This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/oSMc-gVdAcGmM17-cDlZPH9blmI.roa
File:                     oSMc-gVdAcGmM17-cDlZPH9blmI.roa (raw, json)
Hash identifier:          PebuQ28RFRg9g4GiMnCCfXwdRrWcMLRNqX67bxRrUgw=
Subject key identifier:   A1:23:1C:FA:05:5D:01:C1:A6:33:5E:FE:70:39:59:3C:7F:5B:96:62
Certificate issuer:       /CN=bc63a36d5c80651a89a76906c9e3402fb34568da
Certificate serial:       019B7BA4D70B121C3F68416FDB0C9AEB5A40
Authority key identifier: BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/oSMc-gVdAcGmM17-cDlZPH9blmI.roa
Signing time:             Thu 01 Jan 2026 22:19:18 +0000
ROA not before:           Thu 01 Jan 2026 22:19:18 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     1267
IP address blocks:        185.145.101.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:d7:0b:12:1c:3f:68:41:6f:db:0c:9a:eb:5a:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc63a36d5c80651a89a76906c9e3402fb34568da
        Validity
            Not Before: Jan  1 22:19:18 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a1231cfa055d01c1a6335efe7039593c7f5b9662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:92:85:3b:fc:ae:e5:36:05:fe:a3:a4:86:ae:
                    13:52:63:e9:2b:96:39:b6:be:f0:e2:d0:69:f0:ff:
                    05:4e:31:c9:98:6f:7d:39:67:ff:34:9d:ea:4e:59:
                    bc:d5:b5:a4:c0:a2:52:36:82:87:9f:b4:67:5d:dd:
                    2f:9d:3b:d5:95:d0:8d:16:83:66:2b:80:4f:3b:81:
                    f6:e8:ca:88:d2:7c:bc:f4:e4:71:52:83:db:35:a0:
                    46:5f:e1:0a:a6:03:26:81:f1:f3:5b:78:6f:fa:52:
                    e1:16:11:33:3c:6b:18:11:96:ec:f2:ca:64:a9:87:
                    ec:89:74:3e:1b:57:11:3b:3d:7b:33:18:0c:40:e5:
                    ee:f3:62:b6:c1:66:0a:13:7b:f3:4e:c1:19:1f:1e:
                    ff:4b:99:c9:42:1d:19:43:50:9d:e3:58:23:c0:51:
                    c3:92:2e:3a:9a:4f:d7:73:de:b7:42:2a:8c:2e:76:
                    26:1c:9a:b8:b9:24:26:e1:98:91:03:56:6b:99:78:
                    65:56:28:28:b6:af:6f:97:6e:18:b2:7a:d4:23:13:
                    06:b1:16:d1:f4:57:a6:a3:c7:20:73:6e:ac:44:c4:
                    f9:3c:6f:25:c9:56:d9:f4:f4:52:46:ad:eb:02:f5:
                    41:d0:9d:65:0f:00:35:c2:ad:e1:f8:36:1f:db:98:
                    03:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:23:1C:FA:05:5D:01:C1:A6:33:5E:FE:70:39:59:3C:7F:5B:96:62
            X509v3 Authority Key Identifier:
                keyid:BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/oSMc-gVdAcGmM17-cDlZPH9blmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:1a:4e:a2:7e:ae:54:bf:03:6f:d7:31:89:75:0a:32:68:3d:
         13:5e:1f:98:0e:c4:de:32:a4:a1:25:9c:72:36:38:6f:49:ef:
         2c:f3:b9:29:c7:66:9e:75:cd:eb:1f:b8:c1:f2:1e:37:15:6b:
         3d:8e:f0:b8:b9:e7:e1:48:76:8c:76:5b:d2:c2:43:7e:84:18:
         a0:d7:e7:13:d2:31:c5:40:de:00:df:96:2a:7c:69:8b:d3:6f:
         50:b4:7e:81:6e:f2:b9:e9:b6:6d:7a:cd:c6:db:a3:f9:06:25:
         2a:e6:70:4d:12:a9:1e:99:15:6d:59:a4:97:ef:14:60:7c:ce:
         07:05:89:1e:fd:9b:b4:d2:f8:b8:22:5b:25:ff:44:17:bf:48:
         5a:6d:3d:dc:b5:cf:46:56:3b:03:4d:f2:f3:55:79:e7:55:f7:
         c0:2b:df:e6:7f:6c:34:b0:0e:83:cd:21:ec:b2:1a:a7:ec:97:
         7b:27:c4:cf:fe:60:3e:f1:3f:97:6c:72:2c:a2:8c:29:f5:97:
         d9:41:15:23:c9:4e:4a:d6:d9:be:21:5b:ad:c0:0c:1f:10:23:
         82:ba:f0:37:10:f3:ec:cc:7f:3c:46:25:f7:b7:a5:88:f4:e0:
         fe:50:93:e9:09:d7:b5:3f:3f:fc:18:f6:4b:d3:98:cd:6a:ae:
         79:4d:7e:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pNcLEhw/aEFv2wya61pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjNhMzZkNWM4MDY1MWE4OWE3NjkwNmM5ZTM0MDJmYjM0
NTY4ZGEwHhcNMjYwMTAxMjIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIzMWNmYTA1NWQwMWMxYTYzMzVlZmU3MDM5NTkzYzdmNWI5NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZKFO/yu5TYF/qOkhq4TUmPpK5Y5
tr7w4tBp8P8FTjHJmG99OWf/NJ3qTlm81bWkwKJSNoKHn7RnXd0vnTvVldCNFoNm
K4BPO4H26MqI0ny89ORxUoPbNaBGX+EKpgMmgfHzW3hv+lLhFhEzPGsYEZbs8spk
qYfsiXQ+G1cROz17MxgMQOXu82K2wWYKE3vzTsEZHx7/S5nJQh0ZQ1Cd41gjwFHD
ki46mk/Xc963QiqMLnYmHJq4uSQm4ZiRA1ZrmXhlVigotq9vl24YsnrUIxMGsRbR
9Femo8cgc26sRMT5PG8lyVbZ9PRSRq3rAvVB0J1lDwA1wq3h+DYf25gDqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEjHPoFXQHBpjNe/nA5WTx/W5ZiMB8GA1UdIwQY
MBaAFLxjo21cgGUaiadpBsnjQC+zRWjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAt
NGUzYjIwZWMxNmEzLzEvb1NNYy1nVmRBY0dtTTE3LWNEbFpQSDlibG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAtNGUzYjIwZWMxNmEz
LzEvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZFlMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Gk6ifq5UvwNv1zGJdQoyaD0TXh+YDsTeMqShJZxy
NjhvSe8s87kpx2aedc3rH7jB8h43FWs9jvC4uefhSHaMdlvSwkN+hBig1+cT0jHF
QN4A35YqfGmL029QtH6BbvK56bZtes3G26P5BiUq5nBNEqkemRVtWaSX7xRgfM4H
BYke/Zu00vi4Ilsl/0QXv0habT3ctc9GVjsDTfLzVXnnVffAK9/mf2w0sA6DzSHs
shqn7Jd7J8TP/mA+8T+XbHIsoowp9ZfZQRUjyU5K1tm+IVutwAwfECOCuvA3EPPs
zH88RiX3t6WI9OD+UJPpCde1Pz/8GPZL05jNaq55TX6l
-----END CERTIFICATE-----