This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AiMESex-sGpmCaVvoiukc2QeVoc.roa
File:                     AiMESex-sGpmCaVvoiukc2QeVoc.roa (raw, json)
Hash identifier:          vctn0Jk11pQQatQKTOEPXR4Kfwz0WgJsNMdGo5UEZ4Q=
Subject key identifier:   02:23:04:49:EC:7E:B0:6A:66:09:A5:6F:A2:2B:A4:73:64:1E:56:87
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019B2150A15C6CC8B035A6C4B4E00DD70409
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AiMESex-sGpmCaVvoiukc2QeVoc.roa
Signing time:             Mon 15 Dec 2025 09:21:30 +0000
ROA not before:           Mon 15 Dec 2025 09:21:30 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     64267
IP address blocks:        31.56.4.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Dec 2025 10:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:21:50:a1:5c:6c:c8:b0:35:a6:c4:b4:e0:0d:d7:04:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Dec 15 09:21:30 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=02230449ec7eb06a6609a56fa22ba473641e5687
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:b9:4c:fa:e4:cb:92:0f:08:99:b4:21:66:93:
                    3f:9a:ff:2f:0a:ef:42:a8:0b:44:51:d1:60:89:9d:
                    8e:db:3b:c5:79:b5:0f:02:30:e7:9c:ee:dd:54:90:
                    38:26:e9:fd:6f:53:10:97:11:bd:45:87:30:d2:ac:
                    28:5e:bc:0b:18:2b:3e:e0:dd:d7:85:b3:fd:2f:49:
                    68:ca:54:97:47:0f:e8:d3:20:f7:2a:ca:12:16:b4:
                    7c:8e:3f:15:d1:3e:09:86:a7:e7:29:67:25:8e:64:
                    28:e4:59:f3:25:7d:36:f9:6a:c1:3b:07:c8:ad:51:
                    ae:63:60:53:86:cb:35:62:71:8c:30:b1:90:ee:0c:
                    aa:14:ee:96:8b:f0:b5:d4:6a:7b:2a:c1:56:de:a8:
                    b5:3b:05:bb:ba:2e:c6:a0:65:31:91:e3:82:b9:a5:
                    78:70:41:f6:ef:6c:f3:87:1c:30:03:25:0f:14:e4:
                    ed:2c:78:c5:e6:43:33:11:73:a4:1a:ab:6d:15:50:
                    f6:91:25:95:89:ea:06:77:3c:c8:13:4b:9b:20:c6:
                    5b:68:f5:df:9a:3e:50:05:53:9e:04:1b:75:36:31:
                    63:1a:8e:38:17:8e:a7:f3:80:a8:25:14:e4:bc:e8:
                    72:25:02:55:f1:0f:cb:cf:2f:cc:2c:cb:48:76:72:
                    f9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:23:04:49:EC:7E:B0:6A:66:09:A5:6F:A2:2B:A4:73:64:1E:56:87
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AiMESex-sGpmCaVvoiukc2QeVoc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:2a:4f:35:19:2b:c2:1c:cf:f3:f9:58:23:c4:55:65:cf:4e:
         dd:69:47:4d:01:b5:b8:3d:41:7c:32:d3:49:26:c5:82:d6:6d:
         f3:4b:29:0f:26:ee:0a:85:d3:5f:6a:0a:ba:83:be:56:d9:64:
         76:2e:36:c6:0a:91:ca:aa:a0:27:03:b4:31:63:dd:7a:b0:67:
         3f:34:be:49:d6:24:db:76:2b:2f:f8:d9:48:a9:45:8d:dc:bc:
         b2:9b:d3:ef:3d:f0:5a:2d:b0:88:cc:6a:d7:11:e0:af:07:9b:
         0f:32:be:30:99:71:fd:52:49:47:9a:3d:53:bf:5f:0d:b4:bd:
         2a:45:a3:26:c8:18:35:d4:7f:e4:26:3c:0b:f1:5c:bb:11:6d:
         ff:95:e6:4b:9b:1f:9c:d1:6b:bd:99:f4:86:da:fe:02:4b:09:
         96:82:76:d4:2f:49:76:ac:6c:0d:1e:ed:e8:32:f7:62:75:88:
         9f:51:ab:fb:3f:2a:e4:f0:4c:72:e2:c0:35:b5:fb:9f:c8:78:
         a9:cf:94:8f:8e:80:00:a4:0a:c8:4c:c5:69:32:5d:26:71:14:
         32:d9:43:93:a9:c5:67:c5:dd:6c:a5:fa:e4:34:17:1c:96:22:
         9a:bc:ce:9e:dd:8c:6c:55:29:35:f4:de:75:9a:c3:07:62:55:
         c3:20:cc:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZshUKFcbMiwNabEtOAN1wQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMjE1MDkyMTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIzMDQ0OWVjN2ViMDZhNjYwOWE1NmZhMjJiYTQ3MzY0MWU1Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/blM+uTLkg8ImbQhZpM/mv8vCu9C
qAtEUdFgiZ2O2zvFebUPAjDnnO7dVJA4Jun9b1MQlxG9RYcw0qwoXrwLGCs+4N3X
hbP9L0loylSXRw/o0yD3KsoSFrR8jj8V0T4JhqfnKWcljmQo5FnzJX02+WrBOwfI
rVGuY2BThss1YnGMMLGQ7gyqFO6Wi/C11Gp7KsFW3qi1OwW7ui7GoGUxkeOCuaV4
cEH272zzhxwwAyUPFOTtLHjF5kMzEXOkGqttFVD2kSWVieoGdzzIE0ubIMZbaPXf
mj5QBVOeBBt1NjFjGo44F46n84CoJRTkvOhyJQJV8Q/Lzy/MLMtIdnL5qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIjBEnsfrBqZgmlb6IrpHNkHlaHMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQWlNRVNleC1zR3BtQ2FWdm9pdWtjMlFlVm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzgEMA0G
CSqGSIb3DQEBCwUAA4IBAQCTKk81GSvCHM/z+VgjxFVlz07daUdNAbW4PUF8MtNJ
JsWC1m3zSykPJu4KhdNfagq6g75W2WR2LjbGCpHKqqAnA7QxY916sGc/NL5J1iTb
disv+NlIqUWN3Lyym9PvPfBaLbCIzGrXEeCvB5sPMr4wmXH9UklHmj1Tv18NtL0q
RaMmyBg11H/kJjwL8Vy7EW3/leZLmx+c0Wu9mfSG2v4CSwmWgnbUL0l2rGwNHu3o
MvdidYifUav7Pyrk8Exy4sA1tfufyHipz5SPjoAApArITMVpMl0mcRQy2UOTqcVn
xd1spfrkNBccliKavM6e3YxsVSk19N51msMHYlXDIMyf
-----END CERTIFICATE-----