This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Lvzo7yRE3WpT5EYDLhSSeLUPlTk.roa
File:                     Lvzo7yRE3WpT5EYDLhSSeLUPlTk.roa (raw, json)
Hash identifier:          D+3VEtIjeFFyH74NbH/nvflt6PdAMwmPfUa/7eerROU=
Subject key identifier:   2E:FC:E8:EF:24:44:DD:6A:53:E4:46:03:2E:14:92:78:B5:0F:95:39
Certificate issuer:       /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial:       019B7A5A6FAD800D2032DE4EEB59095962ED
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Lvzo7yRE3WpT5EYDLhSSeLUPlTk.roa
Signing time:             Thu 01 Jan 2026 16:18:25 +0000
ROA not before:           Thu 01 Jan 2026 16:18:25 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     64426
IP address blocks:        185.123.25.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5a:6f:ad:80:0d:20:32:de:4e:eb:59:09:59:62:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
        Validity
            Not Before: Jan  1 16:18:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2efce8ef2444dd6a53e446032e149278b50f9539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3a:97:34:16:34:89:0e:67:a8:76:3d:aa:12:
                    c2:4d:eb:bb:84:d5:06:7f:c5:c6:33:51:e3:e1:c4:
                    42:3b:36:c6:63:1f:b6:fa:d8:94:51:ce:6a:45:52:
                    f8:d6:7e:8e:3f:03:d6:a5:0b:f7:37:6f:47:94:3e:
                    fa:47:cf:95:49:08:04:f7:fc:19:23:e2:42:4b:69:
                    4a:ca:fc:27:7a:93:c7:67:8f:30:f0:03:9a:69:78:
                    ff:10:6f:31:64:57:5e:13:13:80:0f:6e:78:fb:68:
                    31:8c:55:9b:26:2c:96:dc:1c:3c:0f:53:44:87:52:
                    0f:08:91:c5:37:cd:21:61:ba:ff:5f:a0:c4:66:75:
                    28:13:69:ee:20:98:6f:25:a4:45:57:f4:58:ac:b6:
                    47:88:bc:e5:c1:21:34:7b:85:7c:21:c2:10:1a:53:
                    78:bb:06:f3:92:d9:75:77:e1:a6:01:33:42:f6:fa:
                    86:df:9c:24:e6:ba:c0:ad:7c:82:8a:6f:14:c3:50:
                    97:02:a4:72:94:d1:cb:e8:e2:f4:69:c7:47:a0:79:
                    da:9c:5c:37:ac:77:94:09:23:cd:c9:f5:a0:a2:67:
                    4b:0e:13:89:7e:a2:8f:94:dc:f0:ba:e9:b8:3d:86:
                    b2:41:1c:d0:53:6f:ac:d4:9c:aa:72:e4:e7:88:2d:
                    ac:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:FC:E8:EF:24:44:DD:6A:53:E4:46:03:2E:14:92:78:B5:0F:95:39
            X509v3 Authority Key Identifier:
                keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Lvzo7yRE3WpT5EYDLhSSeLUPlTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.123.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:78:12:18:1a:37:f3:e8:1c:5a:9c:90:a9:2b:c4:81:55:d9:
         c6:74:d2:37:6d:f0:21:62:6e:a0:b9:17:23:52:d3:cf:34:a9:
         16:8c:59:65:4e:35:02:51:1a:15:10:06:c9:4e:bd:45:a9:51:
         2a:76:15:bf:ed:6f:74:a8:96:a8:a4:bb:06:64:d6:b4:a4:73:
         c9:a4:99:e2:e7:94:a8:2b:60:eb:de:cd:62:62:4c:a7:91:3f:
         c0:bc:51:2b:52:9c:88:f5:b4:f0:d6:1a:64:5c:f5:6f:54:4c:
         a6:c2:ad:cf:d8:8f:68:3e:18:a4:e3:cd:90:ef:a0:ce:b7:2b:
         95:07:3d:b7:85:32:df:0a:92:a8:77:52:5a:5c:0b:73:b4:ee:
         99:e2:d5:23:d4:87:01:2f:60:8a:b7:53:d4:6c:5a:ac:40:6b:
         f2:83:6d:c4:64:77:fe:13:df:24:3a:29:9f:df:f4:76:07:57:
         01:f5:39:ba:a5:fb:03:a9:85:43:08:d1:5a:ef:6c:a7:0b:cc:
         cc:f4:7c:7d:b8:67:13:01:25:3d:ce:44:74:58:91:a7:e7:7a:
         47:c8:40:d8:1f:2d:a7:eb:a0:0b:65:c6:58:8f:9d:bd:29:49:
         36:58:85:bc:d2:b8:ae:0a:c1:6a:ed:b1:a0:95:67:30:d1:d0:
         10:5a:9e:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6Wm+tgA0gMt5O61kJWWLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjYwMTAxMTYxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZjZThlZjI0NDRkZDZhNTNlNDQ2MDMyZTE0OTI3OGI1MGY5NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTqXNBY0iQ5nqHY9qhLCTeu7hNUG
f8XGM1Hj4cRCOzbGYx+2+tiUUc5qRVL41n6OPwPWpQv3N29HlD76R8+VSQgE9/wZ
I+JCS2lKyvwnepPHZ48w8AOaaXj/EG8xZFdeExOAD254+2gxjFWbJiyW3Bw8D1NE
h1IPCJHFN80hYbr/X6DEZnUoE2nuIJhvJaRFV/RYrLZHiLzlwSE0e4V8IcIQGlN4
uwbzktl1d+GmATNC9vqG35wk5rrArXyCim8Uw1CXAqRylNHL6OL0acdHoHnanFw3
rHeUCSPNyfWgomdLDhOJfqKPlNzwuum4PYayQRzQU2+s1JyqcuTniC2s6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC786O8kRN1qU+RGAy4Ukni1D5U5MB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvTHZ6bzd5UkUzV3BUNUVZRExoU1NlTFVQbFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXsZMA0G
CSqGSIb3DQEBCwUAA4IBAQAteBIYGjfz6BxanJCpK8SBVdnGdNI3bfAhYm6guRcj
UtPPNKkWjFllTjUCURoVEAbJTr1FqVEqdhW/7W90qJaopLsGZNa0pHPJpJni55So
K2Dr3s1iYkynkT/AvFErUpyI9bTw1hpkXPVvVEymwq3P2I9oPhik482Q76DOtyuV
Bz23hTLfCpKod1JaXAtztO6Z4tUj1IcBL2CKt1PUbFqsQGvyg23EZHf+E98kOimf
3/R2B1cB9Tm6pfsDqYVDCNFa72ynC8zM9Hx9uGcTASU9zkR0WJGn53pHyEDYHy2n
66ALZcZYj529KUk2WIW80riuCsFq7bGglWcw0dAQWp7B
-----END CERTIFICATE-----