This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/S_Jp9m9blIUps0OicsJ0YR9eOvE.roa
File:                     S_Jp9m9blIUps0OicsJ0YR9eOvE.roa (raw, json)
Hash identifier:          Be16CYxyexdW5EkOG7OmNRTbUwOGD3q//e7OhhleAMQ=
Subject key identifier:   4B:F2:69:F6:6F:5B:94:85:29:B3:43:A2:72:C2:74:61:1F:5E:3A:F1
Certificate issuer:       /CN=93501077db80d52b16d49f863a61ea41a124bc59
Certificate serial:       019B7B35C309C0F767C846CCAB685BAD2776
Authority key identifier: 93:50:10:77:DB:80:D5:2B:16:D4:9F:86:3A:61:EA:41:A1:24:BC:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k1AQd9uA1SsW1J-GOmHqQaEkvFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/S_Jp9m9blIUps0OicsJ0YR9eOvE.roa
Signing time:             Thu 01 Jan 2026 20:17:59 +0000
ROA not before:           Thu 01 Jan 2026 20:17:59 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     52209
IP address blocks:        2a09:a6c0::/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/k1AQd9uA1SsW1J-GOmHqQaEkvFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/k1AQd9uA1SsW1J-GOmHqQaEkvFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k1AQd9uA1SsW1J-GOmHqQaEkvFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 20:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:c3:09:c0:f7:67:c8:46:cc:ab:68:5b:ad:27:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93501077db80d52b16d49f863a61ea41a124bc59
        Validity
            Not Before: Jan  1 20:17:59 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4bf269f66f5b948529b343a272c274611f5e3af1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:fe:4b:c5:3c:e3:40:fc:18:55:81:e8:b6:f7:
                    00:a6:06:03:8e:4a:af:f6:07:08:bd:e8:53:5e:6f:
                    df:c3:f8:de:63:95:b1:88:58:99:9c:3a:97:bc:4d:
                    56:84:c0:d5:37:16:38:30:06:e1:4a:96:3b:4e:d6:
                    d0:89:dd:7f:85:83:92:16:51:b4:2e:a5:2b:df:6c:
                    77:ca:da:b7:cd:0e:8c:7d:a8:4d:a5:9c:02:15:8a:
                    ec:ee:9c:65:10:2b:3a:25:79:5a:8c:84:8f:1e:c2:
                    96:ad:5e:b4:ae:e9:59:01:d6:31:30:85:eb:ef:dd:
                    bc:2e:6d:34:5d:67:f0:f4:47:8c:4e:92:c0:27:52:
                    27:70:be:ee:c1:21:f6:3c:57:53:25:e8:61:1f:77:
                    5b:36:94:e4:1a:9c:ab:b2:ed:76:0c:a2:51:13:4c:
                    03:67:1b:2a:cb:aa:72:16:5c:e6:4c:df:a2:93:b7:
                    0d:66:aa:a0:04:14:88:d2:60:3f:53:fb:50:b7:31:
                    07:4a:74:9b:1e:aa:1c:21:32:cc:28:16:4c:8c:57:
                    48:d5:6b:c6:c3:2a:36:04:51:5f:e9:53:0e:1a:78:
                    db:a3:59:08:cd:74:b5:46:40:fd:4f:73:a2:d0:13:
                    83:17:0c:7c:1b:4f:46:fd:62:24:37:06:12:59:7a:
                    07:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F2:69:F6:6F:5B:94:85:29:B3:43:A2:72:C2:74:61:1F:5E:3A:F1
            X509v3 Authority Key Identifier:
                keyid:93:50:10:77:DB:80:D5:2B:16:D4:9F:86:3A:61:EA:41:A1:24:BC:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AQd9uA1SsW1J-GOmHqQaEkvFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/S_Jp9m9blIUps0OicsJ0YR9eOvE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d0bcf3-4b21-4161-b82e-79d1a27cd993/1/k1AQd9uA1SsW1J-GOmHqQaEkvFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:a6c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         20:a4:b8:57:10:87:ff:f0:93:1e:54:65:cb:92:cb:7d:4e:0b:
         ca:78:c8:84:cd:96:87:ca:0e:88:5c:29:cd:f9:77:1d:48:cb:
         a7:c8:69:f9:7f:c9:6b:a4:95:ef:85:3c:62:a6:03:cd:b4:b0:
         11:b4:73:73:9d:ac:2a:28:91:e6:bd:c9:7b:6c:c0:ed:33:cd:
         03:0c:d4:a1:61:f2:07:b8:46:16:a2:0f:f3:14:16:4e:c3:24:
         8c:e7:0d:b8:40:5f:05:d2:8a:e8:18:9d:06:91:1b:00:8d:5d:
         f2:4e:e3:26:c1:59:43:e0:33:9f:64:a2:0e:46:ce:d3:1c:fe:
         a0:7f:ac:68:c9:df:4d:f8:b8:74:a4:9c:32:92:62:ba:30:63:
         3e:77:c1:65:48:60:7b:55:8e:49:22:83:f2:4f:1e:9e:ca:2a:
         ed:fb:bb:70:bb:91:95:21:d8:95:4c:d4:52:bb:0c:a8:b3:7b:
         d7:9f:0f:45:97:86:99:a9:ad:eb:d2:51:02:64:d9:da:4d:e5:
         49:18:c4:0c:d6:87:f1:9c:66:3b:5f:14:fd:ac:40:34:0d:2e:
         eb:7e:ce:43:62:2d:31:ae:da:f4:79:00:c4:30:d7:94:85:88:
         0e:80:38:fb:3d:fa:17:60:f1:90:0a:c0:2d:38:d3:16:79:ee:
         43:62:54:58
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt7NcMJwPdnyEbMq2hbrSd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAxMDc3ZGI4MGQ1MmIxNmQ0OWY4NjNhNjFlYTQxYTEy
NGJjNTkwHhcNMjYwMTAxMjAxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYyNjlmNjZmNWI5NDg1MjliMzQzYTI3MmMyNzQ2MTFmNWUzYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv5LxTzjQPwYVYHotvcApgYDjkqv
9gcIvehTXm/fw/jeY5WxiFiZnDqXvE1WhMDVNxY4MAbhSpY7TtbQid1/hYOSFlG0
LqUr32x3ytq3zQ6MfahNpZwCFYrs7pxlECs6JXlajISPHsKWrV60rulZAdYxMIXr
7928Lm00XWfw9EeMTpLAJ1IncL7uwSH2PFdTJehhH3dbNpTkGpyrsu12DKJRE0wD
Zxsqy6pyFlzmTN+ik7cNZqqgBBSI0mA/U/tQtzEHSnSbHqocITLMKBZMjFdI1WvG
wyo2BFFf6VMOGnjbo1kIzXS1RkD9T3Oi0BODFwx8G09G/WIkNwYSWXoHjQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEvyafZvW5SFKbNDonLCdGEfXjrxMB8GA1UdIwQY
MBaAFJNQEHfbgNUrFtSfhjph6kGhJLxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBUWQ5dUExU3NXMUotR09tSHFRYUVrdkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9kMGJjZjMtNGIyMS00MTYxLWI4MmUt
NzlkMWEyN2NkOTkzLzEvU19KcDltOWJsSVVwczBPaWNzSjBZUjllT3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9kMGJjZjMtNGIyMS00MTYxLWI4MmUtNzlkMWEyN2NkOTkz
LzEvazFBUWQ5dUExU3NXMUotR09tSHFRYUVrdkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmmwDAN
BgkqhkiG9w0BAQsFAAOCAQEAIKS4VxCH//CTHlRly5LLfU4LynjIhM2Wh8oOiFwp
zfl3HUjLp8hp+X/Ja6SV74U8YqYDzbSwEbRzc52sKiiR5r3Je2zA7TPNAwzUoWHy
B7hGFqIP8xQWTsMkjOcNuEBfBdKK6BidBpEbAI1d8k7jJsFZQ+Azn2SiDkbO0xz+
oH+saMnfTfi4dKScMpJiujBjPnfBZUhge1WOSSKD8k8ensoq7fu7cLuRlSHYlUzU
UrsMqLN7158PRZeGmamt69JRAmTZ2k3lSRjEDNaH8ZxmO18U/axANA0u637OQ2It
Ma7a9HkAxDDXlIWIDoA4+z36F2DxkArALTjTFnnuQ2JUWA==
-----END CERTIFICATE-----