This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/ST3uG5_x_Xi7HFZdlAkfcX81mRI.roa
File:                     ST3uG5_x_Xi7HFZdlAkfcX81mRI.roa (raw, json)
Hash identifier:          ReEsi9I+1YpNYHpyu1ZDbwweylzt0AgbCV9BtlKZJTQ=
Subject key identifier:   49:3D:EE:1B:9F:F1:FD:78:BB:1C:56:5D:94:09:1F:71:7F:35:99:12
Certificate issuer:       /CN=6f074d2efb5f3e1d35c291f8a11c0bc0be7ec1b8
Certificate serial:       019B7BA4D46DC424A26C80C8952203475A67
Authority key identifier: 6F:07:4D:2E:FB:5F:3E:1D:35:C2:91:F8:A1:1C:0B:C0:BE:7E:C1:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwdNLvtfPh01wpH4oRwLwL5-wbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/ST3uG5_x_Xi7HFZdlAkfcX81mRI.roa
Signing time:             Thu 01 Jan 2026 22:19:18 +0000
ROA not before:           Thu 01 Jan 2026 22:19:18 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     965
IP address blocks:        193.108.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/bwdNLvtfPh01wpH4oRwLwL5-wbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/bwdNLvtfPh01wpH4oRwLwL5-wbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bwdNLvtfPh01wpH4oRwLwL5-wbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:d4:6d:c4:24:a2:6c:80:c8:95:22:03:47:5a:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f074d2efb5f3e1d35c291f8a11c0bc0be7ec1b8
        Validity
            Not Before: Jan  1 22:19:18 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=493dee1b9ff1fd78bb1c565d94091f717f359912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:6a:30:71:10:10:ef:9f:29:7c:07:5d:c7:80:
                    76:38:49:4f:ee:c4:78:9e:36:66:a7:e7:1a:f9:9d:
                    b8:59:44:b6:dc:1c:d3:97:40:14:60:4e:94:32:44:
                    cf:b3:dc:33:f3:2a:37:bc:ae:5c:50:35:67:51:f1:
                    13:62:4a:af:71:6c:84:8a:ca:09:64:5b:ea:59:e9:
                    78:5a:fb:d0:52:b8:0b:b1:2b:33:14:4e:f0:ff:ef:
                    7d:04:08:fe:20:bc:86:99:bf:a3:d3:b5:ca:db:cc:
                    34:e7:32:5f:ca:de:ad:4f:6d:b1:cc:72:35:88:4c:
                    4b:59:2e:6c:75:be:ac:5f:aa:cc:75:7d:ed:0b:a8:
                    1b:ab:f5:40:82:44:4d:31:87:19:01:90:6a:cb:de:
                    23:53:d1:ff:6b:85:91:cb:34:b6:70:20:0d:85:61:
                    1f:fd:17:7b:5f:ec:a1:c8:8d:85:ea:c9:95:93:9e:
                    54:0f:c1:4c:a1:f4:67:a5:b0:2b:3c:55:64:b4:bf:
                    dc:c5:fe:6d:b3:b8:8d:a2:c4:dd:5c:c1:0d:fb:55:
                    03:06:a6:5f:4a:f2:46:e9:83:43:ea:36:99:8d:8b:
                    54:79:e4:3f:4c:35:66:70:62:bd:c0:7c:58:bc:df:
                    8f:06:94:96:ff:d2:9c:de:bd:00:b4:f8:08:bc:63:
                    f3:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:3D:EE:1B:9F:F1:FD:78:BB:1C:56:5D:94:09:1F:71:7F:35:99:12
            X509v3 Authority Key Identifier:
                keyid:6F:07:4D:2E:FB:5F:3E:1D:35:C2:91:F8:A1:1C:0B:C0:BE:7E:C1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwdNLvtfPh01wpH4oRwLwL5-wbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/ST3uG5_x_Xi7HFZdlAkfcX81mRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b55ef1-ca63-4ca1-a659-f9720285e797/1/bwdNLvtfPh01wpH4oRwLwL5-wbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:aa:00:14:82:89:08:ec:8b:6a:4d:0f:61:6b:8e:6e:8d:10:
         c0:aa:68:ef:df:85:cf:94:20:af:e5:de:ea:0b:1e:7e:b9:ae:
         ca:55:8e:1d:5d:30:c2:06:be:74:39:10:91:73:5c:ab:d8:25:
         d8:6c:12:59:fc:ae:6e:42:02:cb:7e:d9:57:e2:2d:6c:f5:fe:
         46:f0:b7:80:9f:86:34:58:86:e3:a8:7b:fa:e4:b7:d6:f3:8f:
         70:8c:1f:e0:a4:70:9c:06:2c:f3:ea:06:e0:51:44:a1:56:bd:
         30:fd:ef:08:1d:63:2c:a8:6b:23:8b:2f:ab:10:c8:d3:ce:25:
         73:c4:87:df:68:1c:6d:1e:bd:40:fc:b3:4b:bb:b1:91:60:40:
         5a:d4:c7:b7:94:b0:4a:c6:e5:71:ea:d0:2f:08:7c:cb:d8:1b:
         94:ce:01:20:cb:a6:4b:e0:88:f9:5f:ac:fd:7d:d4:60:0d:93:
         1f:d8:61:b6:ca:0e:f8:37:f9:8f:7f:ad:d7:b4:0e:f2:57:b3:
         c3:47:06:83:4e:60:0f:b5:4e:98:6d:50:f3:fd:a8:2a:77:5f:
         7f:59:4b:60:ce:a8:4f:93:83:bd:d0:fc:d4:05:ae:b4:0d:df:
         77:11:03:4f:84:94:77:b2:94:4e:32:75:3a:3f:76:25:69:5c:
         07:6a:e1:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pNRtxCSibIDIlSIDR1pnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMDc0ZDJlZmI1ZjNlMWQzNWMyOTFmOGExMWMwYmMwYmU3
ZWMxYjgwHhcNMjYwMTAxMjIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNkZWUxYjlmZjFmZDc4YmIxYzU2NWQ5NDA5MWY3MTdmMzU5OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GowcRAQ758pfAddx4B2OElP7sR4
njZmp+ca+Z24WUS23BzTl0AUYE6UMkTPs9wz8yo3vK5cUDVnUfETYkqvcWyEisoJ
ZFvqWel4WvvQUrgLsSszFE7w/+99BAj+ILyGmb+j07XK28w05zJfyt6tT22xzHI1
iExLWS5sdb6sX6rMdX3tC6gbq/VAgkRNMYcZAZBqy94jU9H/a4WRyzS2cCANhWEf
/Rd7X+yhyI2F6smVk55UD8FMofRnpbArPFVktL/cxf5ts7iNosTdXMEN+1UDBqZf
SvJG6YND6jaZjYtUeeQ/TDVmcGK9wHxYvN+PBpSW/9Kc3r0AtPgIvGPz+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEk97huf8f14uxxWXZQJH3F/NZkSMB8GA1UdIwQY
MBaAFG8HTS77Xz4dNcKR+KEcC8C+fsG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndkTkx2dGZQaDAxd3BING9Sd0x3TDUtd2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iNTVlZjEtY2E2My00Y2ExLWE2NTkt
Zjk3MjAyODVlNzk3LzEvU1QzdUc1X3hfWGk3SEZaZGxBa2ZjWDgxbVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iNTVlZjEtY2E2My00Y2ExLWE2NTktZjk3MjAyODVlNzk3
LzEvYndkTkx2dGZQaDAxd3BING9Sd0x3TDUtd2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWyCMA0G
CSqGSIb3DQEBCwUAA4IBAQAxqgAUgokI7ItqTQ9ha45ujRDAqmjv34XPlCCv5d7q
Cx5+ua7KVY4dXTDCBr50ORCRc1yr2CXYbBJZ/K5uQgLLftlX4i1s9f5G8LeAn4Y0
WIbjqHv65LfW849wjB/gpHCcBizz6gbgUUShVr0w/e8IHWMsqGsjiy+rEMjTziVz
xIffaBxtHr1A/LNLu7GRYEBa1Me3lLBKxuVx6tAvCHzL2BuUzgEgy6ZL4Ij5X6z9
fdRgDZMf2GG2yg74N/mPf63XtA7yV7PDRwaDTmAPtU6YbVDz/agqd19/WUtgzqhP
k4O90PzUBa60Dd93EQNPhJR3spROMnU6P3YlaVwHauFL
-----END CERTIFICATE-----