This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/p-OzjQ27PuXPoihFOOjCs-O5RSc.roa
File:                     p-OzjQ27PuXPoihFOOjCs-O5RSc.roa (raw, json)
Hash identifier:          sRPV66CC+pFC5bVrixMfqSAWFWwkncus6GCy0GwPFFY=
Subject key identifier:   A7:E3:B3:8D:0D:BB:3E:E5:CF:A2:28:45:38:E8:C2:B3:E3:B9:45:27
Certificate issuer:       /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial:       019B7F84FD005C6E1FDA24A76D98D2F1D6B4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/p-OzjQ27PuXPoihFOOjCs-O5RSc.roa
Signing time:             Fri 02 Jan 2026 16:23:00 +0000
ROA not before:           Fri 02 Jan 2026 16:23:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206329
IP address blocks:        93.171.162.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:84:fd:00:5c:6e:1f:da:24:a7:6d:98:d2:f1:d6:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
        Validity
            Not Before: Jan  2 16:23:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a7e3b38d0dbb3ee5cfa2284538e8c2b3e3b94527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:ec:ef:e0:e4:89:5d:cb:fe:92:e4:06:94:46:
                    3c:64:21:bb:73:60:04:87:a6:e2:39:27:ee:39:c5:
                    b1:8a:fb:a7:63:e4:0f:ca:81:46:b7:9f:17:e3:a8:
                    a9:b1:11:36:84:47:ca:4c:b6:6f:7c:b1:96:9a:98:
                    0f:31:06:e5:76:15:98:b7:d1:bc:73:bc:f4:02:1a:
                    f3:96:0e:64:49:dd:a5:a4:b9:55:a7:ff:76:f7:3e:
                    8b:7e:f2:15:0f:22:8b:d1:67:71:f6:5f:53:b6:41:
                    c2:ea:08:da:59:92:8e:c0:91:ed:d7:a7:83:57:96:
                    bc:fd:7d:87:43:a9:11:33:c5:92:46:18:3d:f3:ff:
                    bd:1e:14:50:77:6b:d5:a8:8e:56:2d:76:40:e2:ed:
                    dd:42:de:85:4f:74:f9:96:f5:a8:fe:00:ac:69:9e:
                    c1:a2:a1:19:ca:01:68:17:5d:bf:2a:75:9e:d7:63:
                    e2:7d:10:cc:de:95:c4:6c:1b:55:d4:c7:dd:e6:b0:
                    67:91:25:c3:b5:f1:7f:14:ee:78:0b:e0:62:a2:26:
                    99:c8:08:ba:40:e8:1b:9c:44:e2:c3:e7:04:bf:b9:
                    e6:2c:2e:f2:4b:c1:aa:96:1c:36:f0:18:c4:92:e5:
                    8f:b8:2b:f4:0d:21:21:b2:22:a3:2a:bd:da:99:95:
                    de:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:E3:B3:8D:0D:BB:3E:E5:CF:A2:28:45:38:E8:C2:B3:E3:B9:45:27
            X509v3 Authority Key Identifier:
                keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/p-OzjQ27PuXPoihFOOjCs-O5RSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.171.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:ca:98:17:a3:10:5a:62:53:c6:05:26:da:60:9a:0f:d4:55:
         e1:11:22:62:a0:3f:0c:18:74:91:fd:47:7d:81:3a:a9:30:16:
         b5:2b:ff:95:2c:d0:08:cc:a6:58:04:2f:46:d9:b2:1d:5d:3b:
         41:4a:5f:2d:01:c7:64:2a:e1:0a:5d:f9:07:e7:90:9a:8c:53:
         9a:c1:c6:4a:33:ed:2b:bd:79:52:b9:c8:17:17:52:7d:75:53:
         09:d8:9e:ca:50:53:33:1b:83:54:68:20:21:47:06:a6:95:56:
         75:29:0e:a4:a0:44:21:b9:d7:c8:b8:82:31:96:14:7e:a5:ba:
         a8:12:2c:18:fa:a1:fa:2c:b0:1b:a6:e0:b5:2b:d5:36:f6:1a:
         3f:54:a6:1b:b7:7b:2c:d9:9d:1b:5b:6e:c0:14:0f:9e:ce:71:
         88:5f:9c:92:d5:88:bd:c0:57:17:df:c1:fd:33:e1:9a:e6:2b:
         e0:64:db:a2:99:58:5e:e9:f1:50:ee:a1:a4:02:d1:3c:8c:79:
         00:12:2d:a2:4e:b9:82:99:49:96:25:06:a7:65:ae:fe:e8:1c:
         4c:58:7a:28:f2:fc:be:72:c5:8a:36:39:8d:9a:a4:86:9c:1f:
         8b:02:6a:ff:30:91:ac:32:93:9e:db:72:b9:51:cd:c0:5a:2c:
         00:68:13:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hP0AXG4f2iSnbZjS8da0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwMTAyMTYyMzAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2UzYjM4ZDBkYmIzZWU1Y2ZhMjI4NDUzOGU4YzJiM2UzYjk0NTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ozv4OSJXcv+kuQGlEY8ZCG7c2AE
h6biOSfuOcWxivunY+QPyoFGt58X46ipsRE2hEfKTLZvfLGWmpgPMQbldhWYt9G8
c7z0Ahrzlg5kSd2lpLlVp/929z6LfvIVDyKL0Wdx9l9TtkHC6gjaWZKOwJHt16eD
V5a8/X2HQ6kRM8WSRhg98/+9HhRQd2vVqI5WLXZA4u3dQt6FT3T5lvWo/gCsaZ7B
oqEZygFoF12/KnWe12PifRDM3pXEbBtV1Mfd5rBnkSXDtfF/FO54C+BioiaZyAi6
QOgbnETiw+cEv7nmLC7yS8Gqlhw28BjEkuWPuCv0DSEhsiKjKr3amZXe1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfjs40Nuz7lz6IoRTjowrPjuUUnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcC1PempRMjdQdVhQb2loRk9PakNzLU81UlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauiMA0G
CSqGSIb3DQEBCwUAA4IBAQAKypgXoxBaYlPGBSbaYJoP1FXhESJioD8MGHSR/Ud9
gTqpMBa1K/+VLNAIzKZYBC9G2bIdXTtBSl8tAcdkKuEKXfkH55CajFOawcZKM+0r
vXlSucgXF1J9dVMJ2J7KUFMzG4NUaCAhRwamlVZ1KQ6koEQhudfIuIIxlhR+pbqo
EiwY+qH6LLAbpuC1K9U29ho/VKYbt3ss2Z0bW27AFA+eznGIX5yS1Yi9wFcX38H9
M+Ga5ivgZNuimVhe6fFQ7qGkAtE8jHkAEi2iTrmCmUmWJQanZa7+6BxMWHoo8vy+
csWKNjmNmqSGnB+LAmr/MJGsMpOe23K5Uc3AWiwAaBPs
-----END CERTIFICATE-----