This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eQteGe3dUsvEvumdMFEyVqvLcUI.roa
File:                     eQteGe3dUsvEvumdMFEyVqvLcUI.roa (raw, json)
Hash identifier:          i/PVqNV8H6klhROm0PX4mdNPbEa+iKND/8anAmOUj6s=
Subject key identifier:   79:0B:5E:19:ED:DD:52:CB:C4:BE:E9:9D:30:51:32:56:AB:CB:71:42
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       019B76EB498AFFEE3FA33147BC197B9C01DC
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eQteGe3dUsvEvumdMFEyVqvLcUI.roa
Signing time:             Thu 01 Jan 2026 00:18:09 +0000
ROA not before:           Thu 01 Jan 2026 00:18:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     582
IP address blocks:        2.179.16.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:49:8a:ff:ee:3f:a3:31:47:bc:19:7b:9c:01:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 00:18:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=790b5e19eddd52cbc4bee99d30513256abcb7142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:33:d0:0c:65:f1:bb:c7:ae:7f:59:89:00:61:
                    20:69:f4:57:2e:fa:f6:29:d1:ca:74:ab:68:65:30:
                    08:34:22:10:aa:e5:c3:02:3a:3d:7c:d5:4d:92:13:
                    e2:0a:9f:4b:5d:56:d3:2a:3b:40:b0:dd:0d:50:1e:
                    e4:2f:12:02:29:29:dc:0b:ec:d8:0c:65:13:15:94:
                    01:7f:3e:9f:4c:09:0c:79:6b:b2:d5:8b:f2:d0:93:
                    f0:be:b7:31:56:53:67:d0:2b:12:08:d7:32:79:56:
                    68:8b:e3:c3:3e:bc:00:b2:56:42:f9:6f:69:1d:45:
                    3f:af:60:51:bd:80:f5:73:28:6b:a2:5c:31:de:a4:
                    10:d6:27:b1:11:46:32:b1:31:99:7b:2d:d1:cf:19:
                    d0:ca:6f:7f:a1:79:7e:f3:62:04:e6:39:ec:f7:4f:
                    87:74:fd:2a:ec:b9:b5:92:0b:b0:d8:9f:b3:91:90:
                    e7:75:86:05:c9:2f:ec:a6:70:9c:b6:39:1c:a1:dd:
                    be:69:d3:03:69:91:c3:b6:06:81:98:db:bf:5a:c1:
                    dd:ab:fe:2f:1c:45:9c:aa:ce:1b:cc:6f:58:42:9b:
                    1c:b7:50:58:f4:d4:65:06:52:31:e3:33:4c:6a:6b:
                    2e:2a:82:59:76:2d:61:62:cc:b3:aa:7f:66:7b:13:
                    29:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0B:5E:19:ED:DD:52:CB:C4:BE:E9:9D:30:51:32:56:AB:CB:71:42
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/eQteGe3dUsvEvumdMFEyVqvLcUI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.179.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:8a:e9:3e:cb:f9:5d:55:a7:d4:bc:36:df:92:a7:ef:b3:7d:
         2f:24:b5:d1:97:44:85:58:24:2d:68:1a:78:bc:e6:58:0d:42:
         12:06:48:ca:b9:5f:47:30:69:cd:38:28:a0:da:f0:f9:90:05:
         8c:4f:a3:06:1f:92:53:59:99:94:0f:b3:ca:dd:2b:4e:f1:01:
         4c:5e:0e:b6:1f:4c:55:30:bd:e2:ea:fa:4d:2c:12:6e:b9:d6:
         18:0d:99:a5:19:9d:19:bc:49:be:f5:58:09:90:a2:7d:65:e0:
         4c:33:97:1f:75:f1:45:60:8a:32:cc:68:a9:f1:9b:1d:1c:30:
         11:68:c0:be:fa:db:ed:30:8b:b7:01:c4:fd:8c:ff:89:01:8d:
         f0:e4:bf:7a:47:f2:56:fc:df:93:17:ed:e5:fa:ff:40:e0:3b:
         7b:3a:82:c3:3b:b5:c5:55:8a:85:8c:40:7b:28:ef:30:f0:c0:
         6c:d0:b5:bc:93:76:51:0f:2f:fc:2d:56:7a:04:c5:20:d0:34:
         83:09:f3:e5:1a:2a:25:13:8a:45:ed:05:33:05:67:ba:c2:f1:
         6c:16:3f:90:85:ba:4d:c3:9b:93:c9:41:cf:02:a0:89:c0:45:
         90:19:0b:6f:39:68:72:f1:b4:9c:96:ea:d3:e0:16:a3:80:3f:
         30:68:8b:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt260mK/+4/ozFHvBl7nAHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjYwMTAxMDAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTBiNWUxOWVkZGQ1MmNiYzRiZWU5OWQzMDUxMzI1NmFiY2I3MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DPQDGXxu8euf1mJAGEgafRXLvr2
KdHKdKtoZTAINCIQquXDAjo9fNVNkhPiCp9LXVbTKjtAsN0NUB7kLxICKSncC+zY
DGUTFZQBfz6fTAkMeWuy1Yvy0JPwvrcxVlNn0CsSCNcyeVZoi+PDPrwAslZC+W9p
HUU/r2BRvYD1cyhrolwx3qQQ1iexEUYysTGZey3RzxnQym9/oXl+82IE5jns90+H
dP0q7Lm1kguw2J+zkZDndYYFyS/spnCctjkcod2+adMDaZHDtgaBmNu/WsHdq/4v
HEWcqs4bzG9YQpsct1BY9NRlBlIx4zNMamsuKoJZdi1hYsyzqn9mexMpgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHkLXhnt3VLLxL7pnTBRMlary3FCMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvZVF0ZUdlM2RVc3ZFdnVtZE1GRXlWcXZMY1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCArMQMA0G
CSqGSIb3DQEBCwUAA4IBAQBPiuk+y/ldVafUvDbfkqfvs30vJLXRl0SFWCQtaBp4
vOZYDUISBkjKuV9HMGnNOCig2vD5kAWMT6MGH5JTWZmUD7PK3StO8QFMXg62H0xV
ML3i6vpNLBJuudYYDZmlGZ0ZvEm+9VgJkKJ9ZeBMM5cfdfFFYIoyzGip8ZsdHDAR
aMC++tvtMIu3AcT9jP+JAY3w5L96R/JW/N+TF+3l+v9A4Dt7OoLDO7XFVYqFjEB7
KO8w8MBs0LW8k3ZRDy/8LVZ6BMUg0DSDCfPlGiolE4pF7QUzBWe6wvFsFj+QhbpN
w5uTyUHPAqCJwEWQGQtvOWhy8bSclurT4BajgD8waIvk
-----END CERTIFICATE-----