This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/TjeA0h__0K75m-Lz_8rsQK-1bSA.roa
File:                     TjeA0h__0K75m-Lz_8rsQK-1bSA.roa (raw, json)
Hash identifier:          L2lPrSJTEdmpDG2xtyfaKRlJ8hxi9q1HTQ4jAfyHzCs=
Subject key identifier:   4E:37:80:D2:1F:FF:D0:AE:F9:9B:E2:F3:FF:CA:EC:40:AF:B5:6D:20
Certificate issuer:       /CN=c20e65caddbecd48d2f87787993113842bdfce5d
Certificate serial:       019B78A2FDD573CB36D435FE06B4CAB0BA0F
Authority key identifier: C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/TjeA0h__0K75m-Lz_8rsQK-1bSA.roa
Signing time:             Thu 01 Jan 2026 08:18:26 +0000
ROA not before:           Thu 01 Jan 2026 08:18:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     49227
IP address blocks:        195.88.242.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:fd:d5:73:cb:36:d4:35:fe:06:b4:ca:b0:ba:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c20e65caddbecd48d2f87787993113842bdfce5d
        Validity
            Not Before: Jan  1 08:18:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4e3780d21fffd0aef99be2f3ffcaec40afb56d20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:0d:96:ff:20:d8:60:3b:5e:75:c6:c1:8f:dd:
                    e5:75:57:28:7d:15:ae:dd:e2:19:b7:19:ff:02:51:
                    4e:67:55:e6:38:a5:73:6d:92:6a:2e:0e:03:4f:6c:
                    9d:17:30:85:8e:b2:3b:b7:77:86:c3:16:80:c9:6b:
                    d9:e3:de:b8:60:77:c9:86:d4:7e:a8:08:85:88:4e:
                    0b:c8:82:ad:a3:d1:34:fb:ef:dc:ed:08:4a:97:b1:
                    b5:a9:64:43:81:38:02:77:90:ef:61:6e:e7:c8:44:
                    00:2a:5d:fc:48:8b:b2:de:e7:0f:14:69:92:33:6c:
                    2b:91:4a:27:ad:8b:a8:fb:17:31:fb:91:5c:2d:9c:
                    3d:9b:c3:1c:77:c3:43:86:46:12:22:c9:1f:2e:cf:
                    0e:64:c6:5a:9d:2b:c9:38:32:4a:d4:1c:be:d3:e9:
                    c5:7e:50:82:ef:d8:bc:49:92:a1:85:aa:31:db:7e:
                    fe:db:c3:d0:c1:cf:a6:ba:5f:d5:ad:45:3b:62:6d:
                    7c:20:71:84:ef:57:5e:7e:c6:e0:ed:19:43:35:6d:
                    a1:3e:8f:24:a0:87:1a:50:be:0a:0d:53:d0:ff:60:
                    17:c2:1c:92:53:bc:1a:95:b7:78:74:82:83:2d:e9:
                    72:3d:6b:44:b2:49:76:19:c0:39:55:4c:6e:91:35:
                    7f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:37:80:D2:1F:FF:D0:AE:F9:9B:E2:F3:FF:CA:EC:40:AF:B5:6D:20
            X509v3 Authority Key Identifier:
                keyid:C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/TjeA0h__0K75m-Lz_8rsQK-1bSA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.88.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:42:fb:ca:81:7c:7f:bb:b8:f2:97:c6:22:db:3a:9d:66:38:
         b4:8a:25:c4:51:43:39:d9:3e:51:04:33:b8:70:f4:f5:21:8b:
         ba:49:e2:ae:da:8f:3f:6b:4b:48:ca:c5:5a:83:e9:f8:49:4b:
         3b:e6:b9:ee:9a:cc:d0:a7:68:93:99:5f:ad:50:f4:c0:74:29:
         64:74:c8:ba:5a:fc:dd:38:9d:e3:06:9e:c8:0e:3e:81:86:e0:
         9c:90:7f:ae:75:47:b8:8e:10:a5:63:78:b6:55:12:35:7d:a5:
         fc:8c:ca:0a:db:b2:e7:29:32:e7:f3:02:c5:3d:02:53:30:98:
         f6:e7:12:5e:9a:e0:0e:c9:f8:1f:82:78:10:de:84:ef:ed:f2:
         c0:78:a4:c5:e6:e8:73:90:1f:1c:17:94:ce:32:d6:bb:a5:69:
         18:72:63:02:36:18:21:da:92:71:2d:5b:11:27:30:5d:c6:68:
         74:98:dc:ac:04:5c:e3:48:72:89:63:5f:4f:a2:38:09:2e:bc:
         f5:9b:de:d1:99:a9:9e:f7:23:d6:a9:d7:11:d2:dd:9c:c5:c4:
         5a:77:11:2c:dc:0b:14:e0:43:05:11:91:3b:01:35:76:c7:c0:
         38:af:5f:71:23:79:ed:ae:7f:cb:68:89:d4:5a:cb:83:6b:0d:
         97:82:6e:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4ov3Vc8s21DX+BrTKsLoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMGU2NWNhZGRiZWNkNDhkMmY4Nzc4Nzk5MzExMzg0MmJk
ZmNlNWQwHhcNMjYwMTAxMDgxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM3ODBkMjFmZmZkMGFlZjk5YmUyZjNmZmNhZWM0MGFmYjU2ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8A2W/yDYYDtedcbBj93ldVcofRWu
3eIZtxn/AlFOZ1XmOKVzbZJqLg4DT2ydFzCFjrI7t3eGwxaAyWvZ4964YHfJhtR+
qAiFiE4LyIKto9E0++/c7QhKl7G1qWRDgTgCd5DvYW7nyEQAKl38SIuy3ucPFGmS
M2wrkUonrYuo+xcx+5FcLZw9m8Mcd8NDhkYSIskfLs8OZMZanSvJODJK1By+0+nF
flCC79i8SZKhhaox237+28PQwc+mul/VrUU7Ym18IHGE71defsbg7RlDNW2hPo8k
oIcaUL4KDVPQ/2AXwhySU7walbd4dIKDLelyPWtEskl2GcA5VUxukTV/aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE43gNIf/9Cu+Zvi8//K7ECvtW0gMB8GA1UdIwQY
MBaAFMIOZcrdvs1I0vh3h5kxE4Qr385dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2It
N2VmYWE0YTc0Zjk3LzEvVGplQTBoX18wSzc1bS1Mel84cnNRSy0xYlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2ItN2VmYWE0YTc0Zjk3
LzEvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1jyMA0G
CSqGSIb3DQEBCwUAA4IBAQCuQvvKgXx/u7jyl8Yi2zqdZji0iiXEUUM52T5RBDO4
cPT1IYu6SeKu2o8/a0tIysVag+n4SUs75rnumszQp2iTmV+tUPTAdClkdMi6Wvzd
OJ3jBp7IDj6BhuCckH+udUe4jhClY3i2VRI1faX8jMoK27LnKTLn8wLFPQJTMJj2
5xJemuAOyfgfgngQ3oTv7fLAeKTF5uhzkB8cF5TOMta7pWkYcmMCNhgh2pJxLVsR
JzBdxmh0mNysBFzjSHKJY19PojgJLrz1m97Rmame9yPWqdcR0t2cxcRadxEs3AsU
4EMFEZE7ATV2x8A4r19xI3ntrn/LaInUWsuDaw2Xgm7j
-----END CERTIFICATE-----