This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/Kd5BCnuh7Vfh_ncYW41MRfZTY_g.roa
File:                     Kd5BCnuh7Vfh_ncYW41MRfZTY_g.roa (raw, json)
Hash identifier:          550VYYwHjp6DkAL2ALMNefBJad9ffNBJSB4pG2l/Jxc=
Subject key identifier:   29:DE:41:0A:7B:A1:ED:57:E1:FE:77:18:5B:8D:4C:45:F6:53:63:F8
Certificate issuer:       /CN=6f9e9696dccf6c1a432090408514aecdc3f60739
Certificate serial:       019B77C774F936965589D3EFA75C7267086C
Authority key identifier: 6F:9E:96:96:DC:CF:6C:1A:43:20:90:40:85:14:AE:CD:C3:F6:07:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b56WltzPbBpDIJBAhRSuzcP2Bzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/Kd5BCnuh7Vfh_ncYW41MRfZTY_g.roa
Signing time:             Thu 01 Jan 2026 04:18:38 +0000
ROA not before:           Thu 01 Jan 2026 04:18:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212454
IP address blocks:        194.92.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/b56WltzPbBpDIJBAhRSuzcP2Bzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/b56WltzPbBpDIJBAhRSuzcP2Bzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b56WltzPbBpDIJBAhRSuzcP2Bzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 05:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:74:f9:36:96:55:89:d3:ef:a7:5c:72:67:08:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9e9696dccf6c1a432090408514aecdc3f60739
        Validity
            Not Before: Jan  1 04:18:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=29de410a7ba1ed57e1fe77185b8d4c45f65363f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f3:a9:73:08:a1:ec:5e:d6:b1:e1:dc:85:4e:
                    0e:e9:6f:d0:84:3f:c2:10:cd:41:5f:fb:c4:0d:a8:
                    51:64:93:ca:cb:bc:99:c8:6c:70:66:5d:0e:4f:0b:
                    7a:08:e0:66:04:0c:14:3b:14:b5:5a:cf:a1:49:b3:
                    63:9a:a4:0e:44:f2:48:e6:57:06:24:2c:84:05:ba:
                    6c:c8:2e:ca:47:eb:51:76:b7:db:e5:68:f2:45:97:
                    cb:45:db:ad:0c:29:fa:48:b5:21:7d:f7:be:94:70:
                    45:19:a1:6f:42:12:4d:8d:6f:85:0a:0f:aa:4c:5b:
                    ec:e3:b0:9a:7f:cf:ae:fe:ac:60:66:89:89:4d:6d:
                    18:dd:1b:e0:db:60:83:c4:ab:36:3a:d1:50:d1:7c:
                    72:38:37:59:1e:c7:ce:78:ea:83:d2:de:f1:86:b5:
                    6c:c0:77:ad:e3:4a:4f:b8:79:b8:44:33:0c:8c:e3:
                    dd:45:8e:55:d3:08:81:c0:d7:cc:ff:76:6f:d9:52:
                    69:2a:7b:68:cf:38:4e:65:e1:ef:e6:d7:a6:ca:6d:
                    d0:16:90:e6:5a:92:00:5c:be:3b:a3:10:d1:56:dd:
                    02:84:91:ff:af:f0:dd:d6:72:d2:8a:c6:41:a1:ef:
                    07:f3:1f:20:c3:7d:33:72:8f:86:fb:2d:14:44:d3:
                    98:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:DE:41:0A:7B:A1:ED:57:E1:FE:77:18:5B:8D:4C:45:F6:53:63:F8
            X509v3 Authority Key Identifier:
                keyid:6F:9E:96:96:DC:CF:6C:1A:43:20:90:40:85:14:AE:CD:C3:F6:07:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b56WltzPbBpDIJBAhRSuzcP2Bzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/Kd5BCnuh7Vfh_ncYW41MRfZTY_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/b56WltzPbBpDIJBAhRSuzcP2Bzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.92.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:94:c9:ca:de:3a:e0:83:2c:8f:cc:13:3b:d3:23:97:0d:6f:
         06:27:cb:cc:fd:6d:62:82:d5:27:99:49:8c:d7:21:3f:76:62:
         79:d8:1e:85:ee:3d:3e:38:21:68:63:a1:57:8d:0b:62:0b:b3:
         86:67:54:8c:c4:52:68:f6:67:1c:c8:47:e1:d4:03:b5:94:c7:
         26:c4:43:97:60:fa:46:57:a3:81:68:f4:03:cd:29:ec:9a:bd:
         fd:e9:a4:82:08:82:e2:a4:42:9d:16:33:a8:ec:8c:0f:2a:db:
         fd:5c:7c:ab:da:11:9c:4c:56:11:04:5e:57:5d:9f:f2:68:02:
         70:b8:d1:ea:89:d3:3e:62:fc:12:04:44:c4:1b:fb:da:53:d3:
         1e:db:f9:b6:26:c7:cc:9c:86:b9:11:ab:81:a4:6b:39:9e:af:
         77:a5:90:43:18:aa:79:47:57:c0:17:bd:28:91:4d:b0:89:38:
         2f:6c:35:13:49:0d:42:58:67:ce:07:ef:3c:0d:2c:6e:34:ee:
         24:a6:b3:f6:7d:71:e0:c6:55:0a:f5:9f:47:68:13:97:1c:1b:
         d8:8f:ea:e4:ea:d5:94:4f:5c:9a:a3:ea:ec:f7:3a:00:14:e3:
         7b:70:d4:c1:bc:3f:c7:1e:22:cc:da:fe:ad:fa:a5:7a:2a:f0:
         4b:97:66:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x3T5NpZVidPvp1xyZwhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOWU5Njk2ZGNjZjZjMWE0MzIwOTA0MDg1MTRhZWNkYzNm
NjA3MzkwHhcNMjYwMTAxMDQxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRlNDEwYTdiYTFlZDU3ZTFmZTc3MTg1YjhkNGM0NWY2NTM2M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfOpcwih7F7WseHchU4O6W/QhD/C
EM1BX/vEDahRZJPKy7yZyGxwZl0OTwt6COBmBAwUOxS1Ws+hSbNjmqQORPJI5lcG
JCyEBbpsyC7KR+tRdrfb5WjyRZfLRdutDCn6SLUhffe+lHBFGaFvQhJNjW+FCg+q
TFvs47Caf8+u/qxgZomJTW0Y3Rvg22CDxKs2OtFQ0XxyODdZHsfOeOqD0t7xhrVs
wHet40pPuHm4RDMMjOPdRY5V0wiBwNfM/3Zv2VJpKntozzhOZeHv5temym3QFpDm
WpIAXL47oxDRVt0ChJH/r/Dd1nLSisZBoe8H8x8gw30zco+G+y0URNOY2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCneQQp7oe1X4f53GFuNTEX2U2P4MB8GA1UdIwQY
MBaAFG+elpbcz2waQyCQQIUUrs3D9gc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjU2V2x0elBiQnBESUpCQWhSU3V6Y1AyQnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81N2NkNzItMzNlNC00MmRkLTlmMjIt
YmFmNGUwYjRhNjllLzEvS2Q1QkNudWg3VmZoX25jWVc0MU1SZlpUWV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81N2NkNzItMzNlNC00MmRkLTlmMjItYmFmNGUwYjRhNjll
LzEvYjU2V2x0elBiQnBESUpCQWhSU3V6Y1AyQnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlxkMA0G
CSqGSIb3DQEBCwUAA4IBAQCelMnK3jrggyyPzBM70yOXDW8GJ8vM/W1igtUnmUmM
1yE/dmJ52B6F7j0+OCFoY6FXjQtiC7OGZ1SMxFJo9mccyEfh1AO1lMcmxEOXYPpG
V6OBaPQDzSnsmr396aSCCILipEKdFjOo7IwPKtv9XHyr2hGcTFYRBF5XXZ/yaAJw
uNHqidM+YvwSBETEG/vaU9Me2/m2JsfMnIa5EauBpGs5nq93pZBDGKp5R1fAF70o
kU2wiTgvbDUTSQ1CWGfOB+88DSxuNO4kprP2fXHgxlUK9Z9HaBOXHBvYj+rk6tWU
T1yao+rs9zoAFON7cNTBvD/HHiLM2v6t+qV6KvBLl2av
-----END CERTIFICATE-----