This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/K-bDHt82voK5usEqFt7OS3Su4j0.roa
File:                     K-bDHt82voK5usEqFt7OS3Su4j0.roa (raw, json)
Hash identifier:          sQv6jtPhiTIhJJU8h8nRxjvZ0djkuKfK6NCVBtdlPGQ=
Subject key identifier:   2B:E6:C3:1E:DF:36:BE:82:B9:BA:C1:2A:16:DE:CE:4B:74:AE:E2:3D
Certificate issuer:       /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial:       019B7F833C46998CA08A2CDDF42E0BABCA2D
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/K-bDHt82voK5usEqFt7OS3Su4j0.roa
Signing time:             Fri 02 Jan 2026 16:21:05 +0000
ROA not before:           Fri 02 Jan 2026 16:21:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203685
IP address blocks:        88.199.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:83:3c:46:99:8c:a0:8a:2c:dd:f4:2e:0b:ab:ca:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
        Validity
            Not Before: Jan  2 16:21:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2be6c31edf36be82b9bac12a16dece4b74aee23d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:42:0e:45:f9:35:6e:b2:e5:74:a4:99:ef:63:
                    8a:3c:2e:34:74:75:fb:31:01:39:5d:c7:0f:27:fd:
                    70:92:4e:5e:bf:78:64:f5:b6:a9:72:b0:db:3d:d5:
                    1e:c5:12:84:50:85:97:b9:a3:bc:a2:15:b7:18:56:
                    3c:a0:99:4c:9e:81:a6:0f:a4:0c:f4:98:9d:67:0f:
                    31:b1:56:38:82:24:b4:27:d0:30:d8:94:c2:3f:2f:
                    03:9d:92:ee:40:8a:97:13:ee:58:46:f0:8c:99:b1:
                    50:23:e2:3d:b1:5b:40:cf:e2:18:19:38:98:72:e0:
                    27:5c:95:e9:6e:ec:93:51:c9:ce:19:c9:db:65:3d:
                    c7:fd:17:ff:41:b9:60:0b:37:91:52:c7:ce:e0:38:
                    22:91:6f:a2:54:20:58:dd:af:7a:54:1d:5b:03:46:
                    98:32:93:d4:90:65:56:15:2e:27:7f:40:fb:75:b1:
                    e8:4d:6a:19:96:bd:63:27:85:2a:0c:21:a5:54:7f:
                    9e:75:07:40:87:7e:d5:c2:e9:23:7b:50:12:5d:e0:
                    97:d4:7d:2b:dd:4a:91:88:13:3e:27:76:fb:13:45:
                    bf:55:4a:28:92:54:1e:84:03:54:5a:31:12:2d:df:
                    59:ed:c6:21:ce:70:4a:0f:e2:ea:c3:08:cd:64:7f:
                    f5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:E6:C3:1E:DF:36:BE:82:B9:BA:C1:2A:16:DE:CE:4B:74:AE:E2:3D
            X509v3 Authority Key Identifier:
                keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/K-bDHt82voK5usEqFt7OS3Su4j0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.199.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:15:67:47:ec:0b:ef:6b:99:88:c0:37:fe:83:2a:fa:d1:74:
         af:06:9c:b6:b0:1f:3d:99:0d:41:b1:bf:f7:bd:cd:a6:15:83:
         59:6f:6e:e3:e9:41:d7:cf:60:7f:44:3f:ac:71:cf:28:0a:e2:
         44:9e:73:c4:90:52:15:5f:38:5d:d0:27:04:52:3c:cb:e8:f8:
         fd:d6:7d:03:9f:97:95:6c:cc:d4:10:4b:9a:cc:36:d9:90:ec:
         17:57:e3:5d:49:7b:23:31:26:72:d1:62:3f:34:cd:8f:02:27:
         41:63:03:75:d6:91:10:fd:07:ae:d7:55:cd:af:37:7f:b9:1b:
         90:be:7a:9a:4e:a3:94:ca:02:0b:ff:b3:39:8e:39:92:cc:a5:
         8e:1c:6f:f8:bb:b6:6d:9b:8a:03:d4:db:5f:72:23:da:c7:ae:
         9c:13:e6:d4:f8:33:f1:58:d1:02:83:f2:f6:6f:9f:b7:d0:09:
         e6:d8:ca:85:5d:f4:2b:70:ab:51:c0:39:ab:6e:0c:99:36:ba:
         d6:b9:f9:e4:46:71:bb:11:7e:18:f7:3f:8c:1b:bf:85:3e:76:
         93:e4:d0:be:35:e4:cb:2e:9a:b6:9b:27:8f:59:a5:67:51:80:
         c7:ae:34:ab:da:ca:76:11:6e:2b:25:4c:8d:88:84:cc:67:e1:
         f3:ec:2b:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gzxGmYygiizd9C4Lq8otMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjYwMTAyMTYyMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU2YzMxZWRmMzZiZTgyYjliYWMxMmExNmRlY2U0Yjc0YWVlMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUIORfk1brLldKSZ72OKPC40dHX7
MQE5XccPJ/1wkk5ev3hk9bapcrDbPdUexRKEUIWXuaO8ohW3GFY8oJlMnoGmD6QM
9JidZw8xsVY4giS0J9Aw2JTCPy8DnZLuQIqXE+5YRvCMmbFQI+I9sVtAz+IYGTiY
cuAnXJXpbuyTUcnOGcnbZT3H/Rf/QblgCzeRUsfO4DgikW+iVCBY3a96VB1bA0aY
MpPUkGVWFS4nf0D7dbHoTWoZlr1jJ4UqDCGlVH+edQdAh37Vwukje1ASXeCX1H0r
3UqRiBM+J3b7E0W/VUooklQehANUWjESLd9Z7cYhznBKD+LqwwjNZH/1BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvmwx7fNr6CubrBKhbezkt0ruI9MB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvSy1iREh0ODJ2b0s1dXNFcUZ0N09TM1N1NGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWMclMA0G
CSqGSIb3DQEBCwUAA4IBAQA/FWdH7Avva5mIwDf+gyr60XSvBpy2sB89mQ1Bsb/3
vc2mFYNZb27j6UHXz2B/RD+scc8oCuJEnnPEkFIVXzhd0CcEUjzL6Pj91n0Dn5eV
bMzUEEuazDbZkOwXV+NdSXsjMSZy0WI/NM2PAidBYwN11pEQ/Qeu11XNrzd/uRuQ
vnqaTqOUygIL/7M5jjmSzKWOHG/4u7Ztm4oD1NtfciPax66cE+bU+DPxWNECg/L2
b5+30Anm2MqFXfQrcKtRwDmrbgyZNrrWufnkRnG7EX4Y9z+MG7+FPnaT5NC+NeTL
Lpq2myePWaVnUYDHrjSr2sp2EW4rJUyNiITMZ+Hz7CtL
-----END CERTIFICATE-----