This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/dIklPH6MQVoi4FKEgOv-ZNvLOdQ.roa
File:                     dIklPH6MQVoi4FKEgOv-ZNvLOdQ.roa (raw, json)
Hash identifier:          8vf5FWodBfFQuv37hN2+e65ZSB5TlTHJUcgDUZ0ExBM=
Subject key identifier:   74:89:25:3C:7E:8C:41:5A:22:E0:52:84:80:EB:FE:64:DB:CB:39:D4
Certificate issuer:       /CN=f9e20f7d3a2cc95d9de6f4e334cb4b67922e70f5
Certificate serial:       019B7DCA72A48D29010C56CE5C11891303D2
Authority key identifier: F9:E2:0F:7D:3A:2C:C9:5D:9D:E6:F4:E3:34:CB:4B:67:92:2E:70:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-eIPfTosyV2d5vTjNMtLZ5IucPU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/dIklPH6MQVoi4FKEgOv-ZNvLOdQ.roa
Signing time:             Fri 02 Jan 2026 08:19:38 +0000
ROA not before:           Fri 02 Jan 2026 08:19:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     35775
IP address blocks:        194.88.148.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/1-eIPfTosyV2d5vTjNMtLZ5IucPU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/1-eIPfTosyV2d5vTjNMtLZ5IucPU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-eIPfTosyV2d5vTjNMtLZ5IucPU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:72:a4:8d:29:01:0c:56:ce:5c:11:89:13:03:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f9e20f7d3a2cc95d9de6f4e334cb4b67922e70f5
        Validity
            Not Before: Jan  2 08:19:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7489253c7e8c415a22e0528480ebfe64dbcb39d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:67:cd:9b:2e:73:f2:9b:11:e5:03:bd:84:2e:
                    21:7b:07:e0:17:4c:3c:30:e0:c6:27:fb:d8:7f:fc:
                    c4:0a:f6:bb:f5:7c:b2:19:5f:b9:d2:9d:4e:80:b7:
                    cc:b7:5f:db:d4:cb:c6:ad:dc:c2:14:a5:43:d0:b1:
                    58:8e:e0:55:4a:ca:45:a7:34:a8:3d:e4:5a:95:c5:
                    39:e5:cc:fa:e8:13:2c:82:ff:6b:a9:7d:fe:28:3a:
                    da:4a:4c:21:bc:63:ca:02:43:8b:42:6a:00:05:34:
                    f5:5c:dd:d0:8f:d1:51:87:69:ee:f1:ea:54:73:8c:
                    81:f4:cd:6a:c6:d8:92:37:0e:7a:c3:1a:f0:78:ff:
                    f0:ca:99:0f:d9:d6:0e:fd:56:b4:b2:a0:b4:0b:da:
                    24:81:45:b1:47:20:ce:f9:da:72:5d:bc:44:30:69:
                    68:91:a0:c3:f6:d2:a6:34:34:07:9d:2b:b6:87:d3:
                    14:2b:9a:56:0b:1d:eb:34:7b:32:77:11:14:5f:56:
                    36:3a:0d:00:2e:08:c0:e1:be:5d:08:4e:f0:42:7b:
                    f4:28:68:59:da:6f:da:bb:a5:0b:dd:7b:4c:59:4d:
                    3d:0f:55:a2:53:f8:87:8f:ab:9d:94:d3:c9:6a:90:
                    52:ef:01:22:a4:bc:59:ca:35:7a:55:c3:9d:ac:cb:
                    15:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:89:25:3C:7E:8C:41:5A:22:E0:52:84:80:EB:FE:64:DB:CB:39:D4
            X509v3 Authority Key Identifier:
                keyid:F9:E2:0F:7D:3A:2C:C9:5D:9D:E6:F4:E3:34:CB:4B:67:92:2E:70:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eIPfTosyV2d5vTjNMtLZ5IucPU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/dIklPH6MQVoi4FKEgOv-ZNvLOdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e7fce-4841-476b-84c0-a54eb8566bef/1/1-eIPfTosyV2d5vTjNMtLZ5IucPU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.88.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:ff:7b:6e:1b:0b:1d:04:b4:db:08:76:0e:6f:c7:f1:13:21:
         d1:f2:33:aa:af:01:4c:3d:23:bd:76:bf:78:3d:e4:a2:a8:0f:
         e0:ff:7c:45:21:c3:fd:46:dc:fb:f4:be:f3:cc:02:2d:a1:13:
         d7:37:21:a4:3f:bb:1c:ab:ed:84:b2:fa:cb:af:6c:a5:86:d6:
         32:1c:e2:53:16:f7:54:cc:4e:80:25:61:7b:b8:4b:41:9d:fc:
         a2:b0:0e:47:92:d0:29:4d:c4:39:b2:fc:3f:84:86:d2:f2:09:
         b5:b7:52:7b:5a:3e:8c:e4:8c:22:03:ed:fb:30:26:d0:c9:a9:
         48:09:79:e8:14:9c:a8:15:ac:94:9a:5e:d5:58:64:9c:ec:0a:
         25:41:43:c9:7d:f2:42:b2:60:8c:c5:37:ac:7e:60:0c:71:a1:
         01:fb:39:d6:58:f3:5b:db:16:81:fe:fb:24:5b:11:68:f0:98:
         f4:de:09:f2:11:da:87:63:d9:61:ab:06:33:ce:cb:78:3a:ea:
         27:04:02:54:e5:e6:1e:dd:07:5a:9e:54:d9:df:8c:94:18:c0:
         e1:d8:09:08:bd:99:68:cd:9f:7e:ba:ca:15:8c:b9:81:4e:ee:
         9f:67:6a:b9:75:cc:a0:74:cd:ce:6b:99:9f:d2:93:19:76:7f:
         02:6a:04:6f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZt9ynKkjSkBDFbOXBGJEwPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZTIwZjdkM2EyY2M5NWQ5ZGU2ZjRlMzM0Y2I0YjY3OTIy
ZTcwZjUwHhcNMjYwMTAyMDgxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg5MjUzYzdlOGM0MTVhMjJlMDUyODQ4MGViZmU2NGRiY2IzOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGfNmy5z8psR5QO9hC4hewfgF0w8
MODGJ/vYf/zECva79XyyGV+50p1OgLfMt1/b1MvGrdzCFKVD0LFYjuBVSspFpzSo
PeRalcU55cz66BMsgv9rqX3+KDraSkwhvGPKAkOLQmoABTT1XN3Qj9FRh2nu8epU
c4yB9M1qxtiSNw56wxrweP/wypkP2dYO/Va0sqC0C9okgUWxRyDO+dpyXbxEMGlo
kaDD9tKmNDQHnSu2h9MUK5pWCx3rNHsydxEUX1Y2Og0ALgjA4b5dCE7wQnv0KGhZ
2m/au6UL3XtMWU09D1WiU/iHj6udlNPJapBS7wEipLxZyjV6VcOdrMsVkQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHSJJTx+jEFaIuBShIDr/mTbyznUMB8GA1UdIwQY
MBaAFPniD306LMldneb04zTLS2eSLnD1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1lSVBmVG9zeVYyZDV2VGpOTXRMWjVJdWNQVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvN2U3ZmNlLTQ4NDEtNDc2Yi04NGMw
LWE1NGViODU2NmJlZi8xL2RJa2xQSDZNUVZvaTRGS0VnT3YtWk52TE9kUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvN2U3ZmNlLTQ4NDEtNDc2Yi04NGMwLWE1NGViODU2NmJl
Zi8xLzEtZUlQZlRvc3lWMmQ1dlRqTk10TFo1SXVjUFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHCWJQw
DQYJKoZIhvcNAQELBQADggEBAI7/e24bCx0EtNsIdg5vx/ETIdHyM6qvAUw9I712
v3g95KKoD+D/fEUhw/1G3Pv0vvPMAi2hE9c3IaQ/uxyr7YSy+suvbKWG1jIc4lMW
91TMToAlYXu4S0Gd/KKwDkeS0ClNxDmy/D+EhtLyCbW3UntaPozkjCID7fswJtDJ
qUgJeegUnKgVrJSaXtVYZJzsCiVBQ8l98kKyYIzFN6x+YAxxoQH7OdZY81vbFoH+
+yRbEWjwmPTeCfIR2odj2WGrBjPOy3g66icEAlTl5h7dB1qeVNnfjJQYwOHYCQi9
mWjNn366yhWMuYFO7p9narl1zKB0zc5rmZ/Skxl2fwJqBG8=
-----END CERTIFICATE-----