This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/uIsD9Xy2Vc1GIzrsfeZU-p_i07c.roa
File:                     uIsD9Xy2Vc1GIzrsfeZU-p_i07c.roa (raw, json)
Hash identifier:          owmGDd/9tCt8PZOlqfI/7VwgHd7b2hJO3Tnc74AlIQw=
Subject key identifier:   B8:8B:03:F5:7C:B6:55:CD:46:23:3A:EC:7D:E6:54:FA:9F:E2:D3:B7
Certificate issuer:       /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial:       019B7E37222DBC717E5A27B2DB4DB53BE48D
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/uIsD9Xy2Vc1GIzrsfeZU-p_i07c.roa
Signing time:             Fri 02 Jan 2026 10:18:20 +0000
ROA not before:           Fri 02 Jan 2026 10:18:20 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205754
IP address blocks:        95.85.84.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:37:22:2d:bc:71:7e:5a:27:b2:db:4d:b5:3b:e4:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
        Validity
            Not Before: Jan  2 10:18:20 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b88b03f57cb655cd46233aec7de654fa9fe2d3b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:69:f6:3e:d1:5e:ff:d5:54:cc:aa:33:ff:0b:
                    30:c0:f7:81:81:8b:2a:8a:e6:e4:d5:ce:9a:7d:7f:
                    b8:be:b8:73:d4:db:80:ad:5d:37:14:e4:16:aa:51:
                    c4:b0:b6:51:ac:3c:75:9e:7e:64:fb:f1:5f:74:72:
                    4d:bd:0b:f5:f2:56:8c:c9:76:f6:56:25:12:bb:c6:
                    e2:45:84:2e:c2:fd:71:ca:8f:22:58:3c:96:1b:e4:
                    08:cc:9c:5a:2a:9e:6a:f5:92:1d:2b:95:21:b1:28:
                    69:ff:73:5a:e3:72:b0:7b:12:d4:7a:81:cc:c3:00:
                    6e:7f:bc:7f:a9:af:d1:41:4f:c1:f2:17:62:15:a7:
                    57:28:ff:e6:b3:25:18:48:33:e8:8d:5d:89:87:f8:
                    04:54:fb:60:1a:4a:a3:42:5c:46:98:f8:3b:e3:ce:
                    60:08:bc:1a:0f:0f:9a:06:e0:21:74:9d:73:c0:74:
                    43:7d:91:55:b1:91:57:5e:ef:7b:13:b2:38:8f:5d:
                    4a:eb:d6:4a:c5:08:21:7a:8c:6c:35:4c:2d:a9:1d:
                    2a:f4:da:85:63:27:88:57:fd:c8:7f:03:b0:50:c6:
                    34:33:22:d1:4f:19:8e:af:d6:05:40:0b:4d:22:79:
                    23:10:cc:c2:8c:cd:2a:a9:d4:4b:bd:8d:5d:4f:a2:
                    92:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:8B:03:F5:7C:B6:55:CD:46:23:3A:EC:7D:E6:54:FA:9F:E2:D3:B7
            X509v3 Authority Key Identifier:
                keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/uIsD9Xy2Vc1GIzrsfeZU-p_i07c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.85.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:0b:40:5e:96:e6:87:1a:df:ed:be:81:66:19:5f:80:22:54:
         18:cf:7e:c5:c9:97:9f:c4:07:57:8c:8c:a8:a6:1d:52:61:e8:
         4f:5c:ab:4c:8a:82:d7:13:06:a0:93:15:90:9e:e5:62:0a:e4:
         20:9d:6d:91:2e:91:e7:72:20:d4:89:6d:fc:72:9e:b1:6f:61:
         0e:7b:1e:8b:c0:98:fa:e0:4a:0b:d9:38:56:d6:6f:a8:62:5c:
         bf:c3:14:56:29:08:30:12:33:62:e5:b4:e2:87:90:c2:e8:60:
         dc:57:e6:88:8f:d2:15:b3:5d:f5:a1:21:4f:b0:42:26:78:99:
         44:c4:c8:78:b6:1d:5c:bf:93:3f:58:ca:99:57:69:79:b1:2e:
         82:72:29:24:d9:15:f7:6d:47:f0:98:6c:c3:f1:8d:25:83:91:
         95:dc:5f:c7:25:ae:7e:4a:ae:c4:98:04:e0:f3:e1:a3:9a:b2:
         b8:81:f4:b6:ab:05:2f:3e:0c:ea:b7:af:fa:14:48:2e:98:43:
         b3:e2:a9:96:79:78:8e:2c:3c:ac:47:1a:b5:2f:3a:8e:20:8e:
         a8:e7:0d:b7:f1:a1:8c:93:14:af:72:80:84:63:c6:da:1f:fa:
         6c:bd:31:7c:5f:fe:6d:fc:21:6d:81:5b:5e:e2:a8:50:ea:63:
         a6:ce:fa:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+NyItvHF+Wiey2021O+SNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjYwMTAyMTAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODhiMDNmNTdjYjY1NWNkNDYyMzNhZWM3ZGU2NTRmYTlmZTJkM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGn2PtFe/9VUzKoz/wswwPeBgYsq
iubk1c6afX+4vrhz1NuArV03FOQWqlHEsLZRrDx1nn5k+/FfdHJNvQv18laMyXb2
ViUSu8biRYQuwv1xyo8iWDyWG+QIzJxaKp5q9ZIdK5UhsShp/3Na43KwexLUeoHM
wwBuf7x/qa/RQU/B8hdiFadXKP/msyUYSDPojV2Jh/gEVPtgGkqjQlxGmPg7485g
CLwaDw+aBuAhdJ1zwHRDfZFVsZFXXu97E7I4j11K69ZKxQgheoxsNUwtqR0q9NqF
YyeIV/3IfwOwUMY0MyLRTxmOr9YFQAtNInkjEMzCjM0qqdRLvY1dT6KS1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLiLA/V8tlXNRiM67H3mVPqf4tO3MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvdUlzRDlYeTJWYzFHSXpyc2ZlWlUtcF9pMDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1VUMA0G
CSqGSIb3DQEBCwUAA4IBAQBQC0BeluaHGt/tvoFmGV+AIlQYz37FyZefxAdXjIyo
ph1SYehPXKtMioLXEwagkxWQnuViCuQgnW2RLpHnciDUiW38cp6xb2EOex6LwJj6
4EoL2ThW1m+oYly/wxRWKQgwEjNi5bTih5DC6GDcV+aIj9IVs131oSFPsEImeJlE
xMh4th1cv5M/WMqZV2l5sS6Ccikk2RX3bUfwmGzD8Y0lg5GV3F/HJa5+Sq7EmATg
8+GjmrK4gfS2qwUvPgzqt6/6FEgumEOz4qmWeXiOLDysRxq1LzqOII6o5w238aGM
kxSvcoCEY8baH/psvTF8X/5t/CFtgVte4qhQ6mOmzvpL
-----END CERTIFICATE-----