXwPUCuMRs/Bih25Fw7hFNMz7te//oTCRGF6CG
x2cpsGCgQn9EQefocmRYvx4LyXwIyo+sUrrAUbm/WXbC6CfCWFAZLAMtDnNMwgfK
/rifkrBgkltjGbtnDeEkuUrMIr7njVCu4zojF85jF4vHN5gpvWOMQns5fXDMjYsm
7X+ugKBjzb1ACyCbn+aKj3D24IP6Z4R0qSHeS2PnmXnUGtBURqfDyXgJgoLUzAjT
9OyF7S1i13yTfMcU+QOrpkITEZsWMg7xZj4guPn3TgRE
-----END CERTIFICATE-----