This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/fDzIkCC4HQZF8d8gvy277WuuRYM.roa
File:                     fDzIkCC4HQZF8d8gvy277WuuRYM.roa (raw, json)
Hash identifier:          TzMFdxwnyUIL4oJ9MUVrNEjKX81ekLEZoq92hFxo3V4=
Subject key identifier:   7C:3C:C8:90:20:B8:1D:06:45:F1:DF:20:BF:2D:BB:ED:6B:AE:45:83
Certificate issuer:       /CN=5d826672e68f3da5db50ed81badb8d33bdccd2ba
Certificate serial:       019B76EAF46C4BC57B7D83B568E6710A220F
Authority key identifier: 5D:82:66:72:E6:8F:3D:A5:DB:50:ED:81:BA:DB:8D:33:BD:CC:D2:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/fDzIkCC4HQZF8d8gvy277WuuRYM.roa
Signing time:             Thu 01 Jan 2026 00:17:48 +0000
ROA not before:           Thu 01 Jan 2026 00:17:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     35297
IP address blocks:        45.157.204.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:ea:f4:6c:4b:c5:7b:7d:83:b5:68:e6:71:0a:22:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d826672e68f3da5db50ed81badb8d33bdccd2ba
        Validity
            Not Before: Jan  1 00:17:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7c3cc89020b81d0645f1df20bf2dbbed6bae4583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:94:f2:50:22:20:72:b5:66:2a:80:79:7d:b8:
                    3a:70:38:fa:01:cd:fd:56:6a:27:d5:d5:18:ef:c3:
                    db:a5:d2:5c:8f:f4:31:2e:03:4d:b5:d3:e8:44:80:
                    d1:92:1d:e3:08:e4:d4:30:a8:c5:40:d0:43:49:66:
                    c5:cc:91:21:26:f2:e0:73:53:1d:61:78:fc:0a:2b:
                    12:9d:53:f5:7f:e5:0a:e1:ee:95:bd:62:72:a9:59:
                    6a:f4:00:21:0a:7a:18:63:da:d7:ec:85:0e:97:d8:
                    b7:0e:14:dd:91:b7:12:74:ea:63:c8:d6:ad:9a:1a:
                    41:09:35:db:77:5c:62:ad:8f:0b:5b:41:47:39:ad:
                    54:b1:eb:1a:1a:11:bb:97:31:af:e1:33:cd:6a:5d:
                    40:36:5a:09:84:fc:aa:d0:43:74:e3:09:78:2e:9a:
                    d9:d2:65:cc:3f:99:00:31:33:b2:e6:66:a0:82:95:
                    c8:fc:69:54:06:b4:c0:bb:6d:ea:32:a2:38:ca:e0:
                    47:f8:9d:0e:3b:8f:8d:87:24:df:64:67:27:24:e4:
                    41:d9:51:cb:72:4d:e8:7c:a5:3d:f6:4d:2e:ab:76:
                    ef:de:06:7f:3e:e7:70:5b:67:4a:b0:f2:36:0c:5f:
                    e7:8b:93:e6:3c:57:9c:bf:d7:ca:3c:12:72:5e:78:
                    fd:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3C:C8:90:20:B8:1D:06:45:F1:DF:20:BF:2D:BB:ED:6B:AE:45:83
            X509v3 Authority Key Identifier:
                keyid:5D:82:66:72:E6:8F:3D:A5:DB:50:ED:81:BA:DB:8D:33:BD:CC:D2:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYJmcuaPPaXbUO2ButuNM73M0ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/fDzIkCC4HQZF8d8gvy277WuuRYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c79d13-9ea2-4eed-8dd2-cedab463ee5b/1/XYJmcuaPPaXbUO2ButuNM73M0ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:1d:3f:48:bd:cf:51:e2:63:02:1d:c0:2c:05:bd:2b:b2:60:
         5d:db:94:b0:da:a1:0e:7e:d1:2b:7d:8a:c0:c7:5c:d7:7d:1f:
         09:95:ec:20:37:ae:42:c2:1e:a6:c6:44:b7:ca:ed:aa:f9:9b:
         68:bc:a8:4c:5e:80:a0:0d:d3:0c:84:81:6e:c8:57:43:88:69:
         4b:78:6c:bc:a4:7f:25:ac:b7:d2:f9:a8:ec:3d:a6:c0:05:76:
         71:fe:76:ba:a8:f4:9e:25:fd:39:c9:9b:94:53:21:9e:db:5e:
         e2:ec:c7:c1:0b:68:0c:77:bb:b0:7f:18:ba:e6:5a:4d:35:7f:
         b2:c6:17:31:b2:a3:a1:b3:4c:e4:a5:3c:bd:75:2a:a6:86:3f:
         7c:d5:8a:a1:dc:9c:35:4a:c5:f9:c5:74:58:ea:7b:c7:02:13:
         c5:99:7b:e4:dc:34:d4:ed:f5:05:61:c0:63:fb:f4:66:6b:0c:
         50:72:a0:f5:13:b4:73:0c:77:ab:c5:4a:1d:b7:95:e0:0a:c4:
         dd:24:df:da:09:0b:4a:2b:30:14:ae:86:4e:f9:8d:4b:aa:78:
         d6:5b:37:a6:d9:d6:10:1d:0d:0b:21:14:cb:09:dd:e7:af:55:
         c4:5a:32:91:ad:07:4e:4b:5f:c3:5b:5d:92:63:14:81:d3:80:
         4f:4b:84:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26vRsS8V7fYO1aOZxCiIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODI2NjcyZTY4ZjNkYTVkYjUwZWQ4MWJhZGI4ZDMzYmRj
Y2QyYmEwHhcNMjYwMTAxMDAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzNjYzg5MDIwYjgxZDA2NDVmMWRmMjBiZjJkYmJlZDZiYWU0NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJTyUCIgcrVmKoB5fbg6cDj6Ac39
Vmon1dUY78PbpdJcj/QxLgNNtdPoRIDRkh3jCOTUMKjFQNBDSWbFzJEhJvLgc1Md
YXj8CisSnVP1f+UK4e6VvWJyqVlq9AAhCnoYY9rX7IUOl9i3DhTdkbcSdOpjyNat
mhpBCTXbd1xirY8LW0FHOa1UsesaGhG7lzGv4TPNal1ANloJhPyq0EN04wl4LprZ
0mXMP5kAMTOy5maggpXI/GlUBrTAu23qMqI4yuBH+J0OO4+NhyTfZGcnJORB2VHL
ck3ofKU99k0uq3bv3gZ/PudwW2dKsPI2DF/ni5PmPFecv9fKPBJyXnj9KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHw8yJAguB0GRfHfIL8tu+1rrkWDMB8GA1UdIwQY
MBaAFF2CZnLmjz2l21DtgbrbjTO9zNK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlKbWN1YVBQYVhiVU8yQnV0dU5NNzNNMHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNzlkMTMtOWVhMi00ZWVkLThkZDIt
Y2VkYWI0NjNlZTViLzEvZkR6SWtDQzRIUVpGOGQ4Z3Z5Mjc3V3V1UllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jNzlkMTMtOWVhMi00ZWVkLThkZDItY2VkYWI0NjNlZTVi
LzEvWFlKbWN1YVBQYVhiVU8yQnV0dU5NNzNNMHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ3MMA0G
CSqGSIb3DQEBCwUAA4IBAQDAHT9Ivc9R4mMCHcAsBb0rsmBd25Sw2qEOftErfYrA
x1zXfR8JlewgN65Cwh6mxkS3yu2q+ZtovKhMXoCgDdMMhIFuyFdDiGlLeGy8pH8l
rLfS+ajsPabABXZx/na6qPSeJf05yZuUUyGe217i7MfBC2gMd7uwfxi65lpNNX+y
xhcxsqOhs0zkpTy9dSqmhj981Yqh3Jw1SsX5xXRY6nvHAhPFmXvk3DTU7fUFYcBj
+/RmawxQcqD1E7RzDHerxUodt5XgCsTdJN/aCQtKKzAUroZO+Y1LqnjWWzem2dYQ
HQ0LIRTLCd3nr1XEWjKRrQdOS1/DW12SYxSB04BPS4TA
-----END CERTIFICATE-----