This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/G_oOSvatA_MkA8PUOvQG0SjlBP8.roa
File:                     G_oOSvatA_MkA8PUOvQG0SjlBP8.roa (raw, json)
Hash identifier:          QfgbrckpcKZmIdbq0sGOrc2SbZS9wiTACRQ29trGbAU=
Subject key identifier:   1B:FA:0E:4A:F6:AD:03:F3:24:03:C3:D4:3A:F4:06:D1:28:E5:04:FF
Certificate issuer:       /CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
Certificate serial:       019B7A5B2E45B78E8C7364D74C363DF9045F
Authority key identifier: 17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/G_oOSvatA_MkA8PUOvQG0SjlBP8.roa
Signing time:             Thu 01 Jan 2026 16:19:14 +0000
ROA not before:           Thu 01 Jan 2026 16:19:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     24882
IP address blocks:        193.111.173.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/F6b6gLLRxD7J6oJOfoOV95KU44o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/F6b6gLLRxD7J6oJOfoOV95KU44o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:2e:45:b7:8e:8c:73:64:d7:4c:36:3d:f9:04:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17a6fa80b2d1c43ec9ea824e7e8395f79294e38a
        Validity
            Not Before: Jan  1 16:19:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1bfa0e4af6ad03f32403c3d43af406d128e504ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:38:a4:92:db:76:89:7d:dd:a6:71:b3:7d:e0:
                    4d:0e:01:70:a4:1f:0f:4b:10:47:70:31:d0:d4:94:
                    c1:0d:e4:41:ad:94:af:88:4b:60:2d:8d:f0:fd:b9:
                    5b:5e:89:12:49:0a:97:2f:06:45:2a:90:fe:18:5a:
                    58:3f:1a:e7:77:85:54:ed:ff:0c:ca:c4:c5:7a:bd:
                    f0:09:66:b8:60:e8:26:1e:c5:4f:16:5e:16:82:0c:
                    fe:0e:f9:db:e0:ef:77:b5:d0:87:be:06:a3:94:3b:
                    42:92:3a:64:e0:43:25:95:ac:98:3b:b0:a1:05:63:
                    1b:90:ee:28:84:15:ed:c0:05:4d:89:05:6c:52:da:
                    58:9c:d7:8f:96:cf:e9:7c:75:17:7a:b8:b5:15:2f:
                    19:78:c4:a4:3a:73:1c:55:22:a0:aa:85:d6:a6:3e:
                    f2:b7:0b:87:ca:9f:53:ad:90:e3:a0:65:da:0c:b0:
                    5e:ff:1c:af:18:f6:79:32:59:7a:d3:8e:ff:9e:e6:
                    a5:ea:7f:61:71:a2:0f:b8:50:7c:c6:e8:b7:89:24:
                    11:c7:af:39:3a:b7:94:e4:ea:7c:d2:24:1b:f4:c1:
                    d1:12:97:4e:7a:87:47:8a:f1:bb:8d:81:7a:01:3c:
                    88:0a:e1:60:44:a5:ef:c7:9f:3a:ea:56:f0:d0:99:
                    5a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:FA:0E:4A:F6:AD:03:F3:24:03:C3:D4:3A:F4:06:D1:28:E5:04:FF
            X509v3 Authority Key Identifier:
                keyid:17:A6:FA:80:B2:D1:C4:3E:C9:EA:82:4E:7E:83:95:F7:92:94:E3:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F6b6gLLRxD7J6oJOfoOV95KU44o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/G_oOSvatA_MkA8PUOvQG0SjlBP8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bbfe48-f14d-40d1-9f1a-cb9e45bb0c63/1/F6b6gLLRxD7J6oJOfoOV95KU44o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.111.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:9d:a2:9c:5e:c8:80:0a:8f:8f:09:47:06:65:75:c0:e4:b8:
         05:55:e7:08:ef:45:4e:9e:94:f7:9d:a1:36:ff:68:10:a7:bd:
         05:52:97:aa:23:90:99:40:08:58:78:2b:45:cb:9b:90:e0:d8:
         4b:49:94:be:d2:70:a6:b7:3f:97:aa:43:ca:db:e5:47:b8:f5:
         e3:89:27:b5:ee:ce:08:d1:ec:39:ae:a3:3b:d8:9c:a1:b7:d4:
         aa:d3:7d:cd:fd:76:37:24:3b:bf:32:27:d5:2b:d2:d3:bf:a5:
         11:e9:68:91:33:c6:5e:c5:d0:dc:3d:8c:88:3a:1e:da:a5:34:
         31:95:cd:b8:1c:b8:f7:fe:af:c4:e5:d7:50:0e:c8:60:7c:26:
         f5:5a:3e:ec:3e:bc:93:c7:b6:89:1b:90:a9:9e:f4:9b:bf:d8:
         e1:cf:69:d6:c1:91:68:03:bb:7d:62:1d:4b:6f:c7:69:94:c7:
         ec:b8:24:34:ca:42:2c:55:01:c2:a7:18:49:7c:4b:cc:bb:20:
         8b:78:33:a9:79:14:d6:84:f7:53:2c:59:cc:02:f2:09:c3:bd:
         0f:46:fd:ed:9b:08:7d:46:7b:70:20:71:d0:80:66:b2:ce:4b:
         a3:23:57:12:0f:c7:5b:c9:c8:98:66:ff:cf:1d:0c:df:ce:84:
         01:55:67:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6Wy5Ft46Mc2TXTDY9+QRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YTZmYTgwYjJkMWM0M2VjOWVhODI0ZTdlODM5NWY3OTI5
NGUzOGEwHhcNMjYwMTAxMTYxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZhMGU0YWY2YWQwM2YzMjQwM2MzZDQzYWY0MDZkMTI4ZTUwNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjikktt2iX3dpnGzfeBNDgFwpB8P
SxBHcDHQ1JTBDeRBrZSviEtgLY3w/blbXokSSQqXLwZFKpD+GFpYPxrnd4VU7f8M
ysTFer3wCWa4YOgmHsVPFl4Wggz+Dvnb4O93tdCHvgajlDtCkjpk4EMllayYO7Ch
BWMbkO4ohBXtwAVNiQVsUtpYnNePls/pfHUXeri1FS8ZeMSkOnMcVSKgqoXWpj7y
twuHyp9TrZDjoGXaDLBe/xyvGPZ5Mll6047/nual6n9hcaIPuFB8xui3iSQRx685
OreU5Op80iQb9MHREpdOeodHivG7jYF6ATyICuFgRKXvx5866lbw0JlarwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBv6Dkr2rQPzJAPD1Dr0BtEo5QT/MB8GA1UdIwQY
MBaAFBem+oCy0cQ+yeqCTn6DlfeSlOOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjZiNmdMTFJ4RDdKNm9KT2ZvT1Y5NUtVNDRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iYmZlNDgtZjE0ZC00MGQxLTlmMWEt
Y2I5ZTQ1YmIwYzYzLzEvR19vT1N2YXRBX01rQThQVU92UUcwU2psQlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iYmZlNDgtZjE0ZC00MGQxLTlmMWEtY2I5ZTQ1YmIwYzYz
LzEvRjZiNmdMTFJ4RDdKNm9KT2ZvT1Y5NUtVNDRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+tMA0G
CSqGSIb3DQEBCwUAA4IBAQBpnaKcXsiACo+PCUcGZXXA5LgFVecI70VOnpT3naE2
/2gQp70FUpeqI5CZQAhYeCtFy5uQ4NhLSZS+0nCmtz+XqkPK2+VHuPXjiSe17s4I
0ew5rqM72Jyht9Sq033N/XY3JDu/MifVK9LTv6UR6WiRM8ZexdDcPYyIOh7apTQx
lc24HLj3/q/E5ddQDshgfCb1Wj7sPryTx7aJG5CpnvSbv9jhz2nWwZFoA7t9Yh1L
b8dplMfsuCQ0ykIsVQHCpxhJfEvMuyCLeDOpeRTWhPdTLFnMAvIJw70PRv3tmwh9
RntwIHHQgGayzkujI1cSD8dbyciYZv/PHQzfzoQBVWeP
-----END CERTIFICATE-----