This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/PMxI7Khe9mL0Ix-EqVQT_g2Ff2Q.roa
File:                     PMxI7Khe9mL0Ix-EqVQT_g2Ff2Q.roa (raw, json)
Hash identifier:          5XODEN9rRRm2dM3oH3gBFCGCtoFnoh8oCN423lWgCcI=
Subject key identifier:   3C:CC:48:EC:A8:5E:F6:62:F4:23:1F:84:A9:54:13:FE:0D:85:7F:64
Certificate issuer:       /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial:       019B79ECF89E6CB2A7E57010F03DAF6B51B1
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/PMxI7Khe9mL0Ix-EqVQT_g2Ff2Q.roa
Signing time:             Thu 01 Jan 2026 14:18:51 +0000
ROA not before:           Thu 01 Jan 2026 14:18:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213946
IP address blocks:        45.156.143.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:f8:9e:6c:b2:a7:e5:70:10:f0:3d:af:6b:51:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
        Validity
            Not Before: Jan  1 14:18:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3ccc48eca85ef662f4231f84a95413fe0d857f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2f:f4:b0:d8:09:49:cd:eb:a0:96:9c:5f:15:
                    d6:81:a0:ba:a2:06:0e:64:99:5d:01:88:47:ae:6d:
                    70:47:f4:91:84:38:d7:33:35:15:e1:a2:c4:ba:ba:
                    b4:3c:d9:ae:94:ff:76:b4:67:ac:8e:02:66:47:fe:
                    4a:78:b3:f2:0c:cd:bb:04:38:79:aa:ad:93:0f:86:
                    63:fd:ae:3a:ed:a5:e0:d9:3e:d0:10:b8:cb:79:30:
                    83:43:82:0b:9e:05:08:b5:a8:76:2e:dc:95:c0:7a:
                    66:45:cc:9d:19:c6:29:58:ce:f2:7e:86:49:11:6f:
                    2e:0c:b8:1b:b0:aa:aa:b5:d5:7e:77:10:34:04:a2:
                    a2:7e:36:46:02:c1:77:04:79:00:3d:90:0c:d4:ce:
                    96:c9:b7:5f:1a:24:9f:fe:96:8d:a6:28:e6:a1:18:
                    81:59:0f:51:b3:57:47:a4:b6:a1:6d:7f:bb:55:98:
                    c0:ad:a7:8b:9f:02:66:ce:24:9b:77:60:39:bb:9c:
                    68:db:61:05:3d:3f:5e:07:5e:4b:4a:e8:d9:56:02:
                    2f:8c:d7:84:14:09:64:50:48:8d:ee:7b:f3:d8:d9:
                    0c:79:f1:ff:32:86:50:e5:65:9a:49:18:ad:5d:c6:
                    5e:48:4e:1b:75:73:23:06:9c:df:d8:9f:3e:e4:56:
                    0b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:CC:48:EC:A8:5E:F6:62:F4:23:1F:84:A9:54:13:FE:0D:85:7F:64
            X509v3 Authority Key Identifier:
                keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/PMxI7Khe9mL0Ix-EqVQT_g2Ff2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:43:95:51:9c:77:ab:39:85:c1:7e:18:82:51:51:a1:d1:d3:
         09:13:d3:76:c1:1d:10:8a:fc:94:30:36:e2:c4:4b:c1:c0:60:
         8f:07:8a:d8:a4:60:94:0e:17:fe:e4:f1:c7:55:06:4d:3c:7d:
         ea:4d:7f:8f:1e:20:c9:fd:80:1d:3f:a1:7f:89:ae:e7:2e:be:
         fe:3f:0a:e3:f4:28:46:94:50:07:e0:84:6a:a4:58:a0:07:e9:
         85:91:49:ff:c0:82:db:f0:a9:32:89:5d:7c:53:77:ea:fe:50:
         2e:a8:e9:b5:4a:95:98:8a:ed:16:99:3b:0c:1d:65:0e:13:67:
         ce:62:52:3d:66:46:2a:a4:49:3e:fd:ef:d7:ee:33:a4:5a:cb:
         cd:4f:fa:3c:6a:bd:37:f1:f1:82:41:f9:1e:6c:e7:14:ae:a5:
         d6:e3:c6:8c:11:aa:45:94:d3:37:4f:52:84:2c:e0:e1:fa:b3:
         71:32:0e:b1:c1:93:ec:03:d8:ab:62:5c:82:01:bc:b8:88:d4:
         df:69:0f:b5:d6:90:da:f7:cc:74:18:04:b8:ba:8c:2d:6f:a1:
         73:bf:c3:8d:0c:e1:f1:29:48:14:03:b3:2d:92:ea:18:7e:c1:
         3b:a6:d4:c0:7c:50:9a:b2:e8:fd:48:5c:46:df:14:d6:77:ca:
         91:8e:11:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57PiebLKn5XAQ8D2va1GxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjYwMTAxMTQxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NjNDhlY2E4NWVmNjYyZjQyMzFmODRhOTU0MTNmZTBkODU3ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS/0sNgJSc3roJacXxXWgaC6ogYO
ZJldAYhHrm1wR/SRhDjXMzUV4aLEurq0PNmulP92tGesjgJmR/5KeLPyDM27BDh5
qq2TD4Zj/a467aXg2T7QELjLeTCDQ4ILngUItah2LtyVwHpmRcydGcYpWM7yfoZJ
EW8uDLgbsKqqtdV+dxA0BKKifjZGAsF3BHkAPZAM1M6WybdfGiSf/paNpijmoRiB
WQ9Rs1dHpLahbX+7VZjAraeLnwJmziSbd2A5u5xo22EFPT9eB15LSujZVgIvjNeE
FAlkUEiN7nvz2NkMefH/MoZQ5WWaSRitXcZeSE4bdXMjBpzf2J8+5FYLrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzMSOyoXvZi9CMfhKlUE/4NhX9kMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvUE14STdLaGU5bUwwSXgtRXFWUVRfZzJGZjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyPMA0G
CSqGSIb3DQEBCwUAA4IBAQAbQ5VRnHerOYXBfhiCUVGh0dMJE9N2wR0QivyUMDbi
xEvBwGCPB4rYpGCUDhf+5PHHVQZNPH3qTX+PHiDJ/YAdP6F/ia7nLr7+Pwrj9ChG
lFAH4IRqpFigB+mFkUn/wILb8KkyiV18U3fq/lAuqOm1SpWYiu0WmTsMHWUOE2fO
YlI9ZkYqpEk+/e/X7jOkWsvNT/o8ar038fGCQfkebOcUrqXW48aMEapFlNM3T1KE
LODh+rNxMg6xwZPsA9irYlyCAby4iNTfaQ+11pDa98x0GAS4uowtb6Fzv8ONDOHx
KUgUA7MtkuoYfsE7ptTAfFCasuj9SFxG3xTWd8qRjhFt
-----END CERTIFICATE-----