This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_0nF5lk0JXstTgR9V5s69vkizXM.roa
File:                     _0nF5lk0JXstTgR9V5s69vkizXM.roa (raw, json)
Hash identifier:          0XAoV62LHVhby30SPOW37LawPDTQNcK7ywZjIA+Rtrg=
Subject key identifier:   FF:49:C5:E6:59:34:25:7B:2D:4E:04:7D:57:9B:3A:F6:F9:22:CD:73
Certificate issuer:       /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial:       019B77C76EDF80E0B2A936D859FBBC811F20
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_0nF5lk0JXstTgR9V5s69vkizXM.roa
Signing time:             Thu 01 Jan 2026 04:18:37 +0000
ROA not before:           Thu 01 Jan 2026 04:18:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34903
IP address blocks:        82.177.18.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:6e:df:80:e0:b2:a9:36:d8:59:fb:bc:81:1f:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
        Validity
            Not Before: Jan  1 04:18:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ff49c5e65934257b2d4e047d579b3af6f922cd73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6e:07:de:a3:3a:2a:b2:0b:f1:8f:c9:5e:e5:
                    f5:f3:5c:4f:86:0d:81:37:68:b7:97:b8:c0:aa:53:
                    aa:c5:e3:13:70:bd:31:cc:ac:51:c4:11:c1:34:67:
                    f5:44:e8:54:9b:5a:9d:bc:69:df:05:f8:c6:fb:3c:
                    cb:e0:66:42:eb:91:45:27:31:82:42:bc:93:af:3b:
                    7f:11:64:1f:ba:74:8c:e3:89:36:c8:f1:f3:b2:3d:
                    b6:08:5a:06:07:74:f0:b2:88:3c:a2:ae:d0:11:e3:
                    99:1a:df:1a:2c:6f:b5:9e:7d:43:c2:27:6e:dd:71:
                    fc:92:a0:be:a3:77:79:4b:61:b0:81:0b:0e:f4:bd:
                    93:b8:e5:7f:38:ab:ab:93:17:94:9f:25:76:43:7e:
                    d6:d8:c1:97:a4:59:b3:7c:ee:2d:cc:f9:bc:61:c1:
                    75:8e:52:c0:98:23:36:8d:a3:7b:49:ca:11:16:a6:
                    5a:27:f8:3a:f6:c8:20:91:6b:d9:a6:c0:18:71:7e:
                    e2:22:a3:5c:6a:99:af:e3:62:94:ee:58:b5:8e:ce:
                    62:17:21:21:ce:ef:03:2f:d1:2e:02:4a:70:db:6d:
                    09:7d:f9:5c:df:57:c0:8e:44:43:22:e2:75:4c:c7:
                    4c:c0:0c:87:7a:b3:3d:00:56:eb:f9:55:c0:0d:bd:
                    fd:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:49:C5:E6:59:34:25:7B:2D:4E:04:7D:57:9B:3A:F6:F9:22:CD:73
            X509v3 Authority Key Identifier:
                keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/_0nF5lk0JXstTgR9V5s69vkizXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.177.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:10:11:27:86:96:c0:bd:fa:05:c5:b6:d0:7a:c1:af:a5:a6:
         71:1b:bc:ab:b8:ea:2e:6b:db:32:ec:8a:1a:4a:55:b5:13:a7:
         d4:e4:f7:69:db:7d:4b:7f:34:8f:c3:ad:8f:5e:f9:fa:46:77:
         0b:e4:1e:8e:17:49:09:ac:e7:a4:d7:09:df:5a:c5:07:22:11:
         e8:60:17:6c:fb:6a:d7:45:09:e7:dc:d1:d8:a9:ab:39:e5:b6:
         db:72:cf:64:e4:c1:2e:83:cf:d2:db:92:65:6f:d9:29:92:66:
         ca:20:92:f9:1a:67:d4:d4:a6:a6:a1:22:60:6f:ac:e3:6f:30:
         b9:be:e3:47:60:f0:3e:40:24:b0:7c:ff:60:5e:cb:40:67:74:
         78:d1:63:e0:ad:12:fd:15:4f:f7:23:cf:ea:a7:8d:1a:33:1d:
         2f:63:93:f6:1b:f4:0f:fc:23:14:fe:14:85:47:d6:e1:d1:6a:
         f2:e7:58:3f:dc:55:e4:13:43:a3:c3:72:95:4c:2b:86:6a:8e:
         c3:f4:a8:1a:9f:1d:9e:60:10:24:c6:46:11:d1:25:c6:7a:16:
         0d:8c:5e:d7:18:f7:61:30:e3:7a:5b:9f:05:fb:6b:cd:01:91:
         72:d0:00:8f:cd:e8:d2:bd:f6:86:51:04:bf:62:dd:a4:37:bd:
         ce:7d:c6:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x27fgOCyqTbYWfu8gR8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjYwMTAxMDQxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ5YzVlNjU5MzQyNTdiMmQ0ZTA0N2Q1NzliM2FmNmY5MjJjZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm4H3qM6KrIL8Y/JXuX181xPhg2B
N2i3l7jAqlOqxeMTcL0xzKxRxBHBNGf1ROhUm1qdvGnfBfjG+zzL4GZC65FFJzGC
QryTrzt/EWQfunSM44k2yPHzsj22CFoGB3Twsog8oq7QEeOZGt8aLG+1nn1Dwidu
3XH8kqC+o3d5S2GwgQsO9L2TuOV/OKurkxeUnyV2Q37W2MGXpFmzfO4tzPm8YcF1
jlLAmCM2jaN7ScoRFqZaJ/g69sggkWvZpsAYcX7iIqNcapmv42KU7li1js5iFyEh
zu8DL9EuAkpw220Jfflc31fAjkRDIuJ1TMdMwAyHerM9AFbr+VXADb39fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9JxeZZNCV7LU4EfVebOvb5Is1zMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvXzBuRjVsazBKWHN0VGdSOVY1czY5dmtpelhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUrESMA0G
CSqGSIb3DQEBCwUAA4IBAQCdEBEnhpbAvfoFxbbQesGvpaZxG7yruOoua9sy7Ioa
SlW1E6fU5Pdp231LfzSPw62PXvn6RncL5B6OF0kJrOek1wnfWsUHIhHoYBds+2rX
RQnn3NHYqas55bbbcs9k5MEug8/S25Jlb9kpkmbKIJL5GmfU1KamoSJgb6zjbzC5
vuNHYPA+QCSwfP9gXstAZ3R40WPgrRL9FU/3I8/qp40aMx0vY5P2G/QP/CMU/hSF
R9bh0Wry51g/3FXkE0Ojw3KVTCuGao7D9Kganx2eYBAkxkYR0SXGehYNjF7XGPdh
MON6W58F+2vNAZFy0ACPzejSvfaGUQS/Yt2kN73Ofcai
-----END CERTIFICATE-----