This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/PhcWaa3aMcSfSfL7A05LVlfWmo8.roa
File:                     PhcWaa3aMcSfSfL7A05LVlfWmo8.roa (raw, json)
Hash identifier:          muO9ZarGeUAZ/RdE0uDFFvn9bzKE1jMQWRZvhI1+828=
Subject key identifier:   3E:17:16:69:AD:DA:31:C4:9F:49:F2:FB:03:4E:4B:56:57:D6:9A:8F
Certificate issuer:       /CN=eeac122a92917cf953ff5c5de6a1ffe1199f122c
Certificate serial:       019B7A5AC6001E50D83B4A99C21C60847B86
Authority key identifier: EE:AC:12:2A:92:91:7C:F9:53:FF:5C:5D:E6:A1:FF:E1:19:9F:12:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qwSKpKRfPlT_1xd5qH_4RmfEiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/PhcWaa3aMcSfSfL7A05LVlfWmo8.roa
Signing time:             Thu 01 Jan 2026 16:18:47 +0000
ROA not before:           Thu 01 Jan 2026 16:18:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207785
IP address blocks:        185.153.201.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/7qwSKpKRfPlT_1xd5qH_4RmfEiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/7qwSKpKRfPlT_1xd5qH_4RmfEiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7qwSKpKRfPlT_1xd5qH_4RmfEiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5a:c6:00:1e:50:d8:3b:4a:99:c2:1c:60:84:7b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eeac122a92917cf953ff5c5de6a1ffe1199f122c
        Validity
            Not Before: Jan  1 16:18:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3e171669adda31c49f49f2fb034e4b5657d69a8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:24:33:ce:76:be:11:cd:68:7f:8d:42:87:f6:
                    96:b1:da:e6:1a:0f:37:3f:a4:e6:ae:e5:7b:8e:bd:
                    c7:54:e2:ab:cf:9c:55:23:d5:a2:a4:6b:fa:17:8e:
                    e5:9c:fa:c6:1f:32:a3:c9:07:d9:2d:9d:c0:6b:8d:
                    4c:c6:c1:e9:e6:3c:95:87:fb:92:48:b7:bd:fa:6c:
                    95:52:a6:a2:38:7d:13:df:7d:3b:6e:f9:b5:99:a6:
                    31:ec:d6:04:93:59:cb:d6:78:a9:14:ab:ef:1b:99:
                    c1:d4:2a:04:4d:60:ea:9b:dc:69:83:e7:16:a5:ae:
                    ce:67:76:00:13:21:1c:6a:aa:1a:a3:ae:6e:5c:81:
                    c1:b2:e1:0e:f6:74:7d:1b:26:8c:58:0e:a8:10:c2:
                    f7:c7:b9:df:80:63:f9:7c:44:07:a4:f5:fe:73:3e:
                    5c:4d:2d:1f:b1:b4:e3:01:ce:52:dc:5d:ce:2e:02:
                    eb:df:19:c6:31:59:65:90:43:48:fa:24:09:d6:81:
                    09:75:6e:09:22:3e:b5:7e:a8:d4:d7:73:35:b5:04:
                    69:5e:ae:d4:de:a6:ae:0c:4e:37:65:3d:88:0e:0f:
                    73:f5:14:37:a6:9c:f5:f2:6f:e9:92:cf:bf:da:ad:
                    6b:b9:52:dd:28:ba:45:be:17:1d:59:cb:ed:ff:cd:
                    e4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:17:16:69:AD:DA:31:C4:9F:49:F2:FB:03:4E:4B:56:57:D6:9A:8F
            X509v3 Authority Key Identifier:
                keyid:EE:AC:12:2A:92:91:7C:F9:53:FF:5C:5D:E6:A1:FF:E1:19:9F:12:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qwSKpKRfPlT_1xd5qH_4RmfEiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/PhcWaa3aMcSfSfL7A05LVlfWmo8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/7qwSKpKRfPlT_1xd5qH_4RmfEiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.153.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:58:e4:7c:81:89:51:ea:1e:d8:8f:ec:49:62:6d:e3:5a:90:
         c0:b9:be:d1:a1:e3:a9:1d:25:9d:4c:ff:e7:8d:3d:96:7c:11:
         95:a5:6f:eb:ee:50:d0:46:63:94:d4:2b:db:05:bf:0c:95:72:
         34:ce:98:c4:90:06:de:cf:16:9d:bd:a0:39:91:fe:b2:25:64:
         55:6f:b3:7b:bb:bf:01:5d:fb:41:81:b5:9e:e0:45:20:e1:b3:
         9b:c8:48:7a:1f:85:94:fb:ed:9f:bb:da:56:84:26:7e:b6:64:
         e5:92:5e:b1:70:2c:d0:58:95:2c:b1:31:9c:6c:ac:99:43:ca:
         b7:33:2c:80:e3:b1:1c:43:1f:9c:87:5c:10:e7:f7:f7:42:66:
         03:db:20:a9:29:05:ef:7c:c1:05:0a:b8:e3:d1:b2:78:eb:0e:
         79:5b:4d:3c:50:f1:33:e6:8b:6d:6d:ef:58:a1:fd:b3:0c:4a:
         d3:5f:c2:84:69:88:b9:eb:e7:e7:a1:fe:b3:48:3c:eb:49:cf:
         8e:ad:2d:93:00:28:c9:b6:a2:4a:6d:7a:e2:ea:b0:c1:8d:2b:
         c2:9d:c5:04:1e:a5:19:e8:20:b5:85:c0:c6:4f:51:d9:fb:be:
         5f:35:4f:88:e0:d8:35:59:7d:de:75:f5:8b:8f:16:3d:bc:1a:
         ea:ef:3d:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6WsYAHlDYO0qZwhxghHuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYWMxMjJhOTI5MTdjZjk1M2ZmNWM1ZGU2YTFmZmUxMTk5
ZjEyMmMwHhcNMjYwMTAxMTYxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTE3MTY2OWFkZGEzMWM0OWY0OWYyZmIwMzRlNGI1NjU3ZDY5YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yQzzna+Ec1of41Ch/aWsdrmGg83
P6TmruV7jr3HVOKrz5xVI9WipGv6F47lnPrGHzKjyQfZLZ3Aa41MxsHp5jyVh/uS
SLe9+myVUqaiOH0T3307bvm1maYx7NYEk1nL1nipFKvvG5nB1CoETWDqm9xpg+cW
pa7OZ3YAEyEcaqoao65uXIHBsuEO9nR9GyaMWA6oEML3x7nfgGP5fEQHpPX+cz5c
TS0fsbTjAc5S3F3OLgLr3xnGMVllkENI+iQJ1oEJdW4JIj61fqjU13M1tQRpXq7U
3qauDE43ZT2IDg9z9RQ3ppz18m/pks+/2q1ruVLdKLpFvhcdWcvt/83k1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4XFmmt2jHEn0ny+wNOS1ZX1pqPMB8GA1UdIwQY
MBaAFO6sEiqSkXz5U/9cXeah/+EZnxIsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3F3U0twS1JmUGxUXzF4ZDVxSF80Um1mRWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84ZWU0NTEtZjYyNi00MzI0LTk4ZmUt
NDFkMmNjN2I3MDM0LzEvUGhjV2FhM2FNY1NmU2ZMN0EwNUxWbGZXbW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84ZWU0NTEtZjYyNi00MzI0LTk4ZmUtNDFkMmNjN2I3MDM0
LzEvN3F3U0twS1JmUGxUXzF4ZDVxSF80Um1mRWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZnJMA0G
CSqGSIb3DQEBCwUAA4IBAQCJWOR8gYlR6h7Yj+xJYm3jWpDAub7RoeOpHSWdTP/n
jT2WfBGVpW/r7lDQRmOU1CvbBb8MlXI0zpjEkAbezxadvaA5kf6yJWRVb7N7u78B
XftBgbWe4EUg4bObyEh6H4WU++2fu9pWhCZ+tmTlkl6xcCzQWJUssTGcbKyZQ8q3
MyyA47EcQx+ch1wQ5/f3QmYD2yCpKQXvfMEFCrjj0bJ46w55W008UPEz5ottbe9Y
of2zDErTX8KEaYi56+fnof6zSDzrSc+OrS2TACjJtqJKbXri6rDBjSvCncUEHqUZ
6CC1hcDGT1HZ+75fNU+I4Ng1WX3edfWLjxY9vBrq7z0N
-----END CERTIFICATE-----