This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o7BL4LykyXmGURIpmo0YP3cj_KE.roa
File:                     o7BL4LykyXmGURIpmo0YP3cj_KE.roa (raw, json)
Hash identifier:          6tWthRc5JH3gbdkZ1DbX8VfKFgDkKkzq3etRwobTwWg=
Subject key identifier:   A3:B0:4B:E0:BC:A4:C9:79:86:51:12:29:9A:8D:18:3F:77:23:FC:A1
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       019BD690A96E7DD20CE44CE65B35A766E173
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o7BL4LykyXmGURIpmo0YP3cj_KE.roa
Signing time:             Mon 19 Jan 2026 14:02:43 +0000
ROA not before:           Mon 19 Jan 2026 14:02:43 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     135682
IP address blocks:        151.242.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 21:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:d6:90:a9:6e:7d:d2:0c:e4:4c:e6:5b:35:a7:66:e1:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: Jan 19 14:02:43 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a3b04be0bca4c979865112299a8d183f7723fca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:32:a9:80:c9:a0:cb:b8:c2:f6:5b:78:58:a3:
                    13:f2:f5:51:05:65:f4:09:b4:15:13:32:b9:11:c4:
                    b8:fb:0f:f9:80:78:86:88:1f:c2:b0:16:f9:c3:5f:
                    98:cb:10:7e:76:f1:e9:22:13:cd:a0:4a:2a:3a:49:
                    89:2f:71:7b:3e:dd:e8:a8:69:59:9c:4f:6e:ea:46:
                    d3:27:2f:5e:ed:37:8e:45:a0:25:62:18:c5:e1:36:
                    cb:3d:a7:c4:02:33:20:50:a9:28:87:6b:87:57:5f:
                    0f:a5:a9:11:7a:8f:be:35:9a:f0:b2:ca:b6:01:97:
                    5e:7f:75:24:57:9f:71:43:a7:27:b5:18:96:a9:90:
                    97:57:e8:2a:26:74:23:a9:dc:b0:15:94:c6:02:13:
                    87:d5:55:0c:34:53:07:94:35:06:c1:f2:39:e5:90:
                    2e:68:f4:59:d1:4b:c2:f1:95:f0:65:16:1c:94:16:
                    bc:70:5e:f3:f4:2f:3c:cf:1c:e8:81:f1:96:f6:47:
                    d9:cc:a1:97:f7:08:6a:33:8e:f8:90:d2:ae:da:48:
                    48:dd:40:c8:30:49:0f:f7:d8:2e:0f:8b:2f:a6:15:
                    9b:f0:24:dc:90:ed:23:e9:34:df:88:b0:a4:00:03:
                    01:30:e9:cb:80:57:bb:b3:d6:c3:78:f9:6f:5b:9a:
                    bd:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:B0:4B:E0:BC:A4:C9:79:86:51:12:29:9A:8D:18:3F:77:23:FC:A1
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o7BL4LykyXmGURIpmo0YP3cj_KE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.242.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:19:3b:63:23:c7:c3:99:09:69:f0:a3:54:4f:2e:2a:d3:fe:
         c1:35:32:26:6a:b7:84:93:9a:c7:b7:24:52:0b:60:7b:92:5b:
         fb:cf:7d:68:df:f8:9d:bd:6b:79:a3:1a:99:f3:d2:7f:2f:29:
         14:99:cf:cb:0b:5f:27:a7:87:3a:88:a3:b8:9a:bd:90:07:96:
         6d:6f:12:64:70:ac:2e:9d:e3:00:bb:e7:21:c9:1c:87:72:22:
         6c:58:6a:02:19:bd:6e:6b:e4:47:ad:62:a9:48:98:34:b0:bb:
         2d:ec:13:3e:bf:fa:77:66:1c:d2:95:be:63:86:1b:e5:da:31:
         3a:6b:1b:a2:36:a2:6e:f9:e4:93:a4:cc:e3:51:3e:3b:12:9c:
         5b:8c:ed:ca:2f:fc:d8:de:25:6d:29:2b:61:55:a9:98:17:b8:
         c9:8b:f7:c3:90:72:ac:64:ee:76:87:8a:7f:6c:2b:54:6f:b5:
         e0:12:b4:e5:c8:cb:d9:af:c6:3c:15:69:e0:fa:72:a1:ce:7f:
         76:2b:77:ed:1d:ca:a7:b3:7b:08:50:8e:9a:7a:52:3e:fd:4e:
         a2:8a:8f:43:46:fd:aa:09:40:65:0a:74:f6:76:9c:0b:9b:4e:
         5e:75:a6:cf:0b:d6:40:ea:3e:f7:87:e8:03:64:31:5d:6e:8d:
         c2:a3:43:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvWkKlufdIM5EzmWzWnZuFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMTE5MTQwMjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IwNGJlMGJjYTRjOTc5ODY1MTEyMjk5YThkMTgzZjc3MjNmY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDKpgMmgy7jC9lt4WKMT8vVRBWX0
CbQVEzK5EcS4+w/5gHiGiB/CsBb5w1+YyxB+dvHpIhPNoEoqOkmJL3F7Pt3oqGlZ
nE9u6kbTJy9e7TeORaAlYhjF4TbLPafEAjMgUKkoh2uHV18PpakReo++NZrwssq2
AZdef3UkV59xQ6cntRiWqZCXV+gqJnQjqdywFZTGAhOH1VUMNFMHlDUGwfI55ZAu
aPRZ0UvC8ZXwZRYclBa8cF7z9C88zxzogfGW9kfZzKGX9whqM474kNKu2khI3UDI
MEkP99guD4svphWb8CTckO0j6TTfiLCkAAMBMOnLgFe7s9bDePlvW5q9tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOwS+C8pMl5hlESKZqNGD93I/yhMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbzdCTDRMeWt5WG1HVVJJcG1vMFlQM2NqX0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/IlMA0G
CSqGSIb3DQEBCwUAA4IBAQCZGTtjI8fDmQlp8KNUTy4q0/7BNTImareEk5rHtyRS
C2B7klv7z31o3/idvWt5oxqZ89J/LykUmc/LC18np4c6iKO4mr2QB5ZtbxJkcKwu
neMAu+chyRyHciJsWGoCGb1ua+RHrWKpSJg0sLst7BM+v/p3ZhzSlb5jhhvl2jE6
axuiNqJu+eSTpMzjUT47EpxbjO3KL/zY3iVtKSthVamYF7jJi/fDkHKsZO52h4p/
bCtUb7XgErTlyMvZr8Y8FWng+nKhzn92K3ftHcqns3sIUI6aelI+/U6iio9DRv2q
CUBlCnT2dpwLm05edabPC9ZA6j73h+gDZDFdbo3Co0Nm
-----END CERTIFICATE-----