This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iKn4ecVFBwfljj5VF0tQVsmdro0.roa
File:                     iKn4ecVFBwfljj5VF0tQVsmdro0.roa (raw, json)
Hash identifier:          7NUsELOZ5UH4cP7M/ucZ5rufsVe3/IZ0BoxGz3cgZvU=
Subject key identifier:   88:A9:F8:79:C5:45:07:07:E5:8E:3E:55:17:4B:50:56:C9:9D:AE:8D
Certificate issuer:       /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial:       019B7F84ECA4A3121D92E98BCF11C3092715
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iKn4ecVFBwfljj5VF0tQVsmdro0.roa
Signing time:             Fri 02 Jan 2026 16:22:56 +0000
ROA not before:           Fri 02 Jan 2026 16:22:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     199011
IP address blocks:        92.38.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:84:ec:a4:a3:12:1d:92:e9:8b:cf:11:c3:09:27:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
        Validity
            Not Before: Jan  2 16:22:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=88a9f879c5450707e58e3e55174b5056c99dae8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7a:ab:0c:81:ed:c1:27:b9:9c:b7:d7:15:62:
                    92:44:c1:79:c1:d0:51:a6:94:f2:86:0e:e3:a7:01:
                    0e:60:43:33:e3:88:53:01:1c:cf:cb:a6:1b:10:4e:
                    e0:61:2b:7f:0e:a1:f4:58:18:58:d1:21:de:7b:a7:
                    cc:28:fa:e3:0e:de:e1:49:e3:66:7d:5b:88:74:bc:
                    ec:78:e0:a2:2f:44:8a:87:35:c7:d1:ed:18:55:14:
                    98:40:16:ff:b6:fc:01:fb:80:2b:5a:d1:bb:ec:fe:
                    ee:7c:41:6b:f8:83:e5:2d:73:6e:87:1a:65:9c:93:
                    24:1c:d2:3c:ea:f0:5d:b8:49:cb:d5:16:b2:eb:80:
                    cd:f7:b2:66:05:9c:7e:0c:8f:cf:cf:d0:3e:ce:df:
                    db:25:10:bd:f9:f4:7a:c6:e5:72:49:98:75:28:80:
                    d4:39:3c:34:ae:73:4d:90:da:6e:63:fb:2c:23:de:
                    a9:eb:ea:12:db:82:24:86:81:33:68:c2:b5:26:57:
                    c9:5e:3e:da:01:e8:9d:4d:31:1a:e8:92:37:6e:d1:
                    04:e3:84:aa:19:d5:08:cb:8f:37:05:50:98:3d:6f:
                    ae:84:06:71:1a:2b:a4:a5:5f:46:8b:d1:39:0e:c2:
                    4f:1c:c1:6f:44:e0:9e:97:38:a4:ae:f0:36:94:01:
                    3c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A9:F8:79:C5:45:07:07:E5:8E:3E:55:17:4B:50:56:C9:9D:AE:8D
            X509v3 Authority Key Identifier:
                keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iKn4ecVFBwfljj5VF0tQVsmdro0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.38.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:32:a0:1f:b7:18:f6:8d:20:0e:c7:18:ea:21:99:f1:34:9d:
         f8:93:1b:e7:b8:39:bb:11:e7:7a:74:64:57:0c:5f:77:cf:2a:
         79:a5:37:06:04:22:bb:4a:94:7b:dd:b0:0e:91:3a:62:4a:33:
         26:55:ff:a4:69:89:b0:af:17:7d:ae:f5:35:7f:09:c4:29:3d:
         5a:d0:c8:99:e1:0d:47:9e:33:f2:63:86:7e:84:55:a2:55:0f:
         58:38:37:f8:97:d5:93:ed:9b:32:3b:d5:0b:ee:c5:7c:38:8f:
         1c:d0:df:61:cd:42:db:02:c4:5d:cd:2b:52:59:48:c5:b7:31:
         9c:95:7a:ee:5d:98:2d:41:a2:96:bc:74:af:1f:1a:33:f1:cf:
         79:94:e6:98:75:15:5d:97:38:0d:22:82:32:ab:52:eb:e5:d8:
         5c:d5:3e:ef:55:3c:bb:0a:62:8b:d4:19:cf:77:37:c0:78:19:
         d2:4f:4b:48:bd:55:7c:46:56:28:80:91:50:29:d7:3b:c6:87:
         54:f8:35:7c:45:cb:35:e0:6c:69:79:2f:0d:74:b0:94:aa:c3:
         d2:a8:6e:b3:e5:3e:82:95:94:b2:cd:0b:4a:37:9b:cf:4d:85:
         5f:4c:69:75:ba:66:67:52:90:37:20:33:e0:91:29:fd:63:ef:
         d9:5f:0c:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hOykoxIdkumLzxHDCScVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwMTAyMTYyMjU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE5Zjg3OWM1NDUwNzA3ZTU4ZTNlNTUxNzRiNTA1NmM5OWRhZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nqrDIHtwSe5nLfXFWKSRMF5wdBR
ppTyhg7jpwEOYEMz44hTARzPy6YbEE7gYSt/DqH0WBhY0SHee6fMKPrjDt7hSeNm
fVuIdLzseOCiL0SKhzXH0e0YVRSYQBb/tvwB+4ArWtG77P7ufEFr+IPlLXNuhxpl
nJMkHNI86vBduEnL1Ray64DN97JmBZx+DI/Pz9A+zt/bJRC9+fR6xuVySZh1KIDU
OTw0rnNNkNpuY/ssI96p6+oS24IkhoEzaMK1JlfJXj7aAeidTTEa6JI3btEE44Sq
GdUIy483BVCYPW+uhAZxGiukpV9Gi9E5DsJPHMFvROCelzikrvA2lAE8awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIip+HnFRQcH5Y4+VRdLUFbJna6NMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaUtuNGVjVkZCd2Zsamo1VkYwdFFWc21kcm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCYoMA0G
CSqGSIb3DQEBCwUAA4IBAQCNMqAftxj2jSAOxxjqIZnxNJ34kxvnuDm7Eed6dGRX
DF93zyp5pTcGBCK7SpR73bAOkTpiSjMmVf+kaYmwrxd9rvU1fwnEKT1a0MiZ4Q1H
njPyY4Z+hFWiVQ9YODf4l9WT7ZsyO9UL7sV8OI8c0N9hzULbAsRdzStSWUjFtzGc
lXruXZgtQaKWvHSvHxoz8c95lOaYdRVdlzgNIoIyq1Lr5dhc1T7vVTy7CmKL1BnP
dzfAeBnST0tIvVV8RlYogJFQKdc7xodU+DV8Rcs14GxpeS8NdLCUqsPSqG6z5T6C
lZSyzQtKN5vPTYVfTGl1umZnUpA3IDPgkSn9Y+/ZXwxe
-----END CERTIFICATE-----