This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/rTAcqrsLjdQzWLiPeTE0J8tFjHs.roa
File:                     rTAcqrsLjdQzWLiPeTE0J8tFjHs.roa (raw, json)
Hash identifier:          kpmFc9kxITW5Y/O6sK7eQ8xr12ovnarFA8jerArDTmw=
Subject key identifier:   AD:30:1C:AA:BB:0B:8D:D4:33:58:B8:8F:79:31:34:27:CB:45:8C:7B
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       019B7DCB4B688FECF230BF5475C07E7055CE
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/rTAcqrsLjdQzWLiPeTE0J8tFjHs.roa
Signing time:             Fri 02 Jan 2026 08:20:33 +0000
ROA not before:           Fri 02 Jan 2026 08:20:33 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     209242
IP address blocks:        212.22.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:cb:4b:68:8f:ec:f2:30:bf:54:75:c0:7e:70:55:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Jan  2 08:20:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ad301caabb0b8dd43358b88f79313427cb458c7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:6f:bd:47:1c:70:98:10:c3:6e:2b:a1:19:3a:
                    8d:da:b8:64:ec:89:f6:47:b0:5e:a3:d2:7b:1e:2d:
                    46:f9:01:0b:7b:d8:e5:1d:a8:d2:b1:6f:a8:7d:63:
                    57:63:ad:38:14:05:33:69:f2:c3:22:c9:1c:77:92:
                    ef:94:ad:26:88:e5:d0:25:8e:93:bb:ea:c2:ef:8a:
                    16:d1:ed:3b:26:2b:d7:a7:37:d1:13:d7:4b:5b:82:
                    c6:d8:a2:28:9c:ca:1b:b6:8c:7c:33:9f:2c:78:b4:
                    ec:37:3d:b5:1f:83:cf:a2:a2:f9:6b:7b:9f:1e:60:
                    ce:d7:86:aa:6c:bd:9d:5a:f8:10:3d:a4:81:52:d6:
                    58:42:1c:af:a4:81:12:29:c8:9d:29:95:5d:7a:6e:
                    cb:ca:79:38:6f:74:5f:88:9d:75:d1:cb:f9:b6:cb:
                    e4:28:2f:5b:96:bd:38:8e:34:7b:77:97:4c:8e:1e:
                    9d:85:f4:c7:47:36:0b:77:3d:1b:d8:61:1d:0a:7d:
                    89:a8:7e:e1:5b:13:82:d6:24:10:58:8f:34:fa:34:
                    c1:c5:3a:38:0e:03:d5:37:7b:71:8d:13:8e:a1:73:
                    9b:8c:ef:a3:c3:a3:1c:8f:8c:d7:32:15:99:ff:24:
                    bd:c3:86:47:4a:b5:96:53:07:d4:8a:f3:22:23:19:
                    f9:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:30:1C:AA:BB:0B:8D:D4:33:58:B8:8F:79:31:34:27:CB:45:8C:7B
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/rTAcqrsLjdQzWLiPeTE0J8tFjHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.22.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:20:93:59:48:7b:d1:ea:99:58:ff:83:0b:5a:78:b4:74:01:
         68:e3:61:2f:99:04:56:59:30:62:dc:0b:5c:9b:b2:20:f6:f8:
         ac:b2:07:c0:23:79:ff:36:69:5e:c5:00:e8:f9:83:48:76:25:
         c8:a9:d9:0c:5e:66:03:c3:46:cc:c3:ca:77:f0:00:8a:7b:1c:
         04:89:c2:f6:13:7d:da:20:e4:13:4b:f7:e4:9d:99:43:91:e9:
         5d:45:4c:9d:04:03:09:88:7c:1f:81:0a:ff:b3:bc:33:f4:3f:
         cd:63:9d:4e:3e:ea:ae:b6:df:ff:ff:cd:77:24:5e:a0:e5:bd:
         6b:37:36:62:23:29:05:26:76:6d:d3:15:d9:1a:d6:14:07:65:
         4c:00:01:62:7e:72:f0:66:a7:46:2c:cb:97:f0:e8:04:0d:21:
         d9:20:a9:8d:66:57:15:cb:d0:aa:b7:ed:8f:43:5c:7d:ee:0b:
         7d:2b:5f:01:2d:e0:21:64:28:66:43:02:23:e1:eb:8a:60:e9:
         b2:48:dc:c1:2a:8b:73:de:8b:9b:78:27:6c:b4:36:1a:8a:c7:
         ed:de:16:63:fd:86:00:a3:b5:22:25:eb:6b:10:f1:68:33:8d:
         8c:a1:cb:55:6d:e3:5f:c6:25:21:92:20:c2:32:70:81:dd:16:
         82:0d:c2:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9y0toj+zyML9UdcB+cFXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjYwMTAyMDgyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDMwMWNhYWJiMGI4ZGQ0MzM1OGI4OGY3OTMxMzQyN2NiNDU4YzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32+9RxxwmBDDbiuhGTqN2rhk7In2
R7Beo9J7Hi1G+QELe9jlHajSsW+ofWNXY604FAUzafLDIskcd5LvlK0miOXQJY6T
u+rC74oW0e07JivXpzfRE9dLW4LG2KIonMobtox8M58seLTsNz21H4PPoqL5a3uf
HmDO14aqbL2dWvgQPaSBUtZYQhyvpIESKcidKZVdem7Lynk4b3RfiJ110cv5tsvk
KC9blr04jjR7d5dMjh6dhfTHRzYLdz0b2GEdCn2JqH7hWxOC1iQQWI80+jTBxTo4
DgPVN3txjROOoXObjO+jw6Mcj4zXMhWZ/yS9w4ZHSrWWUwfUivMiIxn5cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0wHKq7C43UM1i4j3kxNCfLRYx7MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvclRBY3Fyc0xqZFF6V0xpUGVURTBKOHRGakhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BZMMA0G
CSqGSIb3DQEBCwUAA4IBAQAbIJNZSHvR6plY/4MLWni0dAFo42EvmQRWWTBi3Atc
m7Ig9vissgfAI3n/NmlexQDo+YNIdiXIqdkMXmYDw0bMw8p38ACKexwEicL2E33a
IOQTS/fknZlDkeldRUydBAMJiHwfgQr/s7wz9D/NY51OPuqutt///813JF6g5b1r
NzZiIykFJnZt0xXZGtYUB2VMAAFifnLwZqdGLMuX8OgEDSHZIKmNZlcVy9Cqt+2P
Q1x97gt9K18BLeAhZChmQwIj4euKYOmySNzBKotz3oubeCdstDYaisft3hZj/YYA
o7UiJetrEPFoM42MoctVbeNfxiUhkiDCMnCB3RaCDcLo
-----END CERTIFICATE-----