This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/Tmml49feaqVvr6-Zp1CTbsqyu4s.roa
File:                     Tmml49feaqVvr6-Zp1CTbsqyu4s.roa (raw, json)
Hash identifier:          OynG7pdYWYSYExaPEq2/VIDTn7ckkIaQdLCiki4juoo=
Subject key identifier:   4E:69:A5:E3:D7:DE:6A:A5:6F:AF:AF:99:A7:50:93:6E:CA:B2:BB:8B
Certificate issuer:       /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial:       019B77C774E275EF9F751940C4DFC8F95F68
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/Tmml49feaqVvr6-Zp1CTbsqyu4s.roa
Signing time:             Thu 01 Jan 2026 04:18:38 +0000
ROA not before:           Thu 01 Jan 2026 04:18:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42246
IP address blocks:        82.177.201.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:74:e2:75:ef:9f:75:19:40:c4:df:c8:f9:5f:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
        Validity
            Not Before: Jan  1 04:18:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4e69a5e3d7de6aa56fafaf99a750936ecab2bb8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:69:f7:1d:0d:cc:9e:c7:20:16:ae:b2:d8:f7:
                    96:dd:99:5d:19:86:80:d3:76:a2:40:a5:f3:46:77:
                    24:21:df:d6:5d:20:dd:af:16:2c:c8:a2:e3:d8:86:
                    8e:c8:73:83:6e:47:08:c9:27:a7:3d:7e:0b:31:97:
                    1d:a5:00:52:3e:59:61:1a:99:8f:ef:bd:0a:21:8c:
                    8f:fb:b3:83:43:a5:08:24:ee:72:5f:d1:03:e5:21:
                    63:0b:73:ac:61:08:d8:b2:c4:32:97:77:3b:3e:d9:
                    f3:fe:d4:50:ac:29:80:00:3c:cf:fb:2f:42:93:58:
                    36:f1:df:89:bc:85:3c:08:27:ac:d5:72:6c:62:b1:
                    6c:a2:00:28:9a:d8:73:07:32:9a:ae:ea:37:ac:d5:
                    e7:ce:4d:f0:2e:ad:14:ab:fa:a8:4a:12:42:55:ef:
                    47:fc:b5:4f:45:2a:57:ea:77:ca:2a:fe:c1:8c:29:
                    df:fb:a4:5f:c4:86:5b:76:39:73:d1:24:82:14:1d:
                    6f:c0:28:e8:58:91:2c:38:51:e7:77:e7:cb:39:5c:
                    d9:9b:78:3a:7d:21:95:91:a3:f6:00:d1:33:ae:71:
                    51:d6:48:b6:53:db:9a:54:be:70:51:58:2a:0e:e7:
                    b9:8d:51:e7:b1:7a:d2:32:b6:cb:69:23:3d:72:61:
                    37:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:69:A5:E3:D7:DE:6A:A5:6F:AF:AF:99:A7:50:93:6E:CA:B2:BB:8B
            X509v3 Authority Key Identifier:
                keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/Tmml49feaqVvr6-Zp1CTbsqyu4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.177.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:74:ce:46:9b:dc:56:85:a6:d6:29:f1:68:fc:4a:57:75:27:
         35:34:6e:2e:f0:e7:87:58:d5:27:8c:ac:30:83:5b:2d:e8:e8:
         99:5d:83:81:c0:6f:49:fb:55:5d:fa:0c:d6:ae:57:ce:9b:03:
         0a:8b:50:a0:47:4f:fd:e9:93:90:02:25:37:fe:5d:fd:4a:e8:
         f0:19:68:34:3e:9e:88:af:2a:a6:f7:6d:3b:dc:7c:ee:7b:b7:
         5d:2f:96:e4:c5:2c:fe:f6:2b:4c:ab:7e:f1:81:c4:02:a8:0c:
         a6:aa:45:f7:8b:63:a6:1a:d6:0c:85:e3:39:7f:e9:d2:12:a4:
         db:a0:2c:6a:ac:0b:a5:56:ae:56:b3:b8:d7:db:85:bd:fc:79:
         67:23:ac:ca:e7:1b:0b:af:8d:ee:b2:cb:32:41:37:55:aa:b8:
         51:5d:f0:86:24:52:61:3f:3e:f5:0d:3b:b2:b8:f8:ed:b2:fa:
         b4:de:43:d4:56:3e:56:7b:26:52:45:6a:0c:7b:ce:c9:12:b6:
         92:39:60:45:bf:db:6b:72:2d:ac:f7:7d:f1:9d:b9:58:d0:ec:
         d9:5f:6e:cc:4f:df:70:15:40:4d:2a:50:dd:6c:3f:ed:26:7d:
         f6:a7:68:df:00:dd:66:0d:96:b6:70:29:fc:7c:8d:c2:c1:ca:
         19:a8:2a:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x3Tide+fdRlAxN/I+V9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjYwMTAxMDQxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY5YTVlM2Q3ZGU2YWE1NmZhZmFmOTlhNzUwOTM2ZWNhYjJiYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2n3HQ3MnscgFq6y2PeW3ZldGYaA
03aiQKXzRnckId/WXSDdrxYsyKLj2IaOyHODbkcIySenPX4LMZcdpQBSPllhGpmP
770KIYyP+7ODQ6UIJO5yX9ED5SFjC3OsYQjYssQyl3c7Ptnz/tRQrCmAADzP+y9C
k1g28d+JvIU8CCes1XJsYrFsogAomthzBzKaruo3rNXnzk3wLq0Uq/qoShJCVe9H
/LVPRSpX6nfKKv7BjCnf+6RfxIZbdjlz0SSCFB1vwCjoWJEsOFHnd+fLOVzZm3g6
fSGVkaP2ANEzrnFR1ki2U9uaVL5wUVgqDue5jVHnsXrSMrbLaSM9cmE3cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5ppePX3mqlb6+vmadQk27KsruLMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvVG1tbDQ5ZmVhcVZ2cjYtWnAxQ1Ric3F5dTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUrHJMA0G
CSqGSIb3DQEBCwUAA4IBAQBZdM5Gm9xWhabWKfFo/EpXdSc1NG4u8OeHWNUnjKww
g1st6OiZXYOBwG9J+1Vd+gzWrlfOmwMKi1CgR0/96ZOQAiU3/l39SujwGWg0Pp6I
ryqm92073Hzue7ddL5bkxSz+9itMq37xgcQCqAymqkX3i2OmGtYMheM5f+nSEqTb
oCxqrAulVq5Ws7jX24W9/HlnI6zK5xsLr43usssyQTdVqrhRXfCGJFJhPz71DTuy
uPjtsvq03kPUVj5WeyZSRWoMe87JEraSOWBFv9trci2s933xnblY0OzZX27MT99w
FUBNKlDdbD/tJn32p2jfAN1mDZa2cCn8fI3CwcoZqCpg
-----END CERTIFICATE-----