This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/vEwz57dImPsiNennVONbeEnvc1Q.roa
File:                     vEwz57dImPsiNennVONbeEnvc1Q.roa (raw, json)
Hash identifier:          FKFQdv+BqbEkz4WNye1S2doTpa1n1DGJ3Pa6LhxLa3w=
Subject key identifier:   BC:4C:33:E7:B7:48:98:FB:22:35:E9:E7:54:E3:5B:78:49:EF:73:54
Certificate issuer:       /CN=b9d9305fcbd59cda4b68f888df6020485b74e982
Certificate serial:       019B77591686B6C7F457A3AB69686315BD43
Authority key identifier: B9:D9:30:5F:CB:D5:9C:DA:4B:68:F8:88:DF:60:20:48:5B:74:E9:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udkwX8vVnNpLaPiI32AgSFt06YI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/vEwz57dImPsiNennVONbeEnvc1Q.roa
Signing time:             Thu 01 Jan 2026 02:18:05 +0000
ROA not before:           Thu 01 Jan 2026 02:18:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     12703
IP address blocks:        185.38.104.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/udkwX8vVnNpLaPiI32AgSFt06YI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/udkwX8vVnNpLaPiI32AgSFt06YI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udkwX8vVnNpLaPiI32AgSFt06YI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:16:86:b6:c7:f4:57:a3:ab:69:68:63:15:bd:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d9305fcbd59cda4b68f888df6020485b74e982
        Validity
            Not Before: Jan  1 02:18:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bc4c33e7b74898fb2235e9e754e35b7849ef7354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0c:1a:df:3b:b6:f8:ae:f8:53:2a:5a:92:be:
                    99:47:c7:38:31:35:cc:c2:a8:ae:68:f9:dd:94:0d:
                    27:02:2f:b6:4b:99:4e:15:4e:26:4c:0a:c0:80:bb:
                    68:6f:2d:43:40:e8:49:eb:e3:27:e7:b8:c3:3b:eb:
                    97:eb:87:36:6d:e1:62:e5:4f:1f:f9:d2:ff:53:04:
                    02:b4:38:fb:28:80:4f:81:51:e6:2e:11:d6:65:9d:
                    56:6b:ed:cf:a8:1b:aa:22:2c:28:92:b2:6f:cf:1e:
                    e1:19:80:61:0c:d6:30:d2:15:7b:69:e5:2f:6f:3f:
                    be:3d:21:51:d3:ef:f6:db:fe:30:82:3e:e6:d1:66:
                    32:b7:09:47:1e:ae:7c:96:0f:0e:c0:8e:dd:ec:cc:
                    2f:99:3e:c3:e0:98:19:95:ce:0d:a7:39:2d:b1:0e:
                    da:a3:2a:0e:94:8b:ce:fa:6a:f7:bf:78:fc:98:71:
                    30:94:13:df:51:fa:a2:3d:d8:2d:e5:f0:1b:98:4e:
                    8e:d2:6f:c8:23:dd:ad:cc:70:10:20:c4:a8:68:36:
                    c9:45:b6:70:57:cf:13:72:f4:d6:a9:77:fc:93:ae:
                    c7:d1:9d:ee:03:e4:f0:4d:32:8b:90:56:95:fd:ea:
                    4a:6a:c4:bb:f7:ae:8e:49:82:af:76:97:50:6e:3d:
                    6a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:4C:33:E7:B7:48:98:FB:22:35:E9:E7:54:E3:5B:78:49:EF:73:54
            X509v3 Authority Key Identifier:
                keyid:B9:D9:30:5F:CB:D5:9C:DA:4B:68:F8:88:DF:60:20:48:5B:74:E9:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udkwX8vVnNpLaPiI32AgSFt06YI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/vEwz57dImPsiNennVONbeEnvc1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/udkwX8vVnNpLaPiI32AgSFt06YI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:37:19:6b:27:35:0d:f6:fc:ed:3f:39:c9:50:d2:0c:e5:f0:
         8b:5a:2c:e7:3f:00:c7:0c:7b:fa:e7:78:98:11:63:b9:7a:f4:
         ea:af:a6:6b:0a:e7:4e:d6:87:93:ab:3e:00:31:52:c1:6c:9e:
         12:e4:50:c7:17:93:57:4f:7f:52:24:9b:58:8e:76:ea:6c:05:
         1d:4c:2a:f1:7d:74:db:34:89:ad:a6:c0:8e:05:7d:7f:a0:56:
         ba:4a:f2:12:c7:ad:8c:20:a3:63:93:cb:9e:cc:65:a1:4a:d7:
         ee:4d:c1:e5:75:da:32:40:8e:5c:80:6e:5d:3c:84:e4:80:ec:
         49:05:86:bb:97:76:5f:da:55:95:80:3a:6a:8e:8c:bb:76:d8:
         cb:ae:92:a8:e2:77:28:98:26:14:26:c6:d2:35:2f:bc:eb:8b:
         16:35:c2:d4:e8:82:e8:ae:4a:da:59:97:91:32:a1:6b:ea:ae:
         7f:e2:3e:62:49:48:9c:d4:73:93:12:85:c5:e8:62:68:77:69:
         85:c6:5f:6a:3c:13:85:35:5a:40:56:83:90:1b:33:35:c5:fb:
         20:99:73:77:bf:28:b8:77:81:af:a1:2f:35:1c:25:59:51:a4:
         40:3b:2e:c1:8f:c1:79:97:87:56:44:69:59:bf:0f:6b:b9:dd:
         0c:6f:7a:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WRaGtsf0V6OraWhjFb1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDkzMDVmY2JkNTljZGE0YjY4Zjg4OGRmNjAyMDQ4NWI3
NGU5ODIwHhcNMjYwMTAxMDIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzRjMzNlN2I3NDg5OGZiMjIzNWU5ZTc1NGUzNWI3ODQ5ZWY3MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAwa3zu2+K74Uypakr6ZR8c4MTXM
wqiuaPndlA0nAi+2S5lOFU4mTArAgLtoby1DQOhJ6+Mn57jDO+uX64c2beFi5U8f
+dL/UwQCtDj7KIBPgVHmLhHWZZ1Wa+3PqBuqIiwokrJvzx7hGYBhDNYw0hV7aeUv
bz++PSFR0+/22/4wgj7m0WYytwlHHq58lg8OwI7d7MwvmT7D4JgZlc4NpzktsQ7a
oyoOlIvO+mr3v3j8mHEwlBPfUfqiPdgt5fAbmE6O0m/II92tzHAQIMSoaDbJRbZw
V88TcvTWqXf8k67H0Z3uA+TwTTKLkFaV/epKasS7966OSYKvdpdQbj1qiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxMM+e3SJj7IjXp51TjW3hJ73NUMB8GA1UdIwQY
MBaAFLnZMF/L1ZzaS2j4iN9gIEhbdOmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRrd1g4dlZuTnBMYVBpSTMyQWdTRnQwNllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xOWYzN2ItNDQ2Yy00OTEwLTljNmYt
MWQwOWM3OWIyNTQwLzEvdkV3ejU3ZEltUHNpTmVublZPTmJlRW52YzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xOWYzN2ItNDQ2Yy00OTEwLTljNmYtMWQwOWM3OWIyNTQw
LzEvdWRrd1g4dlZuTnBMYVBpSTMyQWdTRnQwNllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSZoMA0G
CSqGSIb3DQEBCwUAA4IBAQCiNxlrJzUN9vztPznJUNIM5fCLWiznPwDHDHv653iY
EWO5evTqr6ZrCudO1oeTqz4AMVLBbJ4S5FDHF5NXT39SJJtYjnbqbAUdTCrxfXTb
NImtpsCOBX1/oFa6SvISx62MIKNjk8uezGWhStfuTcHlddoyQI5cgG5dPITkgOxJ
BYa7l3Zf2lWVgDpqjoy7dtjLrpKo4ncomCYUJsbSNS+864sWNcLU6ILorkraWZeR
MqFr6q5/4j5iSUic1HOTEoXF6GJod2mFxl9qPBOFNVpAVoOQGzM1xfsgmXN3vyi4
d4GvoS81HCVZUaRAOy7Bj8F5l4dWRGlZvw9rud0Mb3oC
-----END CERTIFICATE-----
Generated at Mon Jan 26 07:08:14 2026 by rpki-client