This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/TTolVZDGDqJ96cw1ao2YfurArxw.roa
File:                     TTolVZDGDqJ96cw1ao2YfurArxw.roa (raw, json)
Hash identifier:          cosgXImXqaLN2GDpw6pQx/7KB01l2Y7hSMANdeb88IU=
Subject key identifier:   4D:3A:25:55:90:C6:0E:A2:7D:E9:CC:35:6A:8D:98:7E:EA:C0:AF:1C
Certificate issuer:       /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial:       019B7C8084442463BEB10F4D6DFB0C69352E
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/TTolVZDGDqJ96cw1ao2YfurArxw.roa
Signing time:             Fri 02 Jan 2026 02:19:15 +0000
ROA not before:           Fri 02 Jan 2026 02:19:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211974
IP address blocks:        195.5.76.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:84:44:24:63:be:b1:0f:4d:6d:fb:0c:69:35:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
        Validity
            Not Before: Jan  2 02:19:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4d3a255590c60ea27de9cc356a8d987eeac0af1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:61:20:41:8a:42:86:e0:7f:0b:e4:eb:9a:7a:
                    63:52:79:8d:e8:50:6f:27:b7:a0:48:cc:bd:05:3b:
                    34:06:11:4e:18:7f:52:8e:7b:f8:59:88:f3:cb:d0:
                    9a:aa:ae:cb:96:75:bb:7e:0d:e5:88:79:52:44:04:
                    31:1b:67:26:04:eb:fd:35:d9:65:6c:e9:03:37:2a:
                    88:88:99:bf:36:ea:f7:7b:a4:66:99:80:fa:4c:c1:
                    d3:f8:06:e3:68:60:0d:2d:4e:6b:ad:06:dd:c9:6d:
                    5f:ce:15:c4:1e:a8:18:3e:9e:ab:f8:f7:d4:f1:2e:
                    26:c8:da:b9:6c:d6:00:42:85:34:26:fe:aa:78:b1:
                    a8:2f:4d:4a:cc:82:d5:06:0e:42:4d:97:a0:94:f9:
                    f0:a7:ed:11:42:1c:08:b8:40:7b:b8:84:96:d3:27:
                    b5:2f:cd:73:45:fd:5a:b7:47:87:f9:76:ae:74:89:
                    43:95:86:65:54:c3:2e:c8:4d:ea:31:37:17:34:6a:
                    85:8a:b1:b5:a5:99:85:97:b6:26:bd:c4:b1:ba:0e:
                    2e:98:07:ce:24:6a:af:b9:58:f0:03:11:07:e8:81:
                    9e:d0:60:ce:b8:4e:ec:fa:e6:f4:b9:41:ea:c1:cc:
                    fc:d4:e4:6b:66:dc:14:90:88:f5:70:7c:2b:76:9a:
                    04:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:3A:25:55:90:C6:0E:A2:7D:E9:CC:35:6A:8D:98:7E:EA:C0:AF:1C
            X509v3 Authority Key Identifier:
                keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/TTolVZDGDqJ96cw1ao2YfurArxw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.5.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:bb:5c:d2:5e:f7:cb:1b:78:57:30:fe:f9:3c:bd:ff:0d:2f:
         68:a3:0a:c2:27:8d:5a:c5:52:1f:07:31:2b:0b:47:68:24:38:
         25:4d:ae:5e:71:61:47:96:51:f5:38:b8:b5:9a:c7:3a:29:79:
         ce:4d:f4:7b:8e:0c:a1:36:9d:b5:10:e5:97:cf:4e:26:3a:05:
         13:d0:77:6c:5a:9b:da:ef:11:49:6c:a7:14:45:e0:ef:60:7c:
         43:3d:8e:52:3f:39:48:a0:fa:f1:66:7f:dc:3b:6c:9c:e8:80:
         71:09:09:55:a0:38:f8:2d:02:6e:70:b5:97:0b:28:ef:30:c2:
         35:80:7d:20:1c:dc:82:b4:0b:8b:88:d1:8f:da:ec:d0:fa:a9:
         62:7d:d8:de:63:64:33:76:41:cc:af:bc:3a:e1:a5:e1:0b:5c:
         52:d2:b4:b5:55:23:91:8d:72:c8:55:73:61:47:66:a8:66:c9:
         0e:46:48:de:89:33:a4:8f:4b:98:e0:a4:0a:ee:40:9b:f8:bd:
         da:10:63:7b:2e:4d:3e:92:88:f2:4c:b5:6d:97:d9:85:ff:55:
         b9:9f:50:35:2d:a3:ef:99:2e:d6:25:13:77:5f:74:b0:c4:2f:
         dc:1b:57:76:5e:59:a8:bc:4c:f7:db:2a:b1:c3:ee:22:5b:6c:
         05:5f:31:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gIREJGO+sQ9NbfsMaTUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDNhMjU1NTkwYzYwZWEyN2RlOWNjMzU2YThkOTg3ZWVhYzBhZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GEgQYpChuB/C+TrmnpjUnmN6FBv
J7egSMy9BTs0BhFOGH9Sjnv4WYjzy9Caqq7LlnW7fg3liHlSRAQxG2cmBOv9Ndll
bOkDNyqIiJm/Nur3e6RmmYD6TMHT+AbjaGANLU5rrQbdyW1fzhXEHqgYPp6r+PfU
8S4myNq5bNYAQoU0Jv6qeLGoL01KzILVBg5CTZeglPnwp+0RQhwIuEB7uISW0ye1
L81zRf1at0eH+XaudIlDlYZlVMMuyE3qMTcXNGqFirG1pZmFl7YmvcSxug4umAfO
JGqvuVjwAxEH6IGe0GDOuE7s+ub0uUHqwcz81ORrZtwUkIj1cHwrdpoEYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE06JVWQxg6ifenMNWqNmH7qwK8cMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvVFRvbFZaREdEcUo5NmN3MWFvMllmdXJBcnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwVMMA0G
CSqGSIb3DQEBCwUAA4IBAQATu1zSXvfLG3hXMP75PL3/DS9oowrCJ41axVIfBzEr
C0doJDglTa5ecWFHllH1OLi1msc6KXnOTfR7jgyhNp21EOWXz04mOgUT0HdsWpva
7xFJbKcUReDvYHxDPY5SPzlIoPrxZn/cO2yc6IBxCQlVoDj4LQJucLWXCyjvMMI1
gH0gHNyCtAuLiNGP2uzQ+qlifdjeY2QzdkHMr7w64aXhC1xS0rS1VSORjXLIVXNh
R2aoZskORkjeiTOkj0uY4KQK7kCb+L3aEGN7Lk0+kojyTLVtl9mF/1W5n1A1LaPv
mS7WJRN3X3SwxC/cG1d2XlmovEz32yqxw+4iW2wFXzGa
-----END CERTIFICATE-----