This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ObexSGVy696Wkd2DRhwt2_VaBs8.roa
File:                     ObexSGVy696Wkd2DRhwt2_VaBs8.roa (raw, json)
Hash identifier:          Ly1Ec9X97SiqjYPYhofzign3IKjIwUM2uHbt0VCXmE4=
Subject key identifier:   39:B7:B1:48:65:72:EB:DE:96:91:DD:83:46:1C:2D:DB:F5:5A:06:CF
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       019B7E39196DF7683B7B5845ECF7BF5F6378
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ObexSGVy696Wkd2DRhwt2_VaBs8.roa
Signing time:             Fri 02 Jan 2026 10:20:29 +0000
ROA not before:           Fri 02 Jan 2026 10:20:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57100
IP address blocks:        94.154.39.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 06:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:39:19:6d:f7:68:3b:7b:58:45:ec:f7:bf:5f:63:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Jan  2 10:20:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=39b7b1486572ebde9691dd83461c2ddbf55a06cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ad:ff:d7:90:43:1a:ed:d8:82:e3:87:88:b5:
                    70:2c:b0:04:39:5c:00:db:7e:49:cb:b8:40:33:44:
                    03:c6:2e:10:5a:bf:91:46:71:fc:87:6b:d8:2e:d3:
                    6a:a2:08:b6:5b:0e:66:15:cd:fe:d2:5b:b7:75:7c:
                    ed:69:de:ec:33:f9:f7:18:0b:8f:8e:90:0f:10:43:
                    a2:bf:9b:3a:45:c2:dd:36:3a:b7:7b:12:42:fb:88:
                    cf:1e:a3:f2:93:99:07:bc:9f:33:76:49:fe:ab:dc:
                    95:10:1b:6a:62:f2:6e:1a:1f:7e:12:bd:dd:aa:73:
                    ac:46:45:1b:c9:69:67:d4:9a:ba:d6:25:d1:da:7a:
                    4e:fb:b5:75:65:fd:8c:c1:49:e2:67:4b:59:f9:44:
                    21:e4:23:22:6f:69:fb:07:5f:39:d8:8e:01:97:c0:
                    4a:76:7c:32:8e:29:20:ec:56:42:ae:73:2a:c8:f9:
                    d7:a2:48:c5:cd:cd:51:e8:89:5f:a3:7c:6b:0b:6e:
                    84:5a:5a:89:2e:6f:92:4f:78:31:d0:3e:cc:88:93:
                    01:20:eb:f9:b5:41:77:34:eb:68:bd:ae:d2:d9:5a:
                    bc:68:ef:71:e5:e5:d3:87:03:58:7d:95:16:dc:d3:
                    d3:f6:af:6e:f5:3c:10:6e:70:a0:ed:26:04:4e:21:
                    cc:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B7:B1:48:65:72:EB:DE:96:91:DD:83:46:1C:2D:DB:F5:5A:06:CF
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ObexSGVy696Wkd2DRhwt2_VaBs8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:f3:37:13:76:89:bf:0c:4a:5b:99:c3:29:a5:fc:13:d4:dc:
         c0:bc:e0:38:cb:64:a2:d3:08:76:ce:d8:12:a7:da:81:aa:cd:
         74:d4:3e:58:21:3f:11:db:22:25:7f:9f:4e:17:f8:5b:fc:69:
         df:9f:2e:f8:18:06:af:a0:f8:b3:c1:c9:16:71:41:4a:5b:e1:
         39:07:3c:91:40:7a:bd:22:07:c3:5d:0e:44:58:34:bb:86:f0:
         2b:1e:0c:af:dc:66:58:cf:86:2f:31:86:a2:9b:15:9a:6f:38:
         23:24:c0:ae:62:48:e3:4c:9a:89:f8:b9:5c:15:a7:43:bc:68:
         c3:ca:a6:52:ee:69:6a:0d:d9:26:0b:45:96:e3:c6:23:60:aa:
         a4:16:c4:cf:82:89:00:d3:9e:75:d8:db:61:dd:5a:43:02:50:
         e2:b0:01:f5:db:e3:77:75:8a:0a:fd:dd:0e:eb:65:0d:87:50:
         4a:0d:08:33:35:17:c6:d8:0d:42:8b:06:e2:9c:0f:a5:3a:6e:
         59:e2:1b:76:7d:eb:6c:aa:f2:4c:ff:9c:23:df:e0:d0:3d:40:
         96:91:26:19:10:7f:c3:19:f5:27:32:65:6a:92:ff:3b:c4:2d:
         fb:13:0c:ec:bc:fa:ff:fe:e4:ea:42:ab:16:55:7a:c7:f3:ae:
         f2:8d:be:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+ORlt92g7e1hF7Pe/X2N4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjYwMTAyMTAyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI3YjE0ODY1NzJlYmRlOTY5MWRkODM0NjFjMmRkYmY1NWEwNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa3/15BDGu3YguOHiLVwLLAEOVwA
235Jy7hAM0QDxi4QWr+RRnH8h2vYLtNqogi2Ww5mFc3+0lu3dXztad7sM/n3GAuP
jpAPEEOiv5s6RcLdNjq3exJC+4jPHqPyk5kHvJ8zdkn+q9yVEBtqYvJuGh9+Er3d
qnOsRkUbyWln1Jq61iXR2npO+7V1Zf2MwUniZ0tZ+UQh5CMib2n7B1852I4Bl8BK
dnwyjikg7FZCrnMqyPnXokjFzc1R6Ilfo3xrC26EWlqJLm+ST3gx0D7MiJMBIOv5
tUF3NOtova7S2Vq8aO9x5eXThwNYfZUW3NPT9q9u9TwQbnCg7SYETiHMEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDm3sUhlcuvelpHdg0YcLdv1WgbPMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvT2JleFNHVnk2OTZXa2QyRFJod3QyX1ZhQnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXponMA0G
CSqGSIb3DQEBCwUAA4IBAQB38zcTdom/DEpbmcMppfwT1NzAvOA4y2Si0wh2ztgS
p9qBqs101D5YIT8R2yIlf59OF/hb/Gnfny74GAavoPizwckWcUFKW+E5BzyRQHq9
IgfDXQ5EWDS7hvArHgyv3GZYz4YvMYaimxWabzgjJMCuYkjjTJqJ+LlcFadDvGjD
yqZS7mlqDdkmC0WW48YjYKqkFsTPgokA05512Nth3VpDAlDisAH12+N3dYoK/d0O
62UNh1BKDQgzNRfG2A1CiwbinA+lOm5Z4ht2fetsqvJM/5wj3+DQPUCWkSYZEH/D
GfUnMmVqkv87xC37EwzsvPr//uTqQqsWVXrH867yjb6d
-----END CERTIFICATE-----