This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/2V5uX7zz8rLZM3EIe_aMe1EFHf4.roa
File:                     2V5uX7zz8rLZM3EIe_aMe1EFHf4.roa (raw, json)
Hash identifier:          L4MUyeDgRyRa1SAE3WijwMUBcPHzc9BZm/cEJ6tCJQ0=
Subject key identifier:   D9:5E:6E:5F:BC:F3:F2:B2:D9:33:71:08:7B:F6:8C:7B:51:05:1D:FE
Certificate issuer:       /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial:       019B76EB252495B83EA03C63C05A373A1CBA
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/2V5uX7zz8rLZM3EIe_aMe1EFHf4.roa
Signing time:             Thu 01 Jan 2026 00:18:00 +0000
ROA not before:           Thu 01 Jan 2026 00:18:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     399578
IP address blocks:        78.143.242.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 09:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:25:24:95:b8:3e:a0:3c:63:c0:5a:37:3a:1c:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
        Validity
            Not Before: Jan  1 00:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d95e6e5fbcf3f2b2d93371087bf68c7b51051dfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ed:66:df:b0:06:6f:8c:54:1b:59:49:7c:68:
                    da:de:bd:6e:25:c5:a2:95:b4:85:6b:ee:7d:b2:35:
                    2e:bd:85:40:69:59:a3:e8:dc:78:d1:6f:4a:45:51:
                    5b:df:2d:d8:84:0d:d2:3c:25:d9:20:45:01:24:6a:
                    c4:38:12:b9:b9:e8:25:50:4d:1a:63:b6:d7:6f:3f:
                    11:d0:83:8b:b2:70:0a:0c:8e:da:3b:85:c3:44:1e:
                    eb:03:04:43:8c:fb:77:58:c3:6f:9f:24:80:a0:a3:
                    f9:f9:8b:fa:cd:3e:f8:6a:e9:ea:e0:15:84:7b:04:
                    58:41:17:bc:25:f0:79:12:6a:0e:29:56:85:2a:72:
                    36:df:df:95:35:49:70:d8:76:08:42:e4:4b:94:e6:
                    1b:84:45:2d:99:79:38:7e:ff:1f:4c:7c:3c:c4:e8:
                    ec:a2:2a:34:d5:54:86:fd:9c:fd:b4:6e:b9:bd:7d:
                    bd:24:72:15:63:f0:c7:d0:af:2c:9d:50:b3:b8:13:
                    01:ef:f2:a2:10:c1:17:01:23:08:90:0e:6c:be:72:
                    86:7d:d2:6f:66:db:03:3b:77:24:f1:52:1e:f0:c0:
                    2a:47:b1:cd:db:f4:dd:e0:a0:c4:e8:44:72:f5:da:
                    b2:4a:99:2d:dc:aa:f2:d3:d7:f0:eb:3c:15:db:30:
                    b5:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:5E:6E:5F:BC:F3:F2:B2:D9:33:71:08:7B:F6:8C:7B:51:05:1D:FE
            X509v3 Authority Key Identifier:
                keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/2V5uX7zz8rLZM3EIe_aMe1EFHf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.143.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:41:5c:53:27:91:71:3a:db:a9:4e:71:4b:5e:de:10:43:85:
         a2:69:10:97:d7:1d:b0:4f:05:3f:84:78:8d:b2:59:93:e8:9d:
         8e:9c:d1:c7:77:cd:d5:e0:fe:72:6d:68:2a:31:87:e4:33:17:
         9a:5e:bb:c2:30:96:49:ae:2c:ea:5c:60:3c:c4:0b:ef:05:f0:
         94:ba:09:53:06:12:6a:fb:6b:1c:87:ee:94:14:62:c2:7d:cc:
         11:85:87:e0:64:4b:4f:a0:26:17:d3:fa:34:ab:8f:7a:d5:ec:
         96:06:67:7c:45:b0:2e:dc:b1:d9:57:47:38:4c:94:aa:c4:9c:
         83:7c:15:5a:a6:08:f5:86:b5:83:44:c0:08:68:c8:12:98:c8:
         51:f0:26:61:03:d2:9d:58:39:37:f7:5b:ba:46:84:a6:f6:aa:
         d9:f1:54:7b:fe:20:05:b4:6a:ba:51:6f:55:c5:53:f9:92:64:
         a0:7d:3d:aa:46:c1:25:22:95:ff:c0:56:1a:37:a1:b3:64:8d:
         11:3a:2f:9a:8d:c8:fd:ad:aa:2c:f7:b8:a6:d7:b3:ad:bb:f0:
         e6:7e:f8:eb:d5:ba:7d:ca:c6:ad:fc:78:19:64:04:ab:bf:89:
         fe:41:03:f8:cd:cf:65:19:be:57:3d:b9:6c:dd:18:b5:fe:c0:
         2b:0f:19:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26yUklbg+oDxjwFo3Ohy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjYwMTAxMDAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVlNmU1ZmJjZjNmMmIyZDkzMzcxMDg3YmY2OGM3YjUxMDUxZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5u1m37AGb4xUG1lJfGja3r1uJcWi
lbSFa+59sjUuvYVAaVmj6Nx40W9KRVFb3y3YhA3SPCXZIEUBJGrEOBK5ueglUE0a
Y7bXbz8R0IOLsnAKDI7aO4XDRB7rAwRDjPt3WMNvnySAoKP5+Yv6zT74aunq4BWE
ewRYQRe8JfB5EmoOKVaFKnI239+VNUlw2HYIQuRLlOYbhEUtmXk4fv8fTHw8xOjs
oio01VSG/Zz9tG65vX29JHIVY/DH0K8snVCzuBMB7/KiEMEXASMIkA5svnKGfdJv
ZtsDO3ck8VIe8MAqR7HN2/Td4KDE6ERy9dqySpkt3Kry09fw6zwV2zC1YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlebl+88/Ky2TNxCHv2jHtRBR3+MB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvMlY1dVg3eno4ckxaTTNFSWVfYU1lMUVGSGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATo/yMA0G
CSqGSIb3DQEBCwUAA4IBAQBMQVxTJ5FxOtupTnFLXt4QQ4WiaRCX1x2wTwU/hHiN
slmT6J2OnNHHd83V4P5ybWgqMYfkMxeaXrvCMJZJrizqXGA8xAvvBfCUuglTBhJq
+2sch+6UFGLCfcwRhYfgZEtPoCYX0/o0q4961eyWBmd8RbAu3LHZV0c4TJSqxJyD
fBVapgj1hrWDRMAIaMgSmMhR8CZhA9KdWDk391u6RoSm9qrZ8VR7/iAFtGq6UW9V
xVP5kmSgfT2qRsElIpX/wFYaN6GzZI0ROi+ajcj9raos97im17Otu/Dmfvjr1bp9
ysat/HgZZASrv4n+QQP4zc9lGb5XPbls3Ri1/sArDxmt
-----END CERTIFICATE-----