This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/96JeZAvkymAjufM9GqOuVVE8AsU.roa
File:                     96JeZAvkymAjufM9GqOuVVE8AsU.roa (raw, json)
Hash identifier:          RAw8/+/ocFmYw4+WxvBjaaEuOkiO0N37In0BJTflsrs=
Subject key identifier:   F7:A2:5E:64:0B:E4:CA:60:23:B9:F3:3D:1A:A3:AE:55:51:3C:02:C5
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       019B7AC7F4CA2374D45D5967ED8EBADEAFE5
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/96JeZAvkymAjufM9GqOuVVE8AsU.roa
Signing time:             Thu 01 Jan 2026 18:18:03 +0000
ROA not before:           Thu 01 Jan 2026 18:18:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     25182
IP address blocks:        145.58.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:f4:ca:23:74:d4:5d:59:67:ed:8e:ba:de:af:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  1 18:18:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f7a25e640be4ca6023b9f33d1aa3ae55513c02c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:e1:4c:60:72:75:a8:6c:67:63:bd:09:ee:c5:
                    d4:14:82:02:0d:28:d1:fe:0c:3b:98:2f:93:8f:e7:
                    75:2d:65:9d:15:27:05:ba:50:98:69:93:52:c4:6a:
                    75:40:f9:df:6f:da:75:8a:5b:62:e1:c1:8b:f4:fc:
                    b6:5b:45:48:35:06:d7:4f:e3:c5:34:b4:3c:7e:1e:
                    66:cb:1d:79:80:8d:75:7e:2b:5b:9c:cb:ab:ab:cb:
                    f2:b5:5c:db:60:8e:19:89:82:40:7f:f8:17:4c:85:
                    3e:cf:47:c1:dd:14:5d:d4:d9:0d:a2:24:52:40:02:
                    8c:2f:25:76:89:b3:61:63:68:1f:fd:2f:7c:ca:f5:
                    26:51:41:c3:a0:d3:8d:9a:78:91:0a:5e:2f:68:b7:
                    31:67:b0:3f:cb:6c:50:02:ba:41:b0:5e:db:a0:64:
                    91:f1:51:85:49:79:e8:66:a3:dd:c5:7f:02:a7:4e:
                    f8:59:3d:43:b2:95:39:27:41:9f:85:31:3d:92:80:
                    63:90:ef:a4:c9:aa:1c:04:ba:73:ab:a0:98:bb:2f:
                    19:8f:12:76:13:e2:53:ff:5a:e2:b7:7a:ae:a3:5d:
                    df:da:44:2c:30:da:41:49:c6:77:d5:07:4c:31:33:
                    40:49:22:27:36:f5:dd:6b:7a:c3:48:37:b1:70:9b:
                    3d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:A2:5E:64:0B:E4:CA:60:23:B9:F3:3D:1A:A3:AE:55:51:3C:02:C5
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/96JeZAvkymAjufM9GqOuVVE8AsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ae:ec:8f:b1:6f:01:0b:65:c0:88:49:44:eb:1c:be:cf:7c:e9:
         44:0d:32:16:5d:31:44:a8:a3:ef:b7:31:c9:d9:bc:ab:b6:00:
         cb:5d:1c:2a:c8:18:9f:d3:4c:b8:3a:03:07:ce:da:9a:ef:ca:
         86:b5:45:08:86:46:14:30:01:59:e0:64:b1:4c:ee:80:ef:ac:
         a0:44:a0:9a:b3:28:02:98:48:75:d8:00:d0:fc:49:8f:32:ad:
         d0:ec:8a:e8:23:96:28:de:e5:07:2e:c7:41:ae:0a:d5:dc:a0:
         96:9b:70:0a:f1:f1:3f:45:6f:43:34:98:e0:9b:1a:a4:46:5d:
         52:c6:70:30:b5:9d:49:fc:90:65:81:4d:4a:d1:11:83:b0:4f:
         40:e2:48:fc:b0:73:cc:4b:97:e3:24:2c:cf:ce:a2:c0:8d:31:
         c3:79:3d:ce:71:5f:e4:0f:9b:fd:22:8f:cc:e0:60:c6:9d:6c:
         41:04:60:77:ef:dc:bd:f1:9e:5f:4c:ee:6b:10:5b:57:a8:7f:
         2e:d6:bd:7c:8b:ad:6b:d3:dd:94:26:29:a8:55:f0:65:29:4a:
         3c:e6:de:6c:de:59:44:e6:81:42:14:b5:5c:14:d3:ae:d1:50:
         ee:23:a7:85:2a:10:1b:2f:e0:d5:9d:9f:08:0e:63:ee:44:95:
         d7:36:30:0d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZt6x/TKI3TUXVln7Y663q/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjYwMTAxMTgxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EyNWU2NDBiZTRjYTYwMjNiOWYzM2QxYWEzYWU1NTUxM2MwMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eFMYHJ1qGxnY70J7sXUFIICDSjR
/gw7mC+Tj+d1LWWdFScFulCYaZNSxGp1QPnfb9p1ilti4cGL9Py2W0VINQbXT+PF
NLQ8fh5myx15gI11fitbnMurq8vytVzbYI4ZiYJAf/gXTIU+z0fB3RRd1NkNoiRS
QAKMLyV2ibNhY2gf/S98yvUmUUHDoNONmniRCl4vaLcxZ7A/y2xQArpBsF7boGSR
8VGFSXnoZqPdxX8Cp074WT1DspU5J0GfhTE9koBjkO+kyaocBLpzq6CYuy8ZjxJ2
E+JT/1rit3quo13f2kQsMNpBScZ31QdMMTNASSInNvXda3rDSDexcJs9bwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPeiXmQL5MpgI7nzPRqjrlVRPALFMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvOTZKZVpBdmt5bUFqdWZNOUdxT3VWVkU4QXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkTowDQYJ
KoZIhvcNAQELBQADggEBAK7sj7FvAQtlwIhJROscvs986UQNMhZdMUSoo++3McnZ
vKu2AMtdHCrIGJ/TTLg6AwfO2prvyoa1RQiGRhQwAVngZLFM7oDvrKBEoJqzKAKY
SHXYAND8SY8yrdDsiugjlije5Qcux0GuCtXcoJabcArx8T9Fb0M0mOCbGqRGXVLG
cDC1nUn8kGWBTUrREYOwT0DiSPywc8xLl+MkLM/OosCNMcN5Pc5xX+QPm/0ij8zg
YMadbEEEYHfv3L3xnl9M7msQW1eofy7WvXyLrWvT3ZQmKahV8GUpSjzm3mzeWUTm
gUIUtVwU067RUO4jp4UqEBsv4NWdnwgOY+5Eldc2MA0=
-----END CERTIFICATE-----