This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/boj2I10q-Vtxm1mDxVZdZ8e5Bl8.roa
File:                     boj2I10q-Vtxm1mDxVZdZ8e5Bl8.roa (raw, json)
Hash identifier:          DUZK7UDn7wM47XNLA1A7zjQp12qeza+x17ykgXtiqyU=
Subject key identifier:   6E:88:F6:23:5D:2A:F9:5B:71:9B:59:83:C5:56:5D:67:C7:B9:06:5F
Certificate issuer:       /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial:       019BDADD1983B69FC6E0AD7682A161F1A12D
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/boj2I10q-Vtxm1mDxVZdZ8e5Bl8.roa
Signing time:             Tue 20 Jan 2026 10:04:41 +0000
ROA not before:           Tue 20 Jan 2026 10:04:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     35600
IP address blocks:        95.143.96.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:da:dd:19:83:b6:9f:c6:e0:ad:76:82:a1:61:f1:a1:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
        Validity
            Not Before: Jan 20 10:04:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6e88f6235d2af95b719b5983c5565d67c7b9065f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:fc:d8:75:fb:14:e4:51:5e:d1:5e:aa:38:32:
                    aa:fc:2d:96:0d:0d:af:33:06:1c:04:1c:29:45:e5:
                    fb:1d:71:79:73:2e:c5:97:1c:86:6a:5a:27:7f:0d:
                    76:36:42:47:55:e2:b7:8d:95:f3:40:6a:d0:b6:e2:
                    76:c0:12:db:d1:32:29:8c:2d:f5:12:77:35:6e:b9:
                    6c:bb:7a:45:14:c8:b3:74:5b:11:c3:6c:9e:d7:6f:
                    64:0b:6a:39:db:9e:35:05:ed:b6:5d:98:d4:64:66:
                    e1:e2:50:92:75:16:d9:c8:58:c3:6a:4b:d6:b7:14:
                    c7:0b:86:fd:e7:92:60:90:dc:32:9b:c9:f6:bc:cb:
                    5d:a8:65:c9:82:e7:c2:37:a1:d7:9f:31:e8:cc:83:
                    bf:0f:f2:9f:c9:fa:44:23:22:44:11:39:e3:3b:7a:
                    7a:b9:2b:18:6a:9f:01:ad:65:a9:45:92:b6:d5:fa:
                    1d:96:4c:b1:4d:a6:c6:fb:75:d0:45:91:7a:e9:2c:
                    00:4a:97:ab:a4:d1:67:72:a5:0d:a4:d5:74:8e:33:
                    80:9c:6b:07:50:6d:f7:53:df:7e:eb:41:ec:9d:b5:
                    e3:37:b1:da:ec:d7:1f:cf:e8:4c:4d:89:df:26:a0:
                    9e:1a:b0:d5:a4:d0:b0:db:ad:81:1f:84:5c:47:60:
                    66:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:88:F6:23:5D:2A:F9:5B:71:9B:59:83:C5:56:5D:67:C7:B9:06:5F
            X509v3 Authority Key Identifier:
                keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/boj2I10q-Vtxm1mDxVZdZ8e5Bl8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.143.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:22:2d:03:f1:d8:df:1e:0d:5d:59:1a:5a:08:6d:0c:22:9a:
         f3:cb:2d:be:12:fd:74:d1:66:a0:62:83:18:36:6c:75:c5:ad:
         36:28:fa:58:fc:44:33:ad:47:be:78:07:9d:b0:b8:90:3b:e1:
         23:9c:ba:ce:3d:e5:2c:9a:62:20:f0:ae:04:81:50:4f:9e:38:
         7b:c4:1f:c2:80:3e:2a:ce:91:15:8a:26:de:e2:85:dd:1b:ce:
         9c:8a:e3:19:d8:2a:75:e3:da:7d:14:f3:40:f1:d5:af:8d:49:
         13:af:db:7d:c2:76:71:65:bf:e2:22:ee:d7:86:ca:d7:6a:67:
         d8:8b:b7:68:f0:53:ab:a9:e6:26:f2:fe:47:d5:99:1d:ee:94:
         80:43:e8:b4:0e:35:55:61:2b:44:6c:8a:a2:29:96:53:7b:60:
         e9:a2:b7:1d:83:fe:52:1b:b8:91:ab:2d:65:9d:69:b8:8e:50:
         85:4a:fe:d7:4f:53:71:c7:d3:cc:8a:32:ad:e5:c9:86:c4:1c:
         04:04:e6:74:1d:00:db:35:50:2b:97:48:9e:41:57:81:df:62:
         de:d8:9a:1d:65:b7:32:d8:c3:10:1f:65:ce:29:cd:95:99:be:
         6d:3b:16:b7:61:38:4d:76:17:a9:f5:9c:15:03:47:4e:4e:9d:
         26:65:8f:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZva3RmDtp/G4K12gqFh8aEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjYwMTIwMTAwNDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg4ZjYyMzVkMmFmOTViNzE5YjU5ODNjNTU2NWQ2N2M3YjkwNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvzYdfsU5FFe0V6qODKq/C2WDQ2v
MwYcBBwpReX7HXF5cy7FlxyGalonfw12NkJHVeK3jZXzQGrQtuJ2wBLb0TIpjC31
Enc1brlsu3pFFMizdFsRw2ye129kC2o52541Be22XZjUZGbh4lCSdRbZyFjDakvW
txTHC4b955JgkNwym8n2vMtdqGXJgufCN6HXnzHozIO/D/KfyfpEIyJEETnjO3p6
uSsYap8BrWWpRZK21fodlkyxTabG+3XQRZF66SwASperpNFncqUNpNV0jjOAnGsH
UG33U99+60HsnbXjN7Ha7Ncfz+hMTYnfJqCeGrDVpNCw262BH4RcR2BmQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6I9iNdKvlbcZtZg8VWXWfHuQZfMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvYm9qMkkxMHEtVnR4bTFtRHhWWmRaOGU1Qmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX49gMA0G
CSqGSIb3DQEBCwUAA4IBAQAZIi0D8djfHg1dWRpaCG0MIprzyy2+Ev100WagYoMY
Nmx1xa02KPpY/EQzrUe+eAedsLiQO+EjnLrOPeUsmmIg8K4EgVBPnjh7xB/CgD4q
zpEViibe4oXdG86ciuMZ2Cp149p9FPNA8dWvjUkTr9t9wnZxZb/iIu7XhsrXamfY
i7do8FOrqeYm8v5H1Zkd7pSAQ+i0DjVVYStEbIqiKZZTe2Dporcdg/5SG7iRqy1l
nWm4jlCFSv7XT1Nxx9PMijKt5cmGxBwEBOZ0HQDbNVArl0ieQVeB32Le2JodZbcy
2MMQH2XOKc2Vmb5tOxa3YThNdhep9ZwVA0dOTp0mZY95
-----END CERTIFICATE-----