This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sS_UHeUEE1bG8lqV-4ENMhHX4pE.roa
File:                     sS_UHeUEE1bG8lqV-4ENMhHX4pE.roa (raw, json)
Hash identifier:          h0xRztEUcz9zUfAm4cu8aNDIb7qmSYvG8Z0+xJBjrdY=
Subject key identifier:   B1:2F:D4:1D:E5:04:13:56:C6:F2:5A:95:FB:81:0D:32:11:D7:E2:91
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       019B7A5AC49E1E524A6BA48EA29AE632949D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sS_UHeUEE1bG8lqV-4ENMhHX4pE.roa
Signing time:             Thu 01 Jan 2026 16:18:47 +0000
ROA not before:           Thu 01 Jan 2026 16:18:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211167
IP address blocks:        82.153.247.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5a:c4:9e:1e:52:4a:6b:a4:8e:a2:9a:e6:32:94:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  1 16:18:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b12fd41de5041356c6f25a95fb810d3211d7e291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:36:de:45:8a:b0:f9:7a:0f:ae:69:61:7f:0c:
                    97:bd:6a:50:3b:8e:80:5b:7a:50:11:6f:8a:48:27:
                    36:a6:1d:ac:3e:1f:25:52:e9:86:33:c6:05:aa:f4:
                    df:15:a1:2f:df:25:bd:c4:a2:14:fa:b8:0d:63:a7:
                    7d:74:62:98:ee:ba:28:63:b8:00:58:cb:1b:fb:c5:
                    bf:73:6b:68:da:35:ca:1e:06:31:12:de:6e:ab:60:
                    0d:c3:89:75:6f:be:f9:b9:77:25:d4:04:8b:26:ad:
                    32:75:15:ab:a7:de:a7:95:e8:e3:e5:0e:21:d0:15:
                    d9:4a:23:be:fb:70:80:78:db:2a:27:01:2d:25:92:
                    8f:55:8a:04:fb:be:d5:00:6d:94:77:dd:ab:ed:60:
                    0c:8a:40:85:95:dd:73:57:b8:72:37:de:f3:3b:8c:
                    bf:f0:bc:6b:52:28:46:e2:aa:bf:ee:16:82:8c:8f:
                    63:78:92:62:85:b7:e9:f6:38:40:05:a9:e0:54:6f:
                    c6:25:52:b3:1b:79:82:ac:f0:c8:4b:e9:bd:71:b2:
                    8a:05:b5:22:e4:df:a6:8c:88:1f:ce:dc:f2:a7:0c:
                    0b:2e:20:5f:4b:9e:be:96:c9:bd:29:57:ed:55:09:
                    03:86:a2:b9:d4:7c:94:89:c1:e1:5d:80:7c:67:e8:
                    4f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:2F:D4:1D:E5:04:13:56:C6:F2:5A:95:FB:81:0D:32:11:D7:E2:91
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sS_UHeUEE1bG8lqV-4ENMhHX4pE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:7e:ea:1f:54:98:00:06:2c:6d:a6:70:77:d7:c8:1d:c0:6b:
         fc:f0:e3:58:a6:ef:1f:1b:e6:9f:af:6a:9e:5d:31:fe:88:3f:
         74:42:2f:70:29:d7:5c:39:65:2e:8b:ff:6f:6c:49:3d:3e:e5:
         fb:7c:f8:77:83:7d:32:8c:69:65:01:49:26:3a:9a:0b:a8:67:
         c4:aa:fb:c4:a4:ca:31:1b:15:c2:12:24:f9:b6:f1:32:61:12:
         90:2e:99:06:9d:4b:a3:64:0b:6c:3c:2f:b8:f2:77:10:98:5d:
         f8:5c:a2:69:4c:cf:05:4e:00:81:d3:49:40:c7:55:f5:38:f8:
         22:b1:c0:18:85:a8:9a:cf:cf:4e:5e:e9:5b:ee:9f:0a:fb:43:
         2f:2a:14:74:79:93:9a:6c:e7:3b:79:28:99:2d:0f:c9:f6:96:
         01:17:fc:e9:6a:98:a9:ec:e7:ef:84:ea:a8:85:97:48:1c:93:
         1c:cb:bd:ba:3f:cb:e7:65:5a:e3:74:24:45:e3:4c:be:d0:c7:
         fb:14:ad:2f:1d:72:63:db:8a:51:fa:9a:8a:b9:95:5c:71:21:
         52:f2:5d:e2:f6:4e:3c:ad:40:ac:4e:5e:11:c8:eb:fc:ba:49:
         78:b3:b7:21:6b:27:19:d5:c6:18:20:95:10:45:1d:f7:5b:18:
         8f:a8:79:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6WsSeHlJKa6SOoprmMpSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMTAxMTYxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJmZDQxZGU1MDQxMzU2YzZmMjVhOTVmYjgxMGQzMjExZDdlMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jbeRYqw+XoPrmlhfwyXvWpQO46A
W3pQEW+KSCc2ph2sPh8lUumGM8YFqvTfFaEv3yW9xKIU+rgNY6d9dGKY7rooY7gA
WMsb+8W/c2to2jXKHgYxEt5uq2ANw4l1b775uXcl1ASLJq0ydRWrp96nlejj5Q4h
0BXZSiO++3CAeNsqJwEtJZKPVYoE+77VAG2Ud92r7WAMikCFld1zV7hyN97zO4y/
8LxrUihG4qq/7haCjI9jeJJihbfp9jhABangVG/GJVKzG3mCrPDIS+m9cbKKBbUi
5N+mjIgfztzypwwLLiBfS56+lsm9KVftVQkDhqK51HyUicHhXYB8Z+hPEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEv1B3lBBNWxvJalfuBDTIR1+KRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc1NfVUhlVUVFMWJHOGxxVi00RU5NaEhYNHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn3MA0G
CSqGSIb3DQEBCwUAA4IBAQCjfuofVJgABixtpnB318gdwGv88ONYpu8fG+afr2qe
XTH+iD90Qi9wKddcOWUui/9vbEk9PuX7fPh3g30yjGllAUkmOpoLqGfEqvvEpMox
GxXCEiT5tvEyYRKQLpkGnUujZAtsPC+48ncQmF34XKJpTM8FTgCB00lAx1X1OPgi
scAYhaiaz89OXulb7p8K+0MvKhR0eZOabOc7eSiZLQ/J9pYBF/zpapip7OfvhOqo
hZdIHJMcy726P8vnZVrjdCRF40y+0Mf7FK0vHXJj24pR+pqKuZVccSFS8l3i9k48
rUCsTl4RyOv8ukl4s7chaycZ1cYYIJUQRR33WxiPqHlI
-----END CERTIFICATE-----