This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/qr2Qsm_m43gmQ4yBbPFTPZR9e5E.roa
File:                     qr2Qsm_m43gmQ4yBbPFTPZR9e5E.roa (raw, json)
Hash identifier:          3+Soe86vT0NYIViAWLAPp8YdyjKuUQGSfLwiQOP3wao=
Subject key identifier:   AA:BD:90:B2:6F:E6:E3:78:26:43:8C:81:6C:F1:53:3D:94:7D:7B:91
Certificate issuer:       /CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Certificate serial:       019B7DC933A340616288CFC4CFD8260F9A06
Authority key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/qr2Qsm_m43gmQ4yBbPFTPZR9e5E.roa
Signing time:             Fri 02 Jan 2026 08:18:16 +0000
ROA not before:           Fri 02 Jan 2026 08:18:16 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16276
IP address blocks:        185.68.136.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:c9:33:a3:40:61:62:88:cf:c4:cf:d8:26:0f:9a:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
        Validity
            Not Before: Jan  2 08:18:16 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=aabd90b26fe6e37826438c816cf1533d947d7b91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:96:4d:e7:dc:6e:41:46:98:25:d1:a9:e2:95:
                    3a:40:c6:65:d7:44:65:fa:53:6c:9f:81:da:00:47:
                    c0:1a:12:d6:9b:0f:fd:05:63:77:4d:0f:37:a9:db:
                    e9:0b:b6:bf:6b:58:d2:3d:9d:70:e6:42:58:cc:cf:
                    02:f9:6c:88:7f:4c:73:ac:2b:26:bf:43:82:63:62:
                    c8:51:6f:e7:00:c9:ef:ea:d9:56:1c:b7:4f:52:78:
                    0c:d5:e9:03:9c:bd:72:db:4c:cb:53:c9:df:a1:98:
                    9d:26:db:07:ff:49:8c:28:70:68:84:ed:0d:38:9b:
                    77:97:18:00:fb:ae:04:8d:7f:0f:d6:39:6b:e3:d3:
                    55:c1:7c:b7:03:79:5a:68:c4:6e:c8:a0:af:c8:f3:
                    6d:83:bd:6a:94:23:bc:7d:6c:25:28:1b:a0:85:d6:
                    35:6f:cf:a6:f9:95:5a:da:d2:ea:59:9a:96:6c:a0:
                    b4:11:0b:3d:89:c9:e1:43:49:28:33:15:63:5e:0a:
                    54:2c:7b:3e:54:f7:70:3c:b3:f8:52:58:c8:41:a6:
                    41:e4:70:4c:7f:36:93:4b:dc:94:07:4b:58:f0:44:
                    b1:9c:5e:3e:2d:cc:2f:8c:2a:b8:89:6a:61:cc:61:
                    60:1c:59:14:e5:78:2f:e9:34:64:73:94:cf:5a:b6:
                    a7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:BD:90:B2:6F:E6:E3:78:26:43:8C:81:6C:F1:53:3D:94:7D:7B:91
            X509v3 Authority Key Identifier:
                keyid:95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/qr2Qsm_m43gmQ4yBbPFTPZR9e5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:ef:c7:4f:bf:de:18:67:47:da:8c:0b:f3:2e:85:98:b5:33:
         f5:9a:af:d1:97:28:fd:86:24:27:86:77:23:1f:9d:db:3b:3d:
         d6:4c:82:3d:61:b5:87:83:5c:32:f3:58:1f:0d:61:15:70:c3:
         05:7f:d6:c2:dd:1f:56:fc:e4:17:e4:b6:a8:92:6c:20:62:81:
         3c:6d:4e:37:7c:3d:88:76:0d:88:31:6f:83:b4:df:21:58:11:
         3b:12:a4:b1:25:1b:42:03:5e:78:fe:cc:4f:49:7e:68:79:37:
         77:7f:06:e8:22:02:69:09:a1:b7:65:38:61:a0:0e:ea:7e:1f:
         b0:0a:12:3b:4c:40:9c:c7:15:b5:b2:fc:36:4a:cd:0c:60:80:
         54:0f:f9:7a:c6:22:9a:d7:26:8e:4d:84:b7:06:e0:f9:54:e7:
         58:70:93:95:79:cb:fd:c4:43:55:80:00:76:39:e7:5d:7b:c8:
         13:e0:c4:f8:28:53:56:10:e3:5c:be:e1:7c:d3:08:7a:75:25:
         9a:d8:d3:31:ad:bc:98:7d:40:f4:9c:bc:80:ce:f5:84:7a:83:
         3b:2f:18:e9:39:9f:53:98:40:49:49:63:08:94:43:42:c0:91:
         84:80:bd:d8:71:4a:24:a2:ce:aa:17:f9:5d:e4:e6:d3:c6:47:
         06:c2:d1:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yTOjQGFiiM/Ez9gmD5oGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NTcxZDg4YjUzOTY1YTdkMDgxZjNiMWQ4Mjg5Y2JjMjg3
NzViODgwHhcNMjYwMTAyMDgxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWJkOTBiMjZmZTZlMzc4MjY0MzhjODE2Y2YxNTMzZDk0N2Q3YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZZN59xuQUaYJdGp4pU6QMZl10Rl
+lNsn4HaAEfAGhLWmw/9BWN3TQ83qdvpC7a/a1jSPZ1w5kJYzM8C+WyIf0xzrCsm
v0OCY2LIUW/nAMnv6tlWHLdPUngM1ekDnL1y20zLU8nfoZidJtsH/0mMKHBohO0N
OJt3lxgA+64EjX8P1jlr49NVwXy3A3laaMRuyKCvyPNtg71qlCO8fWwlKBughdY1
b8+m+ZVa2tLqWZqWbKC0EQs9icnhQ0koMxVjXgpULHs+VPdwPLP4UljIQaZB5HBM
fzaTS9yUB0tY8ESxnF4+LcwvjCq4iWphzGFgHFkU5Xgv6TRkc5TPWraniQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq9kLJv5uN4JkOMgWzxUz2UfXuRMB8GA1UdIwQY
MBaAFJVXHYi1OWWn0IHzsdgonLwod1uIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZjZGlMVTVaYWZRZ2ZPeDJDaWN2Q2gzVzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iM2Y5OTMtZDAzYi00YjEzLTgxYWYt
YWE2MjI5Njk4NDYxLzEvcXIyUXNtX200M2dtUTR5QmJQRlRQWlI5ZTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iM2Y5OTMtZDAzYi00YjEzLTgxYWYtYWE2MjI5Njk4NDYx
LzEvbFZjZGlMVTVaYWZRZ2ZPeDJDaWN2Q2gzVzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUSIMA0G
CSqGSIb3DQEBCwUAA4IBAQC678dPv94YZ0fajAvzLoWYtTP1mq/Rlyj9hiQnhncj
H53bOz3WTII9YbWHg1wy81gfDWEVcMMFf9bC3R9W/OQX5LaokmwgYoE8bU43fD2I
dg2IMW+DtN8hWBE7EqSxJRtCA154/sxPSX5oeTd3fwboIgJpCaG3ZThhoA7qfh+w
ChI7TECcxxW1svw2Ss0MYIBUD/l6xiKa1yaOTYS3BuD5VOdYcJOVecv9xENVgAB2
Oedde8gT4MT4KFNWEONcvuF80wh6dSWa2NMxrbyYfUD0nLyAzvWEeoM7LxjpOZ9T
mEBJSWMIlENCwJGEgL3YcUokos6qF/ld5ObTxkcGwtGe
-----END CERTIFICATE-----
Generated at Sun Jan 25 09:18:37 2026 by rpki-client