This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KmvUjTYBmXWQQ7VBrAmiVBbbHDo.roa
File:                     KmvUjTYBmXWQQ7VBrAmiVBbbHDo.roa (raw, json)
Hash identifier:          oUEH4TZ9PVxB+m8W/hEQjGM5efiSmFq3nwaVwn7NHUg=
Subject key identifier:   2A:6B:D4:8D:36:01:99:75:90:43:B5:41:AC:09:A2:54:16:DB:1C:3A
Certificate issuer:       /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial:       019B7F8517597F1F681CB345D62EF98190F0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KmvUjTYBmXWQQ7VBrAmiVBbbHDo.roa
Signing time:             Fri 02 Jan 2026 16:23:07 +0000
ROA not before:           Fri 02 Jan 2026 16:23:07 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213187
IP address blocks:        31.148.252.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:17:59:7f:1f:68:1c:b3:45:d6:2e:f9:81:90:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
        Validity
            Not Before: Jan  2 16:23:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2a6bd48d360199759043b541ac09a25416db1c3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a3:82:27:18:26:ac:d4:7a:05:b8:21:ec:38:
                    a1:ee:a8:dc:9c:ed:01:09:c5:1d:ea:18:bc:cd:1a:
                    50:d9:4a:64:02:23:25:13:04:1e:d5:af:80:8d:72:
                    6a:2f:ba:63:7e:7c:b7:74:eb:af:62:44:1a:c9:d2:
                    01:78:e4:cf:5a:3a:2d:09:2e:e8:d9:ab:1c:e4:6f:
                    ab:ce:57:ab:33:37:f8:a2:ea:c8:c5:2c:c2:c2:0f:
                    d7:9e:1c:1a:c7:af:ca:ca:32:bf:f2:66:d5:7e:a5:
                    aa:8e:e9:ef:85:46:6e:68:fb:0a:7b:d0:de:5e:5d:
                    0c:f7:f6:5f:1e:d0:ac:b8:7e:fb:d4:24:cd:f7:37:
                    4c:b8:7b:82:67:ef:28:70:01:6a:22:55:86:a2:3f:
                    1e:04:4f:c3:1c:9c:5a:e4:80:2e:0e:ce:16:74:ff:
                    24:a8:07:6a:15:a4:dc:1f:7d:4d:9d:cb:1b:54:09:
                    62:5b:65:d7:cd:0d:18:35:98:1b:c8:20:73:44:93:
                    18:44:c9:d4:c4:b3:47:c1:5d:fb:b7:d4:6e:16:b3:
                    dc:74:8d:ba:7c:d6:f0:f9:df:88:6b:31:31:4d:6f:
                    a6:45:a6:07:39:61:47:96:e8:44:3d:14:53:92:d3:
                    fd:40:ce:21:65:75:b3:42:04:a6:cd:95:66:5e:98:
                    27:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6B:D4:8D:36:01:99:75:90:43:B5:41:AC:09:A2:54:16:DB:1C:3A
            X509v3 Authority Key Identifier:
                keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KmvUjTYBmXWQQ7VBrAmiVBbbHDo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.148.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:30:3d:7e:62:5a:06:d6:8a:c7:bb:67:6a:5f:a2:54:e5:cb:
         06:ce:77:24:6d:6e:e2:fc:df:4e:f9:39:7d:02:e4:4b:13:89:
         e9:50:18:f6:57:5d:01:e4:e0:96:4f:59:f6:81:e6:26:a8:72:
         90:cb:11:39:e9:96:93:3f:13:cd:62:c1:aa:3e:ac:b0:5c:c8:
         57:ab:03:23:90:50:bf:61:3e:64:65:e7:cb:ad:f9:98:b7:9b:
         aa:57:47:35:47:8a:60:cf:38:6f:f6:bd:ad:66:f8:51:03:88:
         28:18:bc:c2:a9:b9:86:a3:26:46:d5:79:ea:de:df:83:3a:1e:
         35:7e:7d:51:c9:d7:44:6f:25:d7:8b:cd:29:da:2e:d1:78:9b:
         c8:52:22:3d:54:74:66:a2:de:cb:f9:aa:70:8b:79:90:7e:f4:
         61:d6:31:31:8a:96:59:1e:7d:94:6f:2f:ce:97:3c:95:67:b3:
         05:f5:74:cf:55:88:d3:a2:d6:ae:3a:24:d2:fe:35:82:8a:b1:
         91:38:1b:30:ca:19:f6:02:51:cb:64:7e:d8:ec:2b:99:17:49:
         2d:35:65:7c:af:c4:8b:97:f8:c9:04:52:b1:4b:70:4b:75:83:
         a4:c3:69:d8:53:5f:46:b5:7a:a6:8f:72:a2:a9:96:c4:90:f4:
         8a:ea:e2:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hRdZfx9oHLNF1i75gZDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwMTAyMTYyMzA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZiZDQ4ZDM2MDE5OTc1OTA0M2I1NDFhYzA5YTI1NDE2ZGIxYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aOCJxgmrNR6Bbgh7Dih7qjcnO0B
CcUd6hi8zRpQ2UpkAiMlEwQe1a+AjXJqL7pjfny3dOuvYkQaydIBeOTPWjotCS7o
2asc5G+rzlerMzf4ourIxSzCwg/Xnhwax6/KyjK/8mbVfqWqjunvhUZuaPsKe9De
Xl0M9/ZfHtCsuH771CTN9zdMuHuCZ+8ocAFqIlWGoj8eBE/DHJxa5IAuDs4WdP8k
qAdqFaTcH31NncsbVAliW2XXzQ0YNZgbyCBzRJMYRMnUxLNHwV37t9RuFrPcdI26
fNbw+d+IazExTW+mRaYHOWFHluhEPRRTktP9QM4hZXWzQgSmzZVmXpgnSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpr1I02AZl1kEO1QawJolQW2xw6MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvS212VWpUWUJtWFdRUTdWQnJBbWlWQmJiSERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH5T8MA0G
CSqGSIb3DQEBCwUAA4IBAQBkMD1+YloG1orHu2dqX6JU5csGznckbW7i/N9O+Tl9
AuRLE4npUBj2V10B5OCWT1n2geYmqHKQyxE56ZaTPxPNYsGqPqywXMhXqwMjkFC/
YT5kZefLrfmYt5uqV0c1R4pgzzhv9r2tZvhRA4goGLzCqbmGoyZG1Xnq3t+DOh41
fn1RyddEbyXXi80p2i7ReJvIUiI9VHRmot7L+apwi3mQfvRh1jExipZZHn2Uby/O
lzyVZ7MF9XTPVYjTotauOiTS/jWCirGROBswyhn2AlHLZH7Y7CuZF0ktNWV8r8SL
l/jJBFKxS3BLdYOkw2nYU19GtXqmj3KiqZbEkPSK6uLx
-----END CERTIFICATE-----