This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/5VmOpi03r_fL6ZM9_FCqD-4ELvY.roa
File:                     5VmOpi03r_fL6ZM9_FCqD-4ELvY.roa (raw, json)
Hash identifier:          4huAnYa6nby7innz6R7TqYphvP6rJYEBi+2SzImbtCI=
Subject key identifier:   E5:59:8E:A6:2D:37:AF:F7:CB:E9:93:3D:FC:50:AA:0F:EE:04:2E:F6
Certificate issuer:       /CN=786758bea68f0825cf16e66fb02ee7bca454bae2
Certificate serial:       019B7F152F1BAA2D83D65053E6DBBA92EBA0
Authority key identifier: 78:67:58:BE:A6:8F:08:25:CF:16:E6:6F:B0:2E:E7:BC:A4:54:BA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eGdYvqaPCCXPFuZvsC7nvKRUuuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/5VmOpi03r_fL6ZM9_FCqD-4ELvY.roa
Signing time:             Fri 02 Jan 2026 14:20:53 +0000
ROA not before:           Fri 02 Jan 2026 14:20:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     201912
IP address blocks:        185.162.104.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/eGdYvqaPCCXPFuZvsC7nvKRUuuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/eGdYvqaPCCXPFuZvsC7nvKRUuuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eGdYvqaPCCXPFuZvsC7nvKRUuuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 20:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:2f:1b:aa:2d:83:d6:50:53:e6:db:ba:92:eb:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=786758bea68f0825cf16e66fb02ee7bca454bae2
        Validity
            Not Before: Jan  2 14:20:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e5598ea62d37aff7cbe9933dfc50aa0fee042ef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ab:b8:7b:6f:7f:d6:96:28:d5:cb:13:2c:70:
                    5f:6f:d6:8d:e8:3d:09:c4:a4:5d:44:6a:6b:8c:3b:
                    75:62:8a:02:b4:c6:1a:73:1a:35:22:17:68:49:93:
                    94:ec:6f:b0:be:58:b1:14:28:a5:35:7a:f9:dd:7a:
                    be:3d:49:c7:ea:90:c3:93:ac:22:2d:cf:3f:98:d7:
                    10:69:d5:45:72:04:d5:59:3f:25:fb:f2:50:eb:67:
                    94:84:2b:6b:40:2a:47:04:ac:33:74:8f:93:77:bb:
                    0c:68:09:31:91:bd:c3:e4:07:75:47:dc:14:00:db:
                    62:48:44:47:a4:df:99:cc:f6:b3:f8:ff:93:5a:7e:
                    04:87:04:cb:95:82:8c:f5:f2:a3:8e:8b:6b:bd:57:
                    d1:7b:29:c4:59:77:ff:50:fb:b0:45:ef:5b:7c:ea:
                    ea:4d:5f:68:d5:ed:a9:93:09:09:98:68:e2:fd:34:
                    bf:f3:6d:cb:64:01:7a:ca:ae:43:0d:0e:4d:fb:89:
                    c1:2f:c8:94:91:0a:87:04:8b:c2:38:d9:9c:79:39:
                    a5:be:a9:ae:4e:a0:db:2b:89:4f:8e:8b:22:ad:a1:
                    96:62:f8:b4:1f:74:63:85:f9:be:f6:d1:16:48:56:
                    6e:79:65:29:65:aa:fa:1d:61:01:d8:11:71:cd:42:
                    35:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:59:8E:A6:2D:37:AF:F7:CB:E9:93:3D:FC:50:AA:0F:EE:04:2E:F6
            X509v3 Authority Key Identifier:
                keyid:78:67:58:BE:A6:8F:08:25:CF:16:E6:6F:B0:2E:E7:BC:A4:54:BA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eGdYvqaPCCXPFuZvsC7nvKRUuuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/5VmOpi03r_fL6ZM9_FCqD-4ELvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/783f52-034d-46d3-b031-eed45c93775e/1/eGdYvqaPCCXPFuZvsC7nvKRUuuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:ca:52:98:d6:50:a6:70:da:49:b8:a2:5c:30:ee:5c:19:9c:
         41:95:87:d7:20:5d:3c:bb:75:97:f0:86:3b:69:0d:db:05:a7:
         21:5e:60:81:3c:9b:d8:49:0e:2c:f6:3b:94:42:ef:31:4c:8e:
         40:66:9d:d2:c1:e4:76:fc:b0:9c:01:72:df:57:db:8c:e1:7a:
         5d:13:82:db:dc:34:a6:99:9e:44:ba:1f:46:05:ff:cf:71:a9:
         48:1c:ee:91:d5:19:5f:ab:37:92:2c:4e:82:9f:95:65:66:a3:
         b0:18:b1:05:46:0d:f5:a1:58:0f:45:1d:13:c6:97:b6:53:c6:
         46:5d:99:0a:6f:54:08:5c:4b:de:78:77:a3:4e:77:53:c2:5c:
         f9:9a:52:a8:ae:df:83:05:19:25:04:57:15:cf:38:71:d1:ca:
         e8:c2:9b:01:a0:54:04:df:52:38:d4:6d:75:76:90:26:54:9f:
         14:1b:8a:2d:ca:b9:fd:90:92:94:94:07:bf:9f:e4:a5:20:66:
         28:c1:fc:5a:e5:3a:0c:11:df:77:d2:ea:5c:10:ab:e0:a4:8f:
         d1:ec:d3:bf:de:8c:e1:83:f7:4a:a2:ce:6b:17:52:6d:67:c6:
         1c:49:7a:09:4c:84:15:27:3e:d1:62:84:8d:13:38:88:8f:a1:
         2f:b6:bf:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FS8bqi2D1lBT5tu6kuugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4Njc1OGJlYTY4ZjA4MjVjZjE2ZTY2ZmIwMmVlN2JjYTQ1
NGJhZTIwHhcNMjYwMTAyMTQyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU5OGVhNjJkMzdhZmY3Y2JlOTkzM2RmYzUwYWEwZmVlMDQyZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKu4e29/1pYo1csTLHBfb9aN6D0J
xKRdRGprjDt1YooCtMYacxo1IhdoSZOU7G+wvlixFCilNXr53Xq+PUnH6pDDk6wi
Lc8/mNcQadVFcgTVWT8l+/JQ62eUhCtrQCpHBKwzdI+Td7sMaAkxkb3D5Ad1R9wU
ANtiSERHpN+ZzPaz+P+TWn4EhwTLlYKM9fKjjotrvVfReynEWXf/UPuwRe9bfOrq
TV9o1e2pkwkJmGji/TS/823LZAF6yq5DDQ5N+4nBL8iUkQqHBIvCONmceTmlvqmu
TqDbK4lPjosiraGWYvi0H3Rjhfm+9tEWSFZueWUpZar6HWEB2BFxzUI1RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVZjqYtN6/3y+mTPfxQqg/uBC72MB8GA1UdIwQY
MBaAFHhnWL6mjwglzxbmb7Au57ykVLriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUdkWXZxYVBDQ1hQRnVadnNDN252S1JVdXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ODNmNTItMDM0ZC00NmQzLWIwMzEt
ZWVkNDVjOTM3NzVlLzEvNVZtT3BpMDNyX2ZMNlpNOV9GQ3FELTRFTHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ODNmNTItMDM0ZC00NmQzLWIwMzEtZWVkNDVjOTM3NzVl
LzEvZUdkWXZxYVBDQ1hQRnVadnNDN252S1JVdXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaJoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEylKY1lCmcNpJuKJcMO5cGZxBlYfXIF08u3WX8IY7
aQ3bBachXmCBPJvYSQ4s9juUQu8xTI5AZp3SweR2/LCcAXLfV9uM4XpdE4Lb3DSm
mZ5Euh9GBf/PcalIHO6R1RlfqzeSLE6Cn5VlZqOwGLEFRg31oVgPRR0Txpe2U8ZG
XZkKb1QIXEveeHejTndTwlz5mlKort+DBRklBFcVzzhx0crowpsBoFQE31I41G11
dpAmVJ8UG4otyrn9kJKUlAe/n+SlIGYowfxa5ToMEd930upcEKvgpI/R7NO/3ozh
g/dKos5rF1JtZ8YcSXoJTIQVJz7RYoSNEziIj6Evtr/F
-----END CERTIFICATE-----