This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/unQfyoMm3gJGcK6KVwPJMMwgAmE.roa
File:                     unQfyoMm3gJGcK6KVwPJMMwgAmE.roa (raw, json)
Hash identifier:          dJwKOB7hLwrpnKolTbkDVLvsYmZrBaj//I+3Zr9dVQk=
Subject key identifier:   BA:74:1F:CA:83:26:DE:02:46:70:AE:8A:57:03:C9:30:CC:20:02:61
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       019B7B36BC14C893B70CB1EAD7967358F53A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/unQfyoMm3gJGcK6KVwPJMMwgAmE.roa
Signing time:             Thu 01 Jan 2026 20:19:03 +0000
ROA not before:           Thu 01 Jan 2026 20:19:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     20200
IP address blocks:        45.155.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:bc:14:c8:93:b7:0c:b1:ea:d7:96:73:58:f5:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jan  1 20:19:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ba741fca8326de024670ae8a5703c930cc200261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0a:7a:61:17:09:81:b5:58:52:43:eb:58:65:
                    4e:82:2f:ab:7b:50:2c:59:6b:07:61:23:30:a9:c0:
                    f8:5a:f0:04:b5:36:d7:66:39:06:83:cc:a0:81:15:
                    3d:12:cd:aa:ec:f3:3d:18:ed:14:f7:e0:b2:46:d3:
                    90:93:4c:82:6a:5b:06:98:6a:d3:86:41:d0:fb:72:
                    6a:67:f7:86:13:aa:d2:4a:00:4e:dc:56:41:76:8f:
                    28:59:f8:93:a0:9a:5c:5b:14:37:b2:a4:dd:3e:2f:
                    8b:5e:ca:16:23:64:c2:8d:a1:de:13:eb:11:50:64:
                    03:36:12:b6:00:cd:0c:c3:8a:37:3e:f5:43:8a:1a:
                    8b:b9:71:21:84:2f:05:8f:b8:04:92:93:ae:61:6c:
                    5c:0b:25:65:20:ab:d7:7d:06:9a:fb:d0:80:21:66:
                    d2:a4:ed:1e:e2:37:ab:05:76:12:42:db:d2:3c:8e:
                    01:84:14:ed:19:9a:2e:00:09:37:21:75:98:8e:17:
                    cc:6e:d9:7d:94:19:28:96:a8:1b:80:50:14:7d:b2:
                    d0:d6:47:3f:93:a2:3c:83:e6:e1:c3:78:8f:26:ce:
                    cc:a4:46:66:74:49:e9:5b:c1:1e:fb:6f:5a:5e:e7:
                    af:b7:72:fe:9c:13:f4:d1:8f:31:ba:17:ab:e3:03:
                    5d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:74:1F:CA:83:26:DE:02:46:70:AE:8A:57:03:C9:30:CC:20:02:61
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/unQfyoMm3gJGcK6KVwPJMMwgAmE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:df:a2:4c:b1:44:62:35:e0:d1:64:a8:05:aa:7a:ab:bf:39:
         52:d7:9a:db:6d:73:62:64:2b:18:0a:c5:4d:e2:f9:01:52:23:
         66:b2:aa:bf:95:88:05:d1:79:ef:13:7b:26:08:df:c6:5b:40:
         f8:8f:b7:94:09:23:af:51:e2:f7:7f:33:aa:70:3c:d2:91:2f:
         30:d9:6c:ee:24:62:e5:f3:3e:2e:9c:96:20:df:54:a2:2e:8d:
         3d:01:e9:87:7f:00:66:b9:fb:10:58:f6:97:1a:6c:fc:9a:e7:
         91:f0:9a:d4:a1:65:cf:cf:7c:2d:e2:a3:5d:f9:af:96:d0:27:
         5c:93:7e:57:18:51:72:c7:11:d2:8c:a8:d0:d0:46:73:83:f8:
         ca:55:80:f9:b6:1e:89:6a:d1:91:1a:b5:c7:c7:fc:b3:37:d8:
         1c:ab:29:37:5e:35:8e:09:e2:38:38:d9:8f:00:bb:14:34:4b:
         2f:f2:5d:22:c5:52:0b:a8:86:11:01:9f:65:23:ba:cb:05:b6:
         11:4b:38:b3:9c:55:b5:e1:a9:87:f5:ae:68:83:92:c7:51:64:
         03:0a:0a:bc:3a:17:12:e4:79:a6:46:c9:e2:2c:01:dc:f3:52:
         6c:f4:c4:b2:c9:83:3d:02:3d:7b:89:30:27:84:2f:35:e9:f9:
         9b:05:9e:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NrwUyJO3DLHq15ZzWPU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjYwMTAxMjAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc0MWZjYTgzMjZkZTAyNDY3MGFlOGE1NzAzYzkzMGNjMjAwMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQp6YRcJgbVYUkPrWGVOgi+re1As
WWsHYSMwqcD4WvAEtTbXZjkGg8yggRU9Es2q7PM9GO0U9+CyRtOQk0yCalsGmGrT
hkHQ+3JqZ/eGE6rSSgBO3FZBdo8oWfiToJpcWxQ3sqTdPi+LXsoWI2TCjaHeE+sR
UGQDNhK2AM0Mw4o3PvVDihqLuXEhhC8Fj7gEkpOuYWxcCyVlIKvXfQaa+9CAIWbS
pO0e4jerBXYSQtvSPI4BhBTtGZouAAk3IXWYjhfMbtl9lBkolqgbgFAUfbLQ1kc/
k6I8g+bhw3iPJs7MpEZmdEnpW8Ee+29aXuevt3L+nBP00Y8xuher4wNd2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLp0H8qDJt4CRnCuilcDyTDMIAJhMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdW5RZnlvTW0zZ0pHY0s2S1Z3UEpNTXdnQW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZv/MA0G
CSqGSIb3DQEBCwUAA4IBAQDK36JMsURiNeDRZKgFqnqrvzlS15rbbXNiZCsYCsVN
4vkBUiNmsqq/lYgF0XnvE3smCN/GW0D4j7eUCSOvUeL3fzOqcDzSkS8w2WzuJGLl
8z4unJYg31SiLo09AemHfwBmufsQWPaXGmz8mueR8JrUoWXPz3wt4qNd+a+W0Cdc
k35XGFFyxxHSjKjQ0EZzg/jKVYD5th6JatGRGrXHx/yzN9gcqyk3XjWOCeI4ONmP
ALsUNEsv8l0ixVILqIYRAZ9lI7rLBbYRSziznFW14amH9a5og5LHUWQDCgq8OhcS
5HmmRsniLAHc81Js9MSyyYM9Aj17iTAnhC816fmbBZ7U
-----END CERTIFICATE-----