This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/IBvfpHlo0nhBmzHxQLjSRpI2BSY.roa
File:                     IBvfpHlo0nhBmzHxQLjSRpI2BSY.roa (raw, json)
Hash identifier:          DAVNHApbGflPu1pSl2KrRTguzWmq2zUGW0dSw+3gnZ8=
Subject key identifier:   20:1B:DF:A4:79:68:D2:78:41:9B:31:F1:40:B8:D2:46:92:36:05:26
Certificate issuer:       /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial:       019B7D5D1C80785D58482986B20BA60F703E
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/IBvfpHlo0nhBmzHxQLjSRpI2BSY.roa
Signing time:             Fri 02 Jan 2026 06:20:12 +0000
ROA not before:           Fri 02 Jan 2026 06:20:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     43978
IP address blocks:        193.24.48.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 12:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5d:1c:80:78:5d:58:48:29:86:b2:0b:a6:0f:70:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
        Validity
            Not Before: Jan  2 06:20:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=201bdfa47968d278419b31f140b8d24692360526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:db:bc:af:90:54:8c:05:6a:3e:15:2e:15:da:
                    34:9d:31:47:bb:cd:d9:f8:6d:f1:a9:33:d2:67:81:
                    7f:8d:36:03:ec:1c:2a:5d:9b:51:48:c4:ad:cb:5b:
                    c9:15:5c:e3:1d:4d:e6:0e:3c:7e:9d:b1:3d:18:94:
                    c3:59:68:98:b3:17:81:5c:3b:17:23:ad:0b:26:bc:
                    a8:50:ff:03:ad:34:b1:d3:bb:96:78:4c:76:99:4a:
                    42:c9:16:28:9e:e0:e2:e6:6f:0e:8e:05:36:e8:4b:
                    69:64:e6:73:ef:a2:b3:dc:6c:9a:b5:fe:63:54:b2:
                    7e:f9:3a:67:e7:f9:3c:47:bb:01:14:dd:3a:9c:2d:
                    7b:66:01:2e:cf:49:69:c0:75:ee:0a:09:cf:92:da:
                    13:a4:33:58:9d:a4:e9:ed:43:14:04:16:48:80:7c:
                    03:ce:05:f0:bd:a0:15:20:3a:f1:49:72:f6:99:4c:
                    a7:06:b9:31:29:a6:ac:2f:59:fc:e1:7c:84:1a:07:
                    40:64:8c:2a:5c:0d:89:ba:2b:a9:9f:ea:57:65:21:
                    f5:5e:1e:65:ef:d0:78:6d:92:cc:b0:02:40:b3:48:
                    27:39:09:b0:fb:f4:c2:a6:b1:8a:fc:10:87:a4:c5:
                    d2:be:04:3c:27:f1:31:40:40:ea:05:25:a4:fc:29:
                    56:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:1B:DF:A4:79:68:D2:78:41:9B:31:F1:40:B8:D2:46:92:36:05:26
            X509v3 Authority Key Identifier:
                keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/IBvfpHlo0nhBmzHxQLjSRpI2BSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         17:a4:03:1b:96:e2:27:13:75:5c:fd:db:3b:47:8d:22:ac:ae:
         4c:a2:08:7b:d2:6a:37:a6:0c:7b:91:68:b0:3c:d1:c9:21:d6:
         57:3d:8e:83:44:96:80:7e:67:25:8d:50:1f:e1:f6:b5:1c:cc:
         1e:f3:ca:d1:cc:b6:5b:57:7a:dc:a0:b8:5f:f7:ba:51:fe:55:
         33:a7:29:37:18:5c:57:91:a9:b0:23:51:c4:3e:c9:71:fc:67:
         53:ff:b2:7e:3f:c1:1c:58:a1:79:fc:88:d1:ba:78:6a:5a:39:
         dc:8b:2f:1e:27:f6:d1:8f:d4:73:25:c1:79:a0:c1:62:b0:81:
         dd:36:6c:93:fc:bc:10:ae:c3:ec:a5:33:6e:fb:2e:2c:01:55:
         28:db:ce:86:06:cb:66:e8:01:48:fe:c1:ac:b4:80:87:93:de:
         ed:de:34:f7:43:42:c0:99:a6:b3:d1:62:4a:52:43:3d:86:8f:
         27:24:b7:c4:76:02:12:53:51:1c:c3:59:2f:cc:82:e2:3d:1a:
         d5:2a:67:52:80:15:89:c3:a6:2f:ec:20:6b:46:16:e1:64:3b:
         60:24:ef:f7:58:0d:b6:56:95:5b:44:46:f8:2a:a8:6d:fb:ea:
         84:87:73:5c:57:89:b2:c4:c4:fa:0a:1a:87:bf:fa:7e:0d:95:
         ea:51:6f:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9XRyAeF1YSCmGsgumD3A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjYwMTAyMDYyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFiZGZhNDc5NjhkMjc4NDE5YjMxZjE0MGI4ZDI0NjkyMzYwNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdu8r5BUjAVqPhUuFdo0nTFHu83Z
+G3xqTPSZ4F/jTYD7BwqXZtRSMSty1vJFVzjHU3mDjx+nbE9GJTDWWiYsxeBXDsX
I60LJryoUP8DrTSx07uWeEx2mUpCyRYonuDi5m8OjgU26EtpZOZz76Kz3Gyatf5j
VLJ++Tpn5/k8R7sBFN06nC17ZgEuz0lpwHXuCgnPktoTpDNYnaTp7UMUBBZIgHwD
zgXwvaAVIDrxSXL2mUynBrkxKaasL1n84XyEGgdAZIwqXA2Juiupn+pXZSH1Xh5l
79B4bZLMsAJAs0gnOQmw+/TCprGK/BCHpMXSvgQ8J/ExQEDqBSWk/ClWZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAb36R5aNJ4QZsx8UC40kaSNgUmMB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvSUJ2ZnBIbG8wbmhCbXpIeFFMalNScEkyQlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRgwMA0G
CSqGSIb3DQEBCwUAA4IBAQAXpAMbluInE3Vc/ds7R40irK5Mogh70mo3pgx7kWiw
PNHJIdZXPY6DRJaAfmcljVAf4fa1HMwe88rRzLZbV3rcoLhf97pR/lUzpyk3GFxX
kamwI1HEPslx/GdT/7J+P8EcWKF5/IjRunhqWjnciy8eJ/bRj9RzJcF5oMFisIHd
NmyT/LwQrsPspTNu+y4sAVUo286GBstm6AFI/sGstICHk97t3jT3Q0LAmaaz0WJK
UkM9ho8nJLfEdgISU1Ecw1kvzILiPRrVKmdSgBWJw6Yv7CBrRhbhZDtgJO/3WA22
VpVbREb4Kqht++qEh3NcV4myxMT6ChqHv/p+DZXqUW9v
-----END CERTIFICATE-----