This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/627RCQbVfaSLEpbqf1uOyStuItI.roa
File:                     627RCQbVfaSLEpbqf1uOyStuItI.roa (raw, json)
Hash identifier:          2YbdBYQ9z8cknHKKXmc5SgbkxXPdynVrnlyUa/TP6wk=
Subject key identifier:   EB:6E:D1:09:06:D5:7D:A4:8B:12:96:EA:7F:5B:8E:C9:2B:6E:22:D2
Certificate issuer:       /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial:       019B7B36A544435F7A35CE3B619A05203683
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/627RCQbVfaSLEpbqf1uOyStuItI.roa
Signing time:             Thu 01 Jan 2026 20:18:57 +0000
ROA not before:           Thu 01 Jan 2026 20:18:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     17558
IP address blocks:        57.197.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:a5:44:43:5f:7a:35:ce:3b:61:9a:05:20:36:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
        Validity
            Not Before: Jan  1 20:18:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=eb6ed10906d57da48b1296ea7f5b8ec92b6e22d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ba:af:bf:7f:b4:57:54:50:e5:64:4f:ea:51:
                    14:d9:d7:32:20:12:77:89:15:90:6e:9d:9a:c5:e0:
                    bf:94:df:1b:64:9c:3e:1b:99:61:63:90:1c:74:c6:
                    13:31:7a:69:b0:cc:69:69:97:02:8f:77:8b:9b:53:
                    bc:f7:81:91:a0:39:c2:3c:67:b0:5d:c0:fe:2e:fe:
                    e5:cf:31:32:5c:0c:c9:12:83:58:98:3c:24:9e:4f:
                    51:f1:be:1f:2a:14:84:22:b7:98:ca:4e:e0:2b:52:
                    8e:fe:71:00:2c:a5:3d:4d:d1:f2:66:8d:04:1b:b4:
                    af:80:db:ff:2a:53:b0:e7:6b:7c:93:30:d3:f8:d0:
                    21:f2:cc:f3:1a:81:fc:fe:be:d9:7b:07:12:12:16:
                    5d:9d:f6:f5:e9:07:c9:f4:74:3b:ec:f5:a1:b6:d9:
                    4d:1e:e8:c5:d2:31:66:2b:33:a4:db:f3:fc:7f:f2:
                    1e:60:bf:6e:ab:d2:9a:f9:f7:1a:cb:c4:2a:37:0e:
                    61:7a:b3:1e:85:85:f3:f4:22:69:83:da:b0:42:58:
                    46:52:ab:11:bf:d2:7a:62:c4:a9:7b:d0:ad:ae:98:
                    14:35:b8:0a:81:59:a1:e6:09:42:e3:c4:fc:8c:4d:
                    14:a1:8a:1b:12:7f:91:70:2b:5a:7b:08:29:b7:e7:
                    10:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:6E:D1:09:06:D5:7D:A4:8B:12:96:EA:7F:5B:8E:C9:2B:6E:22:D2
            X509v3 Authority Key Identifier:
                keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/627RCQbVfaSLEpbqf1uOyStuItI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.197.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         37:cf:ab:41:41:f6:3d:4c:25:2e:ce:54:fb:10:13:36:8d:82:
         24:e1:d5:ab:99:35:90:e6:f1:ce:bd:08:21:78:e7:5c:08:76:
         3e:04:f1:1b:51:7a:c6:b0:1d:41:a7:2f:48:a2:64:c8:af:43:
         08:8e:f3:e9:d6:33:59:5f:be:6c:08:3b:88:f6:79:b4:01:be:
         f4:e4:df:b0:0a:33:4c:4a:aa:d8:a9:21:e0:1a:fb:1c:4e:ed:
         08:49:bf:a2:25:6b:5a:d4:e9:e8:3e:d8:e5:77:bf:ad:91:94:
         30:3d:d6:b1:3d:0b:10:a7:39:76:24:ae:f0:37:a8:a1:a0:12:
         2f:ff:66:82:cf:fd:87:6e:6a:cb:16:5d:4d:b3:3b:84:22:4d:
         39:74:05:60:0b:96:44:3d:80:47:11:f8:ed:06:d1:70:68:2f:
         9d:90:69:90:5e:5f:2f:70:fc:87:c0:8b:08:46:cf:53:65:3e:
         1f:4e:74:10:66:48:e8:aa:14:d4:16:1d:f0:00:60:55:38:a3:
         a2:5f:9f:89:87:b7:d4:94:fe:f8:6a:3b:ac:7f:14:8e:73:75:
         1a:d7:d2:b6:b4:58:e0:f2:e8:ed:41:58:bd:7a:46:2c:ac:df:
         fb:bf:e4:23:c7:90:df:56:2a:3c:02:14:27:49:e7:a9:70:c7:
         7d:3f:92:25
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZt7NqVEQ196Nc47YZoFIDaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjYwMTAxMjAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZlZDEwOTA2ZDU3ZGE0OGIxMjk2ZWE3ZjViOGVjOTJiNmUyMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7qvv3+0V1RQ5WRP6lEU2dcyIBJ3
iRWQbp2axeC/lN8bZJw+G5lhY5AcdMYTMXppsMxpaZcCj3eLm1O894GRoDnCPGew
XcD+Lv7lzzEyXAzJEoNYmDwknk9R8b4fKhSEIreYyk7gK1KO/nEALKU9TdHyZo0E
G7SvgNv/KlOw52t8kzDT+NAh8szzGoH8/r7ZewcSEhZdnfb16QfJ9HQ77PWhttlN
HujF0jFmKzOk2/P8f/IeYL9uq9Ka+fcay8QqNw5herMehYXz9CJpg9qwQlhGUqsR
v9J6YsSpe9CtrpgUNbgKgVmh5glC48T8jE0UoYobEn+RcCtaewgpt+cQOwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOtu0QkG1X2kixKW6n9bjskrbiLSMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvNjI3UkNRYlZmYVNMRXBicWYxdU95U3R1SXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAOcUwDQYJ
KoZIhvcNAQELBQADggEBADfPq0FB9j1MJS7OVPsQEzaNgiTh1auZNZDm8c69CCF4
51wIdj4E8RtResawHUGnL0iiZMivQwiO8+nWM1lfvmwIO4j2ebQBvvTk37AKM0xK
qtipIeAa+xxO7QhJv6Ila1rU6eg+2OV3v62RlDA91rE9CxCnOXYkrvA3qKGgEi//
ZoLP/YduassWXU2zO4QiTTl0BWALlkQ9gEcR+O0G0XBoL52QaZBeXy9w/IfAiwhG
z1NlPh9OdBBmSOiqFNQWHfAAYFU4o6Jfn4mHt9SU/vhqO6x/FI5zdRrX0ra0WODy
6O1BWL16Riys3/u/5CPHkN9WKjwCFCdJ56lwx30/kiU=
-----END CERTIFICATE-----