This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/jl2G_Du7vY1XFmIxGhvnvFEWvcE.roa
File:                     jl2G_Du7vY1XFmIxGhvnvFEWvcE.roa (raw, json)
Hash identifier:          RFk3rcVrZLSmQvBNuxyGLTQ7ZkOHCUZDzMm3yZpbe5c=
Subject key identifier:   8E:5D:86:FC:3B:BB:BD:8D:57:16:62:31:1A:1B:E7:BC:51:16:BD:C1
Certificate issuer:       /CN=e0cde2c1fce3d6fe2185347dd89dcfd13ebbb151
Certificate serial:       019B76EB052619F9252400574AD2F92B2A79
Authority key identifier: E0:CD:E2:C1:FC:E3:D6:FE:21:85:34:7D:D8:9D:CF:D1:3E:BB:B1:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4M3iwfzj1v4hhTR92J3P0T67sVE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/jl2G_Du7vY1XFmIxGhvnvFEWvcE.roa
Signing time:             Thu 01 Jan 2026 00:17:52 +0000
ROA not before:           Thu 01 Jan 2026 00:17:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     47123
IP address blocks:        185.141.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/4M3iwfzj1v4hhTR92J3P0T67sVE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/4M3iwfzj1v4hhTR92J3P0T67sVE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4M3iwfzj1v4hhTR92J3P0T67sVE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:05:26:19:f9:25:24:00:57:4a:d2:f9:2b:2a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0cde2c1fce3d6fe2185347dd89dcfd13ebbb151
        Validity
            Not Before: Jan  1 00:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8e5d86fc3bbbbd8d571662311a1be7bc5116bdc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4e:41:6c:d5:cb:84:9a:d0:0b:16:1b:5b:71:
                    c1:79:d4:3d:2d:5a:6a:7f:38:c3:7d:be:d4:1c:fa:
                    7c:5a:02:70:ee:0b:1e:be:dd:1c:d4:d8:00:86:89:
                    3b:fa:a7:13:4b:12:85:f7:36:42:f7:d0:7c:b0:39:
                    bc:29:96:1f:2a:90:b1:15:7f:0e:74:a5:0d:41:18:
                    88:15:bf:c8:55:b6:ae:f5:e5:43:2f:fd:1c:85:d2:
                    30:35:ed:b5:7a:a3:1f:1b:5e:65:09:90:b2:72:1d:
                    12:9a:3d:26:8a:18:c1:7b:00:f7:73:47:f4:a8:7d:
                    5e:0a:a3:97:2c:f7:a7:d0:a6:cf:88:62:fa:ec:5e:
                    30:ef:8e:63:e9:5c:47:39:30:9a:a7:28:9a:79:ff:
                    45:61:d4:fd:1c:d0:51:cc:0f:5c:91:b7:86:ab:df:
                    34:4d:6b:9d:12:76:98:21:c2:01:05:3d:52:f2:3b:
                    96:08:41:59:84:c3:06:7e:f3:3b:4f:60:1c:49:56:
                    24:59:27:69:3b:49:fa:e0:2d:f6:e2:89:d6:e9:04:
                    77:02:d8:be:ae:ed:8e:00:53:ce:50:aa:d3:80:ff:
                    ce:65:3b:85:53:92:ac:3a:24:3f:1b:02:2d:eb:ff:
                    53:d9:d4:e4:87:e8:e6:c8:ae:21:6e:38:8f:cb:5e:
                    40:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5D:86:FC:3B:BB:BD:8D:57:16:62:31:1A:1B:E7:BC:51:16:BD:C1
            X509v3 Authority Key Identifier:
                keyid:E0:CD:E2:C1:FC:E3:D6:FE:21:85:34:7D:D8:9D:CF:D1:3E:BB:B1:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4M3iwfzj1v4hhTR92J3P0T67sVE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/jl2G_Du7vY1XFmIxGhvnvFEWvcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/4M3iwfzj1v4hhTR92J3P0T67sVE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.141.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:25:93:8a:10:0b:0a:50:79:34:80:6c:84:6c:d6:46:73:96:
         c6:f9:04:65:bf:cf:b0:a8:87:f3:b3:be:3c:43:29:aa:99:07:
         b4:f5:5f:41:af:e9:58:ff:d6:fc:19:b9:a6:03:92:88:94:2e:
         c1:8e:a1:fe:3e:d6:4a:bc:ab:27:63:c8:4e:77:97:19:3e:86:
         01:d5:d2:b1:60:9a:01:3e:42:3a:34:eb:50:de:d2:f2:e1:60:
         17:cd:fe:cd:bf:46:51:fe:a0:9d:56:1c:06:b0:03:77:1e:4d:
         26:03:ef:2e:3f:60:ee:80:bc:c4:f6:f8:e4:6d:f9:77:93:96:
         9c:2b:9f:dd:c7:d5:02:04:dc:40:48:44:12:17:ce:8b:90:6e:
         68:bd:61:b3:e7:c3:92:e0:20:ea:bb:96:11:97:0e:ec:ab:05:
         09:88:48:64:d7:c8:2e:6f:1a:d6:54:8b:9c:21:29:1d:7f:ff:
         db:30:7e:71:09:06:d2:74:f9:ad:7a:00:6a:3a:16:25:80:0d:
         56:2f:53:42:bd:de:f5:44:6e:a7:ef:15:23:9d:22:27:0c:7b:
         7d:6a:20:91:97:50:ed:77:f3:15:da:d7:c9:95:d5:69:15:9f:
         10:f1:58:5e:9c:a0:cd:51:dc:3e:54:61:85:7c:d9:fc:a2:6e:
         e6:de:46:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26wUmGfklJABXStL5Kyp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwY2RlMmMxZmNlM2Q2ZmUyMTg1MzQ3ZGQ4OWRjZmQxM2Vi
YmIxNTEwHhcNMjYwMTAxMDAxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVkODZmYzNiYmJiZDhkNTcxNjYyMzExYTFiZTdiYzUxMTZiZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE5BbNXLhJrQCxYbW3HBedQ9LVpq
fzjDfb7UHPp8WgJw7gsevt0c1NgAhok7+qcTSxKF9zZC99B8sDm8KZYfKpCxFX8O
dKUNQRiIFb/IVbau9eVDL/0chdIwNe21eqMfG15lCZCych0Smj0mihjBewD3c0f0
qH1eCqOXLPen0KbPiGL67F4w745j6VxHOTCapyiaef9FYdT9HNBRzA9ckbeGq980
TWudEnaYIcIBBT1S8juWCEFZhMMGfvM7T2AcSVYkWSdpO0n64C324onW6QR3Ati+
ru2OAFPOUKrTgP/OZTuFU5KsOiQ/GwIt6/9T2dTkh+jmyK4hbjiPy15AhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5dhvw7u72NVxZiMRob57xRFr3BMB8GA1UdIwQY
MBaAFODN4sH849b+IYU0fdidz9E+u7FRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE0zaXdmemoxdjRoaFRSOTJKM1AwVDY3c1ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lY2RkOTMtMWFhMC00YjlhLWI2YWEt
ZWNiMzEyNmZjOGVkLzEvamwyR19EdTd2WTFYRm1JeEdodm52RkVXdmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lY2RkOTMtMWFhMC00YjlhLWI2YWEtZWNiMzEyNmZjOGVk
LzEvNE0zaXdmemoxdjRoaFRSOTJKM1AwVDY3c1ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY1vMA0G
CSqGSIb3DQEBCwUAA4IBAQB0JZOKEAsKUHk0gGyEbNZGc5bG+QRlv8+wqIfzs748
QymqmQe09V9Br+lY/9b8GbmmA5KIlC7BjqH+PtZKvKsnY8hOd5cZPoYB1dKxYJoB
PkI6NOtQ3tLy4WAXzf7Nv0ZR/qCdVhwGsAN3Hk0mA+8uP2DugLzE9vjkbfl3k5ac
K5/dx9UCBNxASEQSF86LkG5ovWGz58OS4CDqu5YRlw7sqwUJiEhk18gubxrWVIuc
ISkdf//bMH5xCQbSdPmtegBqOhYlgA1WL1NCvd71RG6n7xUjnSInDHt9aiCRl1Dt
d/MV2tfJldVpFZ8Q8VhenKDNUdw+VGGFfNn8om7m3kZx
-----END CERTIFICATE-----