This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/29kno-GdVdFxJZe5qS_dwKu1FRg.roa
File:                     29kno-GdVdFxJZe5qS_dwKu1FRg.roa (raw, json)
Hash identifier:          9qVzNajFo49jpwh5AhihOHcIhvnu7LZUQmtibMve5z8=
Subject key identifier:   DB:D9:27:A3:E1:9D:55:D1:71:25:97:B9:A9:2F:DD:C0:AB:B5:15:18
Certificate issuer:       /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial:       019B79100B198065090703C690AEFEF93EE9
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/29kno-GdVdFxJZe5qS_dwKu1FRg.roa
Signing time:             Thu 01 Jan 2026 10:17:33 +0000
ROA not before:           Thu 01 Jan 2026 10:17:33 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213776
IP address blocks:        92.119.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:0b:19:80:65:09:07:03:c6:90:ae:fe:f9:3e:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
        Validity
            Not Before: Jan  1 10:17:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=dbd927a3e19d55d1712597b9a92fddc0abb51518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3d:a5:23:15:0e:5c:8a:87:92:9b:17:32:8f:
                    89:73:ee:4a:51:ec:d1:df:fa:e4:2f:9d:c7:0d:b4:
                    7f:77:81:10:b4:98:b4:98:80:c0:ef:35:eb:f1:a8:
                    3d:e6:4e:5e:84:70:3a:cd:47:87:63:aa:a1:6b:bf:
                    c6:81:c0:86:9c:90:f7:09:71:81:55:7b:41:6b:b6:
                    e2:91:d2:96:69:32:5e:2c:f8:b6:e7:f3:4f:72:6b:
                    d5:a7:1e:b8:16:4a:88:90:aa:e6:9b:83:a2:94:bd:
                    b1:15:fe:30:3c:7e:33:2b:00:09:62:2e:dd:81:f9:
                    b0:6e:cd:53:ce:5c:ec:77:14:ad:c9:5d:2e:04:c9:
                    de:d7:58:03:54:6a:b6:f2:b2:df:f8:c0:f3:74:5c:
                    9d:83:75:ad:18:98:0c:ed:88:36:4b:7b:58:52:b7:
                    5d:6e:1d:91:2b:37:d9:97:67:c4:71:33:f6:41:a1:
                    a2:80:b3:be:8e:f7:db:58:70:77:7f:b3:e8:85:0b:
                    19:37:6a:f2:f6:70:c9:94:90:a6:96:1a:40:08:1f:
                    e4:a0:79:37:95:3f:23:00:fa:94:eb:bc:d6:d2:60:
                    3c:2a:f8:f7:6a:62:d6:0c:f6:d7:40:4c:55:cf:db:
                    63:7a:30:08:46:85:3b:a4:ed:dc:19:95:e1:96:e8:
                    1a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:D9:27:A3:E1:9D:55:D1:71:25:97:B9:A9:2F:DD:C0:AB:B5:15:18
            X509v3 Authority Key Identifier:
                keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/29kno-GdVdFxJZe5qS_dwKu1FRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:fe:ab:98:2e:3b:45:ee:60:4c:ec:13:f9:0a:f1:a1:c7:18:
         81:0a:08:61:25:b1:19:cc:95:81:14:d4:09:d4:8e:3d:f1:60:
         b2:5d:bb:ea:dd:73:7e:e7:52:88:0f:81:eb:54:0a:45:e2:37:
         9d:5a:18:e5:40:39:66:8d:7e:e5:38:e5:c7:06:d7:c6:3a:ea:
         a0:2f:c1:36:d0:89:c7:29:6f:f1:08:9e:25:f0:f4:20:18:15:
         8e:ea:11:4d:2a:44:be:44:11:b3:b7:2f:28:e3:02:f0:86:50:
         62:ab:a3:ad:ca:8d:b1:79:10:81:3a:a9:dc:b4:65:3b:7a:49:
         43:db:c3:41:24:e5:30:c3:d4:45:92:55:b9:7e:08:ac:0f:c3:
         b8:10:b8:7b:f2:b1:65:61:c5:45:e5:a0:b8:79:ce:09:25:5d:
         6d:a9:6c:32:6c:3b:f9:ec:e6:fb:13:7a:96:71:f4:55:ea:a0:
         86:2b:01:5a:e2:7d:16:c2:fa:9c:45:42:43:d3:b0:8d:df:f2:
         a2:6b:2f:88:60:dd:a2:c1:f5:50:45:ec:44:78:73:35:07:30:
         38:e1:c1:c1:55:ce:5f:85:9d:08:bd:d9:a6:53:3e:17:8f:3d:
         d1:04:87:71:a8:3e:9c:b9:f4:cf:ba:6f:5b:c6:4f:00:4c:7d:
         61:2b:d5:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EAsZgGUJBwPGkK7++T7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjYwMTAxMTAxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQ5MjdhM2UxOWQ1NWQxNzEyNTk3YjlhOTJmZGRjMGFiYjUxNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT2lIxUOXIqHkpsXMo+Jc+5KUezR
3/rkL53HDbR/d4EQtJi0mIDA7zXr8ag95k5ehHA6zUeHY6qha7/GgcCGnJD3CXGB
VXtBa7bikdKWaTJeLPi25/NPcmvVpx64FkqIkKrmm4OilL2xFf4wPH4zKwAJYi7d
gfmwbs1TzlzsdxStyV0uBMne11gDVGq28rLf+MDzdFydg3WtGJgM7Yg2S3tYUrdd
bh2RKzfZl2fEcTP2QaGigLO+jvfbWHB3f7PohQsZN2ry9nDJlJCmlhpACB/koHk3
lT8jAPqU67zW0mA8Kvj3amLWDPbXQExVz9tjejAIRoU7pO3cGZXhlugauQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvZJ6PhnVXRcSWXuakv3cCrtRUYMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvMjlrbm8tR2RWZEZ4SlplNXFTX2R3S3UxRlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHe5MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ/quYLjtF7mBM7BP5CvGhxxiBCghhJbEZzJWBFNQJ
1I498WCyXbvq3XN+51KID4HrVApF4jedWhjlQDlmjX7lOOXHBtfGOuqgL8E20InH
KW/xCJ4l8PQgGBWO6hFNKkS+RBGzty8o4wLwhlBiq6Otyo2xeRCBOqnctGU7eklD
28NBJOUww9RFklW5fgisD8O4ELh78rFlYcVF5aC4ec4JJV1tqWwybDv57Ob7E3qW
cfRV6qCGKwFa4n0WwvqcRUJD07CN3/Kiay+IYN2iwfVQRexEeHM1BzA44cHBVc5f
hZ0IvdmmUz4Xjz3RBIdxqD6cufTPum9bxk8ATH1hK9Uz
-----END CERTIFICATE-----