This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/de6ErolZQIyqyskxIJ9qsMNkKNo.roa
File:                     de6ErolZQIyqyskxIJ9qsMNkKNo.roa (raw, json)
Hash identifier:          jruSnROhXq+S2qj6HU2rC2fPnP4UTAP+/5sPjL7DukM=
Subject key identifier:   75:EE:84:AE:89:59:40:8C:AA:CA:C9:31:20:9F:6A:B0:C3:64:28:DA
Certificate issuer:       /CN=d55e5611788142b315428ae51f67cbbacf80b7e8
Certificate serial:       019B7F83713A923BB803F47B122DC60CE9B8
Authority key identifier: D5:5E:56:11:78:81:42:B3:15:42:8A:E5:1F:67:CB:BA:CF:80:B7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1V5WEXiBQrMVQorlH2fLus-At-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/de6ErolZQIyqyskxIJ9qsMNkKNo.roa
Signing time:             Fri 02 Jan 2026 16:21:19 +0000
ROA not before:           Fri 02 Jan 2026 16:21:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     43673
IP address blocks:        91.198.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/1V5WEXiBQrMVQorlH2fLus-At-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/1V5WEXiBQrMVQorlH2fLus-At-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1V5WEXiBQrMVQorlH2fLus-At-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:83:71:3a:92:3b:b8:03:f4:7b:12:2d:c6:0c:e9:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d55e5611788142b315428ae51f67cbbacf80b7e8
        Validity
            Not Before: Jan  2 16:21:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=75ee84ae8959408caacac931209f6ab0c36428da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ac:b1:96:7e:30:8a:bb:0e:64:96:cb:11:a0:
                    4c:52:6e:1d:94:2f:6e:12:41:aa:ba:12:e4:cb:ac:
                    f3:f3:cc:e6:3d:00:f7:fc:da:5f:b8:eb:ef:4a:77:
                    58:59:f8:d6:cf:98:cc:d1:ab:42:77:78:df:2b:37:
                    38:88:09:61:d7:62:91:43:bd:81:6e:98:55:3a:35:
                    3e:34:e1:2b:a4:0d:b5:54:a2:f4:c8:51:05:b7:67:
                    d5:5f:2a:40:60:4f:2f:23:f9:dc:bb:5c:2d:69:b3:
                    eb:a3:f5:b9:11:b0:5f:dd:d8:d0:af:0c:3d:9f:57:
                    f9:be:d0:4d:95:e9:dd:45:54:aa:ab:a2:1c:92:8c:
                    9e:8c:4d:57:a4:8f:6a:71:40:e5:bd:24:69:48:ca:
                    a6:9c:26:32:83:83:c8:c1:2a:46:9d:20:51:63:f5:
                    6d:a4:9b:3f:b5:de:bb:6c:5b:5a:45:78:2a:1d:2c:
                    70:fb:12:0b:ff:7b:ca:ed:21:ec:7d:5f:c3:7a:bd:
                    36:58:7b:6c:ae:39:4a:ef:09:b0:5d:87:11:52:71:
                    f0:fb:3f:66:65:85:6e:8f:a4:d1:b2:39:76:28:83:
                    e4:d5:c3:d3:5d:9c:de:45:72:7d:41:82:bf:97:e8:
                    9b:67:9f:81:71:cc:8f:ce:da:96:94:d7:20:63:4e:
                    3c:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:EE:84:AE:89:59:40:8C:AA:CA:C9:31:20:9F:6A:B0:C3:64:28:DA
            X509v3 Authority Key Identifier:
                keyid:D5:5E:56:11:78:81:42:B3:15:42:8A:E5:1F:67:CB:BA:CF:80:B7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1V5WEXiBQrMVQorlH2fLus-At-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/de6ErolZQIyqyskxIJ9qsMNkKNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/23dfb2-749d-471d-b114-83c7db7596fe/1/1V5WEXiBQrMVQorlH2fLus-At-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:60:75:5c:9a:da:30:40:9b:52:9d:51:28:85:33:af:a5:10:
         44:16:e2:5e:cf:24:5b:99:13:89:d2:1a:4c:d9:f1:cf:2b:fc:
         95:be:66:14:88:6e:dc:7a:83:bf:9a:ff:7c:e2:24:e6:1b:0c:
         8e:5c:19:a0:9d:d3:d4:0e:15:7d:9e:6f:66:16:5b:fb:fc:3e:
         33:e2:e6:55:e2:11:0c:96:b4:92:05:80:7f:e5:e7:7f:9f:4c:
         69:2c:50:44:e6:3b:ea:24:56:0d:d3:31:83:c6:2e:16:03:3d:
         02:5e:96:fc:9a:8b:ef:67:9b:34:b7:79:48:2e:d5:e4:4b:48:
         be:8b:d5:e0:64:eb:85:68:ae:98:ef:48:15:b4:b2:2d:9a:d3:
         04:46:03:4a:50:81:ca:b5:72:87:37:09:e1:c2:9c:f0:3b:85:
         1e:2f:3e:65:70:10:77:8a:73:76:1c:6c:0a:26:dd:b6:1d:82:
         4c:6c:f6:6b:6a:58:00:ba:29:b5:e6:03:fd:9e:69:98:9f:52:
         dc:70:fc:b8:cd:e7:a9:e1:7d:af:18:c9:6d:6a:43:02:30:75:
         ab:75:51:83:eb:e6:ee:7a:42:66:55:89:21:15:cd:70:24:b7:
         9d:6a:88:d6:30:a6:83:23:6c:74:dd:15:35:60:51:86:d6:7d:
         fa:89:54:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/g3E6kju4A/R7Ei3GDOm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NWU1NjExNzg4MTQyYjMxNTQyOGFlNTFmNjdjYmJhY2Y4
MGI3ZTgwHhcNMjYwMTAyMTYyMTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWVlODRhZTg5NTk0MDhjYWFjYWM5MzEyMDlmNmFiMGMzNjQyOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqyxln4wirsOZJbLEaBMUm4dlC9u
EkGquhLky6zz88zmPQD3/NpfuOvvSndYWfjWz5jM0atCd3jfKzc4iAlh12KRQ72B
bphVOjU+NOErpA21VKL0yFEFt2fVXypAYE8vI/ncu1wtabPro/W5EbBf3djQrww9
n1f5vtBNlendRVSqq6IckoyejE1XpI9qcUDlvSRpSMqmnCYyg4PIwSpGnSBRY/Vt
pJs/td67bFtaRXgqHSxw+xIL/3vK7SHsfV/Der02WHtsrjlK7wmwXYcRUnHw+z9m
ZYVuj6TRsjl2KIPk1cPTXZzeRXJ9QYK/l+ibZ5+BccyPztqWlNcgY048PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXuhK6JWUCMqsrJMSCfarDDZCjaMB8GA1UdIwQY
MBaAFNVeVhF4gUKzFUKK5R9ny7rPgLfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVY1V0VYaUJRck1WUW9ybEgyZkx1cy1BdC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yM2RmYjItNzQ5ZC00NzFkLWIxMTQt
ODNjN2RiNzU5NmZlLzEvZGU2RXJvbFpRSXlxeXNreElKOXFzTU5rS05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yM2RmYjItNzQ5ZC00NzFkLWIxMTQtODNjN2RiNzU5NmZl
LzEvMVY1V0VYaUJRck1WUW9ybEgyZkx1cy1BdC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZiMA0G
CSqGSIb3DQEBCwUAA4IBAQAnYHVcmtowQJtSnVEohTOvpRBEFuJezyRbmROJ0hpM
2fHPK/yVvmYUiG7ceoO/mv984iTmGwyOXBmgndPUDhV9nm9mFlv7/D4z4uZV4hEM
lrSSBYB/5ed/n0xpLFBE5jvqJFYN0zGDxi4WAz0CXpb8movvZ5s0t3lILtXkS0i+
i9XgZOuFaK6Y70gVtLItmtMERgNKUIHKtXKHNwnhwpzwO4UeLz5lcBB3inN2HGwK
Jt22HYJMbPZralgAuim15gP9nmmYn1LccPy4zeep4X2vGMltakMCMHWrdVGD6+bu
ekJmVYkhFc1wJLedaojWMKaDI2x03RU1YFGG1n36iVQ+
-----END CERTIFICATE-----
Generated at Mon Jan 26 04:41:52 2026 by rpki-client