This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/0KVhdWswKr_djyzc4q9eQ8kRLWI.roa
File:                     0KVhdWswKr_djyzc4q9eQ8kRLWI.roa (raw, json)
Hash identifier:          EU0OR8kpxj0Z2H6F74ajzDLtwUVwT1ciE/qFvGVs0Rw=
Subject key identifier:   D0:A5:61:75:6B:30:2A:BF:DD:8F:2C:DC:E2:AF:5E:43:C9:11:2D:62
Certificate issuer:       /CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
Certificate serial:       019B7910245EAB3E6B5FBB11AACBC0CC726A
Authority key identifier: EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/0KVhdWswKr_djyzc4q9eQ8kRLWI.roa
Signing time:             Thu 01 Jan 2026 10:17:39 +0000
ROA not before:           Thu 01 Jan 2026 10:17:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     54748
IP address blocks:        134.0.71.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/67CL6AASZRHP-NJWmdmsE27Q7Iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/67CL6AASZRHP-NJWmdmsE27Q7Iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:24:5e:ab:3e:6b:5f:bb:11:aa:cb:c0:cc:72:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
        Validity
            Not Before: Jan  1 10:17:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d0a561756b302abfdd8f2cdce2af5e43c9112d62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:91:2a:ac:21:1b:1b:a3:b7:ae:0b:a6:75:9c:
                    89:37:2d:ea:17:13:21:e5:3c:3d:01:70:fc:e0:2b:
                    a3:38:93:58:49:f2:38:06:1d:3c:22:8b:de:fa:d0:
                    e2:b8:96:c7:d2:da:7f:a2:ba:70:5c:65:d6:60:ea:
                    48:8e:c3:e7:41:ad:f8:e0:3a:67:e1:35:f3:56:14:
                    ce:22:d6:07:85:de:ac:ae:89:a3:ff:8e:ad:55:b2:
                    ba:74:bd:02:04:d4:cd:00:df:47:0d:c6:89:58:68:
                    0e:88:59:a3:93:fb:8e:4c:e7:a4:54:1b:92:10:6c:
                    83:3d:d4:d1:14:80:aa:d7:ce:83:7d:96:aa:84:8a:
                    08:fd:8c:4c:6e:93:e7:76:f5:1b:96:e3:15:a8:b5:
                    23:b8:b6:ac:6a:44:7d:c8:2f:7e:7c:fb:26:53:29:
                    2e:09:15:a0:f6:14:b1:0e:ef:36:52:6f:17:0d:8e:
                    e8:0f:05:58:5e:48:a7:1b:03:81:f8:17:a3:04:07:
                    f5:e3:a8:4f:ce:56:d7:2d:89:86:de:29:76:5f:bc:
                    ee:55:56:53:66:c8:5b:a1:6a:e8:e4:bf:a5:5f:95:
                    7e:ba:cd:41:c5:e5:78:41:ee:bf:ef:ee:97:4d:30:
                    6c:f1:f1:59:f0:fb:20:f1:c8:fc:84:43:79:f2:c4:
                    7e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:A5:61:75:6B:30:2A:BF:DD:8F:2C:DC:E2:AF:5E:43:C9:11:2D:62
            X509v3 Authority Key Identifier:
                keyid:EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/0KVhdWswKr_djyzc4q9eQ8kRLWI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/67CL6AASZRHP-NJWmdmsE27Q7Iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.0.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:a4:96:4a:02:50:ca:c5:3c:6f:2b:27:4a:56:ed:94:8f:9f:
         1c:a1:c8:2f:68:95:47:9f:12:56:3b:92:ad:05:45:bd:c8:cf:
         53:e4:5a:f2:ce:a7:9a:ab:25:9e:76:a6:7e:12:78:0d:a0:18:
         86:b4:99:3f:eb:95:5d:9e:8c:67:cd:ed:d6:5d:9a:71:64:77:
         12:a6:17:d6:e4:ac:ab:90:14:21:b8:17:30:8c:ab:5d:3e:15:
         e2:8c:1e:2f:98:29:c0:62:2b:9e:3e:60:1e:bd:a5:f9:6f:a6:
         34:82:56:1a:52:bd:64:1e:4d:e2:d2:d0:47:de:f2:92:70:24:
         f8:94:2f:8b:b3:1c:39:8f:18:97:3c:69:84:38:09:8b:06:45:
         a7:dc:78:51:13:27:10:3a:69:eb:13:5a:3e:cb:43:ba:bf:2d:
         52:30:91:52:5d:27:71:e4:15:db:a7:a4:89:cd:7c:66:c8:bc:
         9f:ea:80:ae:1c:e4:50:fd:b3:20:c7:7f:dc:25:43:fa:f2:5d:
         08:35:59:18:2e:4f:54:27:f6:b2:c4:c8:fc:08:ef:ed:89:f0:
         e6:04:fc:0b:44:46:f9:fa:18:42:91:d7:2b:36:a5:8a:72:cf:
         91:e1:ff:c9:41:ba:10:95:33:95:8d:df:20:c8:02:cb:b1:52:
         b7:5a:12:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5ECReqz5rX7sRqsvAzHJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYjA4YmU4MDAxMjY1MTFjZmY4ZDI1Njk5ZDlhYzEzNmVk
MGVjOGMwHhcNMjYwMTAxMTAxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE1NjE3NTZiMzAyYWJmZGQ4ZjJjZGNlMmFmNWU0M2M5MTEyZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJEqrCEbG6O3rgumdZyJNy3qFxMh
5Tw9AXD84CujOJNYSfI4Bh08Iove+tDiuJbH0tp/orpwXGXWYOpIjsPnQa344Dpn
4TXzVhTOItYHhd6sromj/46tVbK6dL0CBNTNAN9HDcaJWGgOiFmjk/uOTOekVBuS
EGyDPdTRFICq186DfZaqhIoI/YxMbpPndvUbluMVqLUjuLasakR9yC9+fPsmUyku
CRWg9hSxDu82Um8XDY7oDwVYXkinGwOB+BejBAf146hPzlbXLYmG3il2X7zuVVZT
ZshboWro5L+lX5V+us1BxeV4Qe6/7+6XTTBs8fFZ8Psg8cj8hEN58sR+SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNClYXVrMCq/3Y8s3OKvXkPJES1iMB8GA1UdIwQY
MBaAFOuwi+gAEmURz/jSVpnZrBNu0OyMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjdDTDZBQVNaUkhQLU5KV21kbXNFMjdRN0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YzE0MmEtMmI1ZS00MTZiLTk0ZGUt
YmE5ZDUxZmU5ZTJiLzEvMEtWaGRXc3dLcl9kanl6YzRxOWVROGtSTFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YzE0MmEtMmI1ZS00MTZiLTk0ZGUtYmE5ZDUxZmU5ZTJi
LzEvNjdDTDZBQVNaUkhQLU5KV21kbXNFMjdRN0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhgBHMA0G
CSqGSIb3DQEBCwUAA4IBAQAWpJZKAlDKxTxvKydKVu2Uj58cocgvaJVHnxJWO5Kt
BUW9yM9T5FryzqeaqyWedqZ+EngNoBiGtJk/65Vdnoxnze3WXZpxZHcSphfW5Kyr
kBQhuBcwjKtdPhXijB4vmCnAYiuePmAevaX5b6Y0glYaUr1kHk3i0tBH3vKScCT4
lC+Lsxw5jxiXPGmEOAmLBkWn3HhREycQOmnrE1o+y0O6vy1SMJFSXSdx5BXbp6SJ
zXxmyLyf6oCuHORQ/bMgx3/cJUP68l0INVkYLk9UJ/ayxMj8CO/tifDmBPwLREb5
+hhCkdcrNqWKcs+R4f/JQboQlTOVjd8gyALLsVK3WhIE
-----END CERTIFICATE-----