This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oQ-mWIGAV6kS6sM1GsvLDF-UaUs.roa
File:                     oQ-mWIGAV6kS6sM1GsvLDF-UaUs.roa (raw, json)
Hash identifier:          S2TKXDQLZ4LOfmrDCJ2E7Fl9zU8YXGT6etvRLyeEUDQ=
Subject key identifier:   A1:0F:A6:58:81:80:57:A9:12:EA:C3:35:1A:CB:CB:0C:5F:94:69:4B
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       019B77596AAC8AED50CDDC6F42697722488C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oQ-mWIGAV6kS6sM1GsvLDF-UaUs.roa
Signing time:             Thu 01 Jan 2026 02:18:27 +0000
ROA not before:           Thu 01 Jan 2026 02:18:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     62279
IP address blocks:        89.47.179.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:6a:ac:8a:ed:50:cd:dc:6f:42:69:77:22:48:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  1 02:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a10fa658818057a912eac3351acbcb0c5f94694b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ae:c7:e0:c3:9c:3b:be:f8:b2:9a:00:d8:1c:
                    c7:e0:56:2c:71:f5:ee:f6:18:9c:88:4c:7b:dc:8d:
                    f2:14:3a:a8:30:13:e3:a7:97:b9:66:0e:d8:07:0b:
                    7a:0b:b3:60:04:da:ff:28:c3:f3:7e:67:91:e7:74:
                    d7:a0:42:7e:95:02:09:e2:6e:eb:7a:ae:47:4e:de:
                    16:26:03:8e:c1:55:11:c3:dd:bb:4f:1e:28:21:2b:
                    9b:46:b4:d5:07:ce:b6:b8:9a:66:9b:f1:c6:1e:43:
                    6d:ec:b4:9a:89:f7:f4:49:d1:af:3f:04:5c:10:c3:
                    8c:50:5a:a2:98:0c:b4:b3:b1:46:52:a8:5e:79:a3:
                    b7:a1:65:3b:3e:42:3f:f9:f6:4a:36:11:15:10:b7:
                    ea:a8:63:2f:fa:99:5a:dd:ac:3e:ca:5f:c1:a8:f3:
                    6b:91:9d:3b:a7:d7:24:04:18:a9:dc:e9:cb:7c:99:
                    79:88:56:50:4c:cd:b2:6b:dd:af:26:13:df:02:eb:
                    b8:4e:4e:71:be:90:83:5d:de:87:cb:db:29:86:13:
                    38:7c:89:d5:ec:f3:1e:c4:9c:be:08:fa:18:9f:48:
                    e8:26:94:bd:3a:f0:ca:42:7d:26:1b:7a:23:6d:82:
                    31:d5:5b:b6:b4:88:0f:91:e8:74:33:d7:fd:55:8a:
                    8f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:0F:A6:58:81:80:57:A9:12:EA:C3:35:1A:CB:CB:0C:5F:94:69:4B
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oQ-mWIGAV6kS6sM1GsvLDF-UaUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:44:1d:fc:6f:32:a6:af:e3:e2:6e:ee:45:8b:b7:39:c1:ac:
         80:e7:e7:da:6e:3b:82:04:80:63:ac:35:c7:df:4f:d2:d3:79:
         44:43:ee:5f:2b:2d:63:77:05:f8:63:2c:08:86:34:d8:0d:8e:
         e8:2b:af:68:22:89:f8:9d:95:eb:ca:d8:1c:8e:87:30:9d:ef:
         28:3c:7d:2a:3b:47:0b:cd:b0:9f:f1:23:b4:e8:e3:10:7f:c6:
         9a:cf:10:30:2e:a7:f1:3e:50:e6:df:83:29:30:72:78:5a:a6:
         dc:d1:8e:71:61:bd:79:7b:82:37:b1:18:83:f2:c8:4b:24:a8:
         18:5e:70:ef:f5:27:45:81:7a:f2:9a:db:f3:06:22:06:20:df:
         7a:0c:7b:6d:74:e1:9c:5e:67:6a:f9:cc:41:d6:57:ec:fc:2e:
         5f:76:8b:2c:b7:72:f4:c9:1a:4d:e1:8a:f6:c3:76:a7:ac:2d:
         42:b3:e0:56:93:9e:16:5e:31:39:c6:4c:bd:e4:75:65:73:55:
         b0:39:5e:ad:58:b6:c0:12:a3:94:b4:84:13:12:6d:af:ef:39:
         96:22:58:c5:4c:10:b7:f8:16:5c:2e:db:d8:2d:dc:6b:eb:17:
         e6:bf:0b:ba:93:7d:37:0e:43:19:0a:96:4f:f6:82:5f:2d:cc:
         6c:b8:31:47
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZt3WWqsiu1QzdxvQml3IkiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjYwMTAxMDIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBmYTY1ODgxODA1N2E5MTJlYWMzMzUxYWNiY2IwYzVmOTQ2OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq7H4MOcO774spoA2BzH4FYscfXu
9hiciEx73I3yFDqoMBPjp5e5Zg7YBwt6C7NgBNr/KMPzfmeR53TXoEJ+lQIJ4m7r
eq5HTt4WJgOOwVURw927Tx4oISubRrTVB862uJpmm/HGHkNt7LSaiff0SdGvPwRc
EMOMUFqimAy0s7FGUqheeaO3oWU7PkI/+fZKNhEVELfqqGMv+pla3aw+yl/BqPNr
kZ07p9ckBBip3OnLfJl5iFZQTM2ya92vJhPfAuu4Tk5xvpCDXd6Hy9sphhM4fInV
7PMexJy+CPoYn0joJpS9OvDKQn0mG3ojbYIx1Vu2tIgPkeh0M9f9VYqP0QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKEPpliBgFepEurDNRrLywxflGlLMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL29RLW1XSUdBVjZrUzZzTTFHc3ZMREYtVWFVcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZL7Mw
DQYJKoZIhvcNAQELBQADggEBAOBEHfxvMqav4+Ju7kWLtznBrIDn59puO4IEgGOs
NcffT9LTeURD7l8rLWN3BfhjLAiGNNgNjugrr2giifidlevK2ByOhzCd7yg8fSo7
RwvNsJ/xI7To4xB/xprPEDAup/E+UObfgykwcnhaptzRjnFhvXl7gjexGIPyyEsk
qBhecO/1J0WBevKa2/MGIgYg33oMe2104ZxeZ2r5zEHWV+z8Ll92iyy3cvTJGk3h
ivbDdqesLUKz4FaTnhZeMTnGTL3kdWVzVbA5Xq1YtsASo5S0hBMSba/vOZYiWMVM
ELf4Flwu29gt3GvrF+a/C7qTfTcOQxkKlk/2gl8tzGy4MUc=
-----END CERTIFICATE-----