This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/vdBF4D6B4y0Ni8JRFy3wrlKFdow.roa
File:                     vdBF4D6B4y0Ni8JRFy3wrlKFdow.roa (raw, json)
Hash identifier:          V5Qj+2qVfjThhkfwRXhTo9kpUUm1HojCtg/JdAzbU9Q=
Subject key identifier:   BD:D0:45:E0:3E:81:E3:2D:0D:8B:C2:51:17:2D:F0:AE:52:85:76:8C
Certificate issuer:       /CN=7ace176a69ccc9c996e1610925c0b6bdf76b207c
Certificate serial:       019B7AC911897F1E6A8AA4CA4F2D343092E6
Authority key identifier: 7A:CE:17:6A:69:CC:C9:C9:96:E1:61:09:25:C0:B6:BD:F7:6B:20:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es4XamnMycmW4WEJJcC2vfdrIHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/vdBF4D6B4y0Ni8JRFy3wrlKFdow.roa
Signing time:             Thu 01 Jan 2026 18:19:16 +0000
ROA not before:           Thu 01 Jan 2026 18:19:16 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     9211
IP address blocks:        193.194.129.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/es4XamnMycmW4WEJJcC2vfdrIHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/es4XamnMycmW4WEJJcC2vfdrIHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/es4XamnMycmW4WEJJcC2vfdrIHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c9:11:89:7f:1e:6a:8a:a4:ca:4f:2d:34:30:92:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ace176a69ccc9c996e1610925c0b6bdf76b207c
        Validity
            Not Before: Jan  1 18:19:16 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bdd045e03e81e32d0d8bc251172df0ae5285768c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4c:a1:f6:84:5d:a0:92:0e:a5:2e:18:0b:e1:
                    7f:5a:f1:56:7c:a1:a4:3c:b4:72:c6:75:d7:ad:83:
                    c8:34:1d:fe:ed:10:f7:0d:87:04:6d:80:a8:ef:7d:
                    41:ba:b8:a4:7a:29:c3:c1:49:30:49:5d:79:75:a4:
                    c6:a1:91:82:c7:39:52:45:3b:d7:f3:7e:5e:4d:f0:
                    6b:6a:1b:73:06:5f:52:52:f8:25:37:59:3f:e7:85:
                    1f:24:a8:1a:0d:a5:8a:9e:9f:9d:8a:d0:27:84:d1:
                    21:31:ad:14:6c:1b:2c:01:e2:47:c3:73:5d:36:71:
                    61:1b:5b:fb:1e:fc:db:5d:63:39:8d:3d:83:55:07:
                    c2:f8:86:b1:81:cf:f9:76:44:f3:0a:7b:56:5f:36:
                    9e:d2:6f:42:c7:ff:9c:ec:03:e2:a2:d9:33:34:26:
                    09:0c:7e:80:c2:52:e7:ed:0f:d1:11:87:1d:91:b3:
                    d3:26:77:71:ef:96:cb:d5:9e:71:b2:eb:c3:a2:e4:
                    ed:a8:e6:c6:c3:74:1f:a0:db:a3:da:0f:d4:21:b2:
                    4e:b7:d0:09:ca:ec:ba:27:84:a7:fe:4a:66:ee:fb:
                    17:0d:2d:01:8d:9d:f5:6c:fe:2e:4f:f4:89:72:5a:
                    3e:39:e0:4f:3d:5b:b8:dc:f0:42:44:45:b2:7b:fb:
                    81:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:D0:45:E0:3E:81:E3:2D:0D:8B:C2:51:17:2D:F0:AE:52:85:76:8C
            X509v3 Authority Key Identifier:
                keyid:7A:CE:17:6A:69:CC:C9:C9:96:E1:61:09:25:C0:B6:BD:F7:6B:20:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es4XamnMycmW4WEJJcC2vfdrIHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/vdBF4D6B4y0Ni8JRFy3wrlKFdow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6afcbe-6df0-4f77-af34-c61803c34657/1/es4XamnMycmW4WEJJcC2vfdrIHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.194.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:ce:1c:c9:8b:e2:df:b8:e8:22:07:13:f5:87:b2:44:fc:4a:
         36:9a:06:8a:e1:5e:cf:fa:05:77:ce:f7:ba:c9:dd:54:27:51:
         d8:2a:89:08:4c:96:d5:61:5d:18:1c:cf:1c:a0:78:04:09:43:
         6a:c6:14:91:fe:43:38:27:0f:ed:29:06:1e:0c:7f:ea:07:c8:
         ce:de:46:a7:53:52:2c:03:a6:27:57:ca:6d:b2:5b:e0:7f:2a:
         68:66:d5:66:2f:d7:7e:8f:c7:7e:54:c5:e7:cb:ee:b2:28:f0:
         25:b4:f2:da:ad:0a:4f:84:a2:0d:d0:57:1f:f3:31:2a:4b:5b:
         5a:ae:ea:4d:55:79:0b:d3:1f:04:e1:4b:a7:99:4c:a9:d6:73:
         b2:01:af:c2:ba:39:92:93:43:48:ce:42:9e:f0:d4:06:c4:ed:
         84:7a:a6:03:bb:f4:33:70:52:e3:df:6a:bd:e9:db:36:59:20:
         d6:b9:18:33:ff:1b:57:f4:1a:ce:15:37:a4:85:7f:55:f6:5d:
         14:76:cd:2a:d1:80:cb:af:1d:1f:93:31:7c:cc:35:66:66:68:
         bc:f6:eb:62:7a:83:a7:ec:c8:72:4b:e9:e5:f8:e5:f5:18:05:
         db:b7:ab:8d:c9:1b:b6:2f:48:37:d9:2a:12:14:8f:50:8a:76:
         25:0e:e5:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yRGJfx5qiqTKTy00MJLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2UxNzZhNjljY2M5Yzk5NmUxNjEwOTI1YzBiNmJkZjc2
YjIwN2MwHhcNMjYwMTAxMTgxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQwNDVlMDNlODFlMzJkMGQ4YmMyNTExNzJkZjBhZTUyODU3NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0yh9oRdoJIOpS4YC+F/WvFWfKGk
PLRyxnXXrYPINB3+7RD3DYcEbYCo731BurikeinDwUkwSV15daTGoZGCxzlSRTvX
835eTfBrahtzBl9SUvglN1k/54UfJKgaDaWKnp+ditAnhNEhMa0UbBssAeJHw3Nd
NnFhG1v7HvzbXWM5jT2DVQfC+Iaxgc/5dkTzCntWXzae0m9Cx/+c7APiotkzNCYJ
DH6AwlLn7Q/REYcdkbPTJndx75bL1Z5xsuvDouTtqObGw3QfoNuj2g/UIbJOt9AJ
yuy6J4Sn/kpm7vsXDS0BjZ31bP4uT/SJclo+OeBPPVu43PBCREWye/uB/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3QReA+geMtDYvCURct8K5ShXaMMB8GA1UdIwQY
MBaAFHrOF2ppzMnJluFhCSXAtr33ayB8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXM0WGFtbk15Y21XNFdFSkpjQzJ2ZmRySUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YWZjYmUtNmRmMC00Zjc3LWFmMzQt
YzYxODAzYzM0NjU3LzEvdmRCRjRENkI0eTBOaThKUkZ5M3dybEtGZG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YWZjYmUtNmRmMC00Zjc3LWFmMzQtYzYxODAzYzM0NjU3
LzEvZXM0WGFtbk15Y21XNFdFSkpjQzJ2ZmRySUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcKBMA0G
CSqGSIb3DQEBCwUAA4IBAQB1zhzJi+LfuOgiBxP1h7JE/Eo2mgaK4V7P+gV3zve6
yd1UJ1HYKokITJbVYV0YHM8coHgECUNqxhSR/kM4Jw/tKQYeDH/qB8jO3kanU1Is
A6YnV8ptslvgfypoZtVmL9d+j8d+VMXny+6yKPAltPLarQpPhKIN0Fcf8zEqS1ta
rupNVXkL0x8E4UunmUyp1nOyAa/CujmSk0NIzkKe8NQGxO2EeqYDu/QzcFLj32q9
6ds2WSDWuRgz/xtX9BrOFTekhX9V9l0Uds0q0YDLrx0fkzF8zDVmZmi89utieoOn
7MhyS+nl+OX1GAXbt6uNyRu2L0g32SoSFI9QinYlDuWd
-----END CERTIFICATE-----