This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/jUi6SuFHxWUcf3BLcRXfDSJcijA.roa
File:                     jUi6SuFHxWUcf3BLcRXfDSJcijA.roa (raw, json)
Hash identifier:          j8KVEbuo6sxSwDOmodToJ+V3aOkB4CrJpEr50CscFoI=
Subject key identifier:   8D:48:BA:4A:E1:47:C5:65:1C:7F:70:4B:71:15:DF:0D:22:5C:8A:30
Certificate issuer:       /CN=0804ace6946fb701bb2c45e30acafea66dac2f7a
Certificate serial:       019B76EB535C6394D7F0EC01B27A5B511092
Authority key identifier: 08:04:AC:E6:94:6F:B7:01:BB:2C:45:E3:0A:CA:FE:A6:6D:AC:2F:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CASs5pRvtwG7LEXjCsr-pm2sL3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/jUi6SuFHxWUcf3BLcRXfDSJcijA.roa
Signing time:             Thu 01 Jan 2026 00:18:12 +0000
ROA not before:           Thu 01 Jan 2026 00:18:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216352
IP address blocks:        2001:67c:c4::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/CASs5pRvtwG7LEXjCsr-pm2sL3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/CASs5pRvtwG7LEXjCsr-pm2sL3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CASs5pRvtwG7LEXjCsr-pm2sL3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 18:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:53:5c:63:94:d7:f0:ec:01:b2:7a:5b:51:10:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0804ace6946fb701bb2c45e30acafea66dac2f7a
        Validity
            Not Before: Jan  1 00:18:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8d48ba4ae147c5651c7f704b7115df0d225c8a30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:02:1b:6e:92:ea:89:f2:0a:74:69:02:ed:d7:
                    05:4f:97:73:e7:6d:7d:91:3a:cd:d7:4e:b5:24:2e:
                    ab:f8:9d:ce:a8:0b:03:4b:f9:a1:d8:fa:fb:e5:fe:
                    b9:a8:f1:64:04:be:d9:6b:70:05:4e:6f:81:69:5f:
                    26:f9:bb:8b:64:ce:54:6b:4d:69:7e:8a:36:7c:6f:
                    e1:45:04:f5:22:0b:eb:75:b6:00:60:84:f0:fd:39:
                    7f:0b:c6:78:2f:1b:0e:50:e7:c4:69:d1:68:ae:ea:
                    3e:3c:c0:ea:d2:30:14:b3:46:be:f2:c2:18:fe:d0:
                    81:51:5b:b1:4d:89:6e:23:9d:92:cc:7a:16:45:96:
                    1d:ab:c4:02:66:59:fa:66:be:b3:14:66:f8:d8:f1:
                    7e:be:b4:20:1d:59:23:a9:9e:c9:0f:8d:22:6c:25:
                    65:98:bd:68:71:71:84:06:ef:2d:91:f5:01:aa:60:
                    06:37:b0:ea:f4:54:1b:7f:10:6f:a3:93:52:46:89:
                    00:b2:35:35:3a:32:47:13:49:54:4f:e0:0d:ac:58:
                    69:d1:48:1b:83:34:b8:3d:ec:5b:3e:b9:75:1a:cc:
                    c8:57:35:1c:39:ea:2b:7e:a4:a9:31:f0:48:16:33:
                    5c:7e:86:63:0e:71:08:f1:2c:0b:12:e6:11:0d:57:
                    1b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:48:BA:4A:E1:47:C5:65:1C:7F:70:4B:71:15:DF:0D:22:5C:8A:30
            X509v3 Authority Key Identifier:
                keyid:08:04:AC:E6:94:6F:B7:01:BB:2C:45:E3:0A:CA:FE:A6:6D:AC:2F:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CASs5pRvtwG7LEXjCsr-pm2sL3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/jUi6SuFHxWUcf3BLcRXfDSJcijA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/CASs5pRvtwG7LEXjCsr-pm2sL3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:c4::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:3e:8c:88:c2:8f:0f:f3:95:44:1a:86:c8:32:a8:80:46:95:
         a6:b8:a4:be:d3:ad:10:4d:7c:7d:33:7b:77:b1:23:f3:ca:98:
         62:89:62:b5:4f:ff:77:a9:9a:7c:5e:f7:5a:c9:4f:c7:6a:90:
         f7:b0:80:1e:6d:d8:ee:a3:41:33:c2:cd:29:12:7a:8e:a4:e7:
         41:a9:ea:d3:0e:0e:15:b0:fb:3c:d8:e8:f0:19:af:69:28:36:
         5e:ac:84:31:f3:fe:fc:bc:44:53:4e:37:79:3e:8d:28:3f:75:
         c7:73:1b:ac:3e:b0:78:cc:fc:6e:d7:97:57:fd:4e:3e:e5:23:
         f5:2c:ba:f1:d3:ed:19:d8:62:cb:69:2a:c8:8c:06:df:44:3e:
         a3:93:73:ed:db:e7:6a:b5:93:36:f4:d2:e3:d3:47:80:a7:a5:
         52:45:3a:33:b3:f9:66:9a:93:f7:0a:41:8a:a1:f1:cf:01:c4:
         50:fc:6b:73:5f:d8:24:a3:03:53:88:6a:72:31:4a:b0:9b:71:
         4c:4d:57:e8:1b:c5:c2:2f:e5:88:80:d1:7f:30:01:f9:6c:98:
         0e:ae:d2:6e:49:f2:b0:40:b5:91:1a:a9:6c:51:12:48:9e:63:
         7c:5e:34:e7:19:e9:bf:4d:72:c7:87:5f:92:2c:7d:d4:10:92:
         2a:76:52:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt261NcY5TX8OwBsnpbURCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDRhY2U2OTQ2ZmI3MDFiYjJjNDVlMzBhY2FmZWE2NmRh
YzJmN2EwHhcNMjYwMTAxMDAxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQ4YmE0YWUxNDdjNTY1MWM3ZjcwNGI3MTE1ZGYwZDIyNWM4YTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAIbbpLqifIKdGkC7dcFT5dz5219
kTrN1061JC6r+J3OqAsDS/mh2Pr75f65qPFkBL7Za3AFTm+BaV8m+buLZM5Ua01p
foo2fG/hRQT1IgvrdbYAYITw/Tl/C8Z4LxsOUOfEadForuo+PMDq0jAUs0a+8sIY
/tCBUVuxTYluI52SzHoWRZYdq8QCZln6Zr6zFGb42PF+vrQgHVkjqZ7JD40ibCVl
mL1ocXGEBu8tkfUBqmAGN7Dq9FQbfxBvo5NSRokAsjU1OjJHE0lUT+ANrFhp0Ugb
gzS4PexbPrl1GszIVzUcOeorfqSpMfBIFjNcfoZjDnEI8SwLEuYRDVcbwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI1IukrhR8VlHH9wS3EV3w0iXIowMB8GA1UdIwQY
MBaAFAgErOaUb7cBuyxF4wrK/qZtrC96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FTczVwUnZ0d0c3TEVYakNzci1wbTJzTDNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81YmNlZTAtNTEyZS00MWY0LThkNmIt
OTVkMTYzNjRkYmI5LzEvalVpNlN1Rkh4V1VjZjNCTGNSWGZEU0pjaWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81YmNlZTAtNTEyZS00MWY0LThkNmItOTVkMTYzNjRkYmI5
LzEvQ0FTczVwUnZ0d0c3TEVYakNzci1wbTJzTDNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfADE
MA0GCSqGSIb3DQEBCwUAA4IBAQCnPoyIwo8P85VEGobIMqiARpWmuKS+060QTXx9
M3t3sSPzyphiiWK1T/93qZp8XvdayU/HapD3sIAebdjuo0Ezws0pEnqOpOdBqerT
Dg4VsPs82OjwGa9pKDZerIQx8/78vERTTjd5Po0oP3XHcxusPrB4zPxu15dX/U4+
5SP1LLrx0+0Z2GLLaSrIjAbfRD6jk3Pt2+dqtZM29NLj00eAp6VSRTozs/lmmpP3
CkGKofHPAcRQ/GtzX9gkowNTiGpyMUqwm3FMTVfoG8XCL+WIgNF/MAH5bJgOrtJu
SfKwQLWRGqlsURJInmN8XjTnGem/TXLHh1+SLH3UEJIqdlKN
-----END CERTIFICATE-----