This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/ttBmnLsLGk0QiBDZZrhpXLeq2Ro.roa
File:                     ttBmnLsLGk0QiBDZZrhpXLeq2Ro.roa (raw, json)
Hash identifier:          aVi6Xk9A2f5Su9Y+yYYHIztt83ZG9tqYXEgyisye2K0=
Subject key identifier:   B6:D0:66:9C:BB:0B:1A:4D:10:88:10:D9:66:B8:69:5C:B7:AA:D9:1A
Certificate issuer:       /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial:       019B7CED5EB70F5185392B9006BC1593525B
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/ttBmnLsLGk0QiBDZZrhpXLeq2Ro.roa
Signing time:             Fri 02 Jan 2026 04:18:09 +0000
ROA not before:           Fri 02 Jan 2026 04:18:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203978
IP address blocks:        185.176.104.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:5e:b7:0f:51:85:39:2b:90:06:bc:15:93:52:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
        Validity
            Not Before: Jan  2 04:18:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b6d0669cbb0b1a4d108810d966b8695cb7aad91a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a6:88:87:d1:9f:5f:fd:18:0b:f3:38:70:ce:
                    8d:a8:9e:c3:e8:d9:9b:1e:d3:3a:5b:74:66:48:f5:
                    27:d0:b4:38:ce:a7:e5:1e:e0:47:7a:31:f3:ab:5f:
                    b6:32:7f:b4:a8:50:1a:4a:c2:13:65:52:a2:98:3e:
                    9e:a6:4e:65:8a:c6:eb:df:2d:7a:e0:7e:29:fd:83:
                    d4:d6:cc:5b:c7:da:c1:83:08:18:75:92:be:95:6b:
                    2c:d7:87:59:7f:b1:8f:51:0b:be:8a:15:ee:6d:25:
                    75:5c:43:93:82:38:e6:e5:c8:c9:6b:03:1a:08:61:
                    37:82:fd:5e:8e:a1:27:be:06:e3:97:5a:8b:6d:f7:
                    68:b5:55:ad:86:1e:7f:76:8f:48:30:80:66:61:9e:
                    15:ea:a3:d6:66:e0:2f:9e:7d:78:33:5f:36:bd:7a:
                    39:9e:ee:23:ed:65:f2:2e:57:9a:18:2e:8d:66:67:
                    58:64:cc:c9:09:0e:02:3b:3f:67:6b:f4:c0:1c:e7:
                    7e:ff:aa:3b:b4:53:10:6f:cb:15:bd:7a:e2:ca:f1:
                    aa:52:4a:6e:db:d9:d5:3e:55:2b:f2:2c:97:ab:6a:
                    27:92:79:c7:58:d5:3f:cb:24:78:43:69:3f:64:aa:
                    cf:ab:e0:a9:4a:7d:77:fd:d8:db:d6:01:60:5d:43:
                    b9:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D0:66:9C:BB:0B:1A:4D:10:88:10:D9:66:B8:69:5C:B7:AA:D9:1A
            X509v3 Authority Key Identifier:
                keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/ttBmnLsLGk0QiBDZZrhpXLeq2Ro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.176.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:33:af:58:d9:8d:ea:c2:f6:62:eb:25:ec:1e:96:55:f4:a7:
         65:66:dc:f9:be:8b:d8:e0:81:ce:e2:a3:a6:c9:a1:64:c1:f8:
         8a:59:e1:f2:9e:a8:ac:9c:a3:ef:12:c4:52:eb:5e:6f:d0:40:
         44:d5:32:3c:55:7a:9b:6e:be:b6:35:70:23:d8:fa:ec:6f:e3:
         b1:e2:b3:28:64:d8:11:c1:ef:c6:9f:4d:d9:dd:9e:e4:f0:78:
         78:14:72:e1:47:7d:d7:2c:ca:55:9f:e7:a2:eb:db:4e:92:51:
         5f:e1:08:28:f2:7b:9a:cc:f1:48:dc:15:fb:8b:70:82:4c:f8:
         27:62:e8:1a:3c:ec:7f:79:6a:ea:a9:85:c4:a7:3a:ab:df:39:
         bc:09:0b:6b:58:53:22:cc:ea:05:cd:3f:cc:4d:23:58:c8:bb:
         0c:46:54:09:4c:ab:f2:45:36:39:fd:54:3b:67:3b:ec:fd:e4:
         f2:09:4b:15:8f:f2:9c:f0:36:d2:56:37:7a:af:8b:bb:b8:de:
         73:b5:e4:38:1d:87:a3:b0:ac:a7:79:b9:a6:13:9a:ec:c0:d3:
         34:20:58:81:24:7a:41:0f:78:b6:51:61:bc:fc:fb:8c:ac:5a:
         2d:d2:30:72:f6:fb:01:e3:9a:4b:da:94:d7:9a:c6:b1:2c:46:
         13:0f:9a:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87V63D1GFOSuQBrwVk1JbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjYwMTAyMDQxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQwNjY5Y2JiMGIxYTRkMTA4ODEwZDk2NmI4Njk1Y2I3YWFkOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaaIh9GfX/0YC/M4cM6NqJ7D6Nmb
HtM6W3RmSPUn0LQ4zqflHuBHejHzq1+2Mn+0qFAaSsITZVKimD6epk5lisbr3y16
4H4p/YPU1sxbx9rBgwgYdZK+lWss14dZf7GPUQu+ihXubSV1XEOTgjjm5cjJawMa
CGE3gv1ejqEnvgbjl1qLbfdotVWthh5/do9IMIBmYZ4V6qPWZuAvnn14M182vXo5
nu4j7WXyLleaGC6NZmdYZMzJCQ4COz9na/TAHOd+/6o7tFMQb8sVvXriyvGqUkpu
29nVPlUr8iyXq2onknnHWNU/yyR4Q2k/ZKrPq+CpSn13/djb1gFgXUO5VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbQZpy7CxpNEIgQ2Wa4aVy3qtkaMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvdHRCbW5Mc0xHazBRaUJEWlpyaHBYTGVxMlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubBoMA0G
CSqGSIb3DQEBCwUAA4IBAQCNM69Y2Y3qwvZi6yXsHpZV9KdlZtz5vovY4IHO4qOm
yaFkwfiKWeHynqisnKPvEsRS615v0EBE1TI8VXqbbr62NXAj2Prsb+Ox4rMoZNgR
we/Gn03Z3Z7k8Hh4FHLhR33XLMpVn+ei69tOklFf4Qgo8nuazPFI3BX7i3CCTPgn
YugaPOx/eWrqqYXEpzqr3zm8CQtrWFMizOoFzT/MTSNYyLsMRlQJTKvyRTY5/VQ7
Zzvs/eTyCUsVj/Kc8DbSVjd6r4u7uN5zteQ4HYejsKynebmmE5rswNM0IFiBJHpB
D3i2UWG8/PuMrFot0jBy9vsB45pL2pTXmsaxLEYTD5r0
-----END CERTIFICATE-----