This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/sp23iojkUlXvDnDSLQe9DVW6zCM.roa
File:                     sp23iojkUlXvDnDSLQe9DVW6zCM.roa (raw, json)
Hash identifier:          ItxUovQ6Ro6VwfEDnq1K0RyqsdWqH/Ru+ywVCl5uVVk=
Subject key identifier:   B2:9D:B7:8A:88:E4:52:55:EF:0E:70:D2:2D:07:BD:0D:55:BA:CC:23
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       019B77590A65398F89549EFB6138A0337CBB
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/sp23iojkUlXvDnDSLQe9DVW6zCM.roa
Signing time:             Thu 01 Jan 2026 02:18:02 +0000
ROA not before:           Thu 01 Jan 2026 02:18:02 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205384
IP address blocks:        77.65.228.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:0a:65:39:8f:89:54:9e:fb:61:38:a0:33:7c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 02:18:02 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b29db78a88e45255ef0e70d22d07bd0d55bacc23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:db:14:e6:ba:77:7a:27:42:ab:9b:a3:c2:08:
                    15:e3:56:9a:eb:f3:bf:85:07:fd:5b:17:1d:df:af:
                    4c:b5:d9:11:6d:99:e2:47:1c:80:d1:2b:44:c2:ff:
                    29:6f:35:65:4a:c0:b2:e4:1f:82:26:a7:91:96:21:
                    96:5a:4b:b2:5e:13:3a:72:6e:fc:b7:e5:27:26:f9:
                    15:8d:8d:f9:c3:b7:95:f0:55:0a:a6:af:ea:d7:f0:
                    d7:24:39:e2:11:c7:41:41:8e:b7:d3:4d:9b:86:e7:
                    50:b9:02:61:22:37:1c:51:f7:11:1c:d5:4c:c5:29:
                    ee:10:88:56:79:6f:03:c5:30:30:04:d2:be:9f:0a:
                    de:92:7d:f2:c1:80:dc:fb:f3:3c:6f:80:06:47:15:
                    76:13:ad:f5:73:03:d4:39:90:b5:94:d3:c3:f2:4b:
                    48:25:12:f3:1e:0c:56:59:80:30:72:8a:6c:3d:bf:
                    02:13:eb:a3:df:e5:a8:d2:65:0b:8a:22:6c:ff:34:
                    4f:c4:2b:bd:01:64:2a:5d:24:0a:84:dc:3a:fe:e4:
                    c8:d5:f9:72:77:0c:b1:10:87:97:7f:7d:71:1f:4c:
                    e2:7b:e4:28:a0:5f:de:82:e1:59:1e:60:69:cf:21:
                    d2:85:83:14:d0:1b:e6:23:cc:84:c1:ef:c5:18:7a:
                    61:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:9D:B7:8A:88:E4:52:55:EF:0E:70:D2:2D:07:BD:0D:55:BA:CC:23
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/sp23iojkUlXvDnDSLQe9DVW6zCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.65.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:65:a0:b0:53:5e:ba:4d:33:da:2f:fa:b1:0b:80:1d:b6:95:
         ef:a9:04:e5:7d:17:6a:3e:1e:f7:e6:fb:a3:4a:e7:99:f4:16:
         47:b5:40:bd:75:e1:b1:39:14:17:75:99:d6:26:b0:52:b9:47:
         2a:ff:fc:4d:e2:89:96:40:72:20:83:3b:8d:be:35:ae:c7:8a:
         10:ce:55:53:53:a9:d6:72:49:4b:fd:bf:75:f4:b7:9e:51:5c:
         08:f9:fe:c2:4f:f3:e6:3b:2e:d8:6d:3c:7b:6a:d4:ce:79:4e:
         5a:ba:98:1f:95:16:f5:f7:9b:8c:80:0e:f6:0c:7f:8e:6a:02:
         d0:18:72:38:c1:00:ed:23:1b:d1:68:73:e7:66:42:40:73:84:
         d5:8a:ee:57:9d:e9:c5:5e:e0:06:72:cd:2c:50:64:4c:bf:d7:
         06:34:8a:6b:0d:6b:52:a8:25:fc:87:78:af:28:3f:fb:b9:d9:
         19:0c:22:ca:6f:f6:04:c2:60:48:a1:23:0d:26:80:b4:e4:14:
         f6:88:0b:da:1c:f5:43:2f:75:a1:eb:76:1b:2c:1c:59:2d:ed:
         27:7c:e5:e8:eb:9d:16:d0:a4:46:b2:45:95:69:ce:24:bf:65:
         28:e2:30:18:7f:1f:2e:1c:93:6d:ce:c3:1f:8a:3e:38:8c:12:
         f9:a9:e7:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WQplOY+JVJ77YTigM3y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjYwMTAxMDIxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjlkYjc4YTg4ZTQ1MjU1ZWYwZTcwZDIyZDA3YmQwZDU1YmFjYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNsU5rp3eidCq5ujwggV41aa6/O/
hQf9Wxcd369MtdkRbZniRxyA0StEwv8pbzVlSsCy5B+CJqeRliGWWkuyXhM6cm78
t+UnJvkVjY35w7eV8FUKpq/q1/DXJDniEcdBQY63002bhudQuQJhIjccUfcRHNVM
xSnuEIhWeW8DxTAwBNK+nwrekn3ywYDc+/M8b4AGRxV2E631cwPUOZC1lNPD8ktI
JRLzHgxWWYAwcopsPb8CE+uj3+Wo0mULiiJs/zRPxCu9AWQqXSQKhNw6/uTI1fly
dwyxEIeXf31xH0zie+QooF/eguFZHmBpzyHShYMU0BvmI8yEwe/FGHphNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKdt4qI5FJV7w5w0i0HvQ1VuswjMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvc3AyM2lvamtVbFh2RG5EU0xRZTlEVlc2ekNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTUHkMA0G
CSqGSIb3DQEBCwUAA4IBAQAGZaCwU166TTPaL/qxC4AdtpXvqQTlfRdqPh735vuj
SueZ9BZHtUC9deGxORQXdZnWJrBSuUcq//xN4omWQHIggzuNvjWux4oQzlVTU6nW
cklL/b919LeeUVwI+f7CT/PmOy7YbTx7atTOeU5aupgflRb195uMgA72DH+OagLQ
GHI4wQDtIxvRaHPnZkJAc4TViu5XnenFXuAGcs0sUGRMv9cGNIprDWtSqCX8h3iv
KD/7udkZDCLKb/YEwmBIoSMNJoC05BT2iAvaHPVDL3Wh63YbLBxZLe0nfOXo650W
0KRGskWVac4kv2Uo4jAYfx8uHJNtzsMfij44jBL5qecu
-----END CERTIFICATE-----