This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/mGKDWCPyI5MUqtkn27jC4-87zx0.roa
File:                     mGKDWCPyI5MUqtkn27jC4-87zx0.roa (raw, json)
Hash identifier:          JD5UOH21GzZdEnZQhjT7oZLqv6/K0tGS2f9U459A/Ys=
Subject key identifier:   98:62:83:58:23:F2:23:93:14:AA:D9:27:DB:B8:C2:E3:EF:3B:CF:1D
Certificate issuer:       /CN=4b2e93ca9f9d46de543ff7c2d0540e897dc14fee
Certificate serial:       019B7AC7D23CF8D8853966DC2D93B774DE5A
Authority key identifier: 4B:2E:93:CA:9F:9D:46:DE:54:3F:F7:C2:D0:54:0E:89:7D:C1:4F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/mGKDWCPyI5MUqtkn27jC4-87zx0.roa
Signing time:             Thu 01 Jan 2026 18:17:54 +0000
ROA not before:           Thu 01 Jan 2026 18:17:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     13101
IP address blocks:        194.180.18.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:d2:3c:f8:d8:85:39:66:dc:2d:93:b7:74:de:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b2e93ca9f9d46de543ff7c2d0540e897dc14fee
        Validity
            Not Before: Jan  1 18:17:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9862835823f2239314aad927dbb8c2e3ef3bcf1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e8:c7:8b:c2:61:c6:ed:e5:9e:ca:07:e2:d2:
                    54:a2:e3:16:4b:df:3f:fe:ca:7d:3c:8c:14:9c:50:
                    15:cf:e8:0f:10:95:5f:4c:b7:9a:5f:1e:cc:53:4c:
                    d7:07:c3:37:00:a2:17:a8:94:8e:ef:ca:38:4a:27:
                    64:19:9c:6d:b8:e1:66:54:f3:9c:be:f2:a8:b6:91:
                    86:7e:51:81:23:eb:ae:c7:5f:6f:18:d6:09:32:04:
                    db:33:84:84:e5:8d:98:c3:2a:20:9a:f5:15:3a:cc:
                    67:d6:35:43:88:3a:e2:d9:99:c6:31:4e:49:3a:9c:
                    fd:e8:6f:86:f0:28:11:0a:98:67:03:4d:ef:2d:92:
                    df:dd:9e:e7:93:1f:46:1e:e3:50:17:77:f4:70:9e:
                    c1:bf:0e:19:1f:44:1f:7d:50:ec:81:07:d8:d8:37:
                    da:21:74:e0:1a:5f:c2:7b:3c:1a:f2:6e:d7:ad:14:
                    b7:14:73:97:70:78:55:13:82:05:85:cb:b8:2d:5a:
                    2e:31:e7:94:f2:6e:aa:e7:0c:0a:4d:50:19:37:84:
                    a2:63:cd:47:d4:b5:72:5c:d0:01:53:21:01:a0:34:
                    8f:51:d2:73:ff:7e:6b:40:88:42:58:bc:5b:f5:8c:
                    e4:bb:d5:dc:b6:86:ee:3d:54:1a:1a:2f:d4:84:da:
                    c4:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:62:83:58:23:F2:23:93:14:AA:D9:27:DB:B8:C2:E3:EF:3B:CF:1D
            X509v3 Authority Key Identifier:
                keyid:4B:2E:93:CA:9F:9D:46:DE:54:3F:F7:C2:D0:54:0E:89:7D:C1:4F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/mGKDWCPyI5MUqtkn27jC4-87zx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/51210c-a380-4b59-b2ad-45a21b29023d/1/Sy6Typ-dRt5UP_fC0FQOiX3BT-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:1f:d5:4d:79:cf:17:85:3a:d5:5e:65:dd:40:08:5f:0e:eb:
         d2:8e:80:8c:a1:1b:90:bd:09:87:b8:1c:12:a8:d7:a6:d1:62:
         ca:30:2a:50:85:ad:0d:55:e7:66:62:db:e9:f2:a0:9c:b8:93:
         a6:b1:b3:de:8a:bd:48:5e:13:1c:ad:30:51:3e:af:36:2f:36:
         81:56:6e:5a:c4:1c:26:3e:c1:a2:76:3e:3c:57:93:44:13:f3:
         af:ea:43:df:a7:2a:ab:d2:e4:9a:04:7a:5a:ac:ee:92:e4:79:
         11:e8:04:83:37:0c:21:7d:3b:8f:7a:87:fc:a1:d8:ec:65:c2:
         20:e0:da:0b:e2:68:db:53:05:c4:f4:8c:4e:a3:8e:8a:b0:fe:
         5a:06:97:cf:49:b3:88:c1:ba:e4:cb:ad:c5:aa:8d:29:83:28:
         c9:a6:1b:2e:75:5c:a2:a8:dd:5d:21:79:73:2d:57:b1:82:53:
         4b:70:7f:bb:d1:0d:31:f3:a9:59:0e:c1:f1:74:86:0f:96:9c:
         15:59:01:5f:f6:37:74:d6:ff:7d:b2:ed:c3:de:1b:aa:77:a7:
         b5:ae:a2:49:5e:5a:7d:88:5e:4a:2d:c6:ea:67:e6:ef:28:62:
         ba:b2:69:2c:b2:b6:a3:33:d6:08:a3:32:0c:dd:d8:1f:c6:3d:
         81:15:93:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x9I8+NiFOWbcLZO3dN5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMmU5M2NhOWY5ZDQ2ZGU1NDNmZjdjMmQwNTQwZTg5N2Rj
MTRmZWUwHhcNMjYwMTAxMTgxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODYyODM1ODIzZjIyMzkzMTRhYWQ5MjdkYmI4YzJlM2VmM2JjZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlejHi8Jhxu3lnsoH4tJUouMWS98/
/sp9PIwUnFAVz+gPEJVfTLeaXx7MU0zXB8M3AKIXqJSO78o4SidkGZxtuOFmVPOc
vvKotpGGflGBI+uux19vGNYJMgTbM4SE5Y2YwyogmvUVOsxn1jVDiDri2ZnGMU5J
Opz96G+G8CgRCphnA03vLZLf3Z7nkx9GHuNQF3f0cJ7Bvw4ZH0QffVDsgQfY2Dfa
IXTgGl/Cezwa8m7XrRS3FHOXcHhVE4IFhcu4LVouMeeU8m6q5wwKTVAZN4SiY81H
1LVyXNABUyEBoDSPUdJz/35rQIhCWLxb9Yzku9XctobuPVQaGi/UhNrEdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhig1gj8iOTFKrZJ9u4wuPvO88dMB8GA1UdIwQY
MBaAFEsuk8qfnUbeVD/3wtBUDol9wU/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3k2VHlwLWRSdDVVUF9mQzBGUU9pWDNCVC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81MTIxMGMtYTM4MC00YjU5LWIyYWQt
NDVhMjFiMjkwMjNkLzEvbUdLRFdDUHlJNU1VcXRrbjI3akM0LTg3engwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81MTIxMGMtYTM4MC00YjU5LWIyYWQtNDVhMjFiMjkwMjNk
LzEvU3k2VHlwLWRSdDVVUF9mQzBGUU9pWDNCVC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrQSMA0G
CSqGSIb3DQEBCwUAA4IBAQCWH9VNec8XhTrVXmXdQAhfDuvSjoCMoRuQvQmHuBwS
qNem0WLKMCpQha0NVedmYtvp8qCcuJOmsbPeir1IXhMcrTBRPq82LzaBVm5axBwm
PsGidj48V5NEE/Ov6kPfpyqr0uSaBHparO6S5HkR6ASDNwwhfTuPeof8odjsZcIg
4NoL4mjbUwXE9IxOo46KsP5aBpfPSbOIwbrky63Fqo0pgyjJphsudVyiqN1dIXlz
LVexglNLcH+70Q0x86lZDsHxdIYPlpwVWQFf9jd01v99su3D3huqd6e1rqJJXlp9
iF5KLcbqZ+bvKGK6smkssrajM9YIozIM3dgfxj2BFZP6
-----END CERTIFICATE-----