This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/TnLGleLWbF6Xbip1RIdiru4lzlk.roa
File:                     TnLGleLWbF6Xbip1RIdiru4lzlk.roa (raw, json)
Hash identifier:          TwgWk/EYTVXEiwe/Z9ywXVNMqxvlSEZDhUOiWjsfVSk=
Subject key identifier:   4E:72:C6:95:E2:D6:6C:5E:97:6E:2A:75:44:87:62:AE:EE:25:CE:59
Certificate issuer:       /CN=5f1a427072b31d44784c375dfae42278e71fa836
Certificate serial:       019B7A5AFD97F31AE60007BDE5D1A93B06DB
Authority key identifier: 5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/TnLGleLWbF6Xbip1RIdiru4lzlk.roa
Signing time:             Thu 01 Jan 2026 16:19:02 +0000
ROA not before:           Thu 01 Jan 2026 16:19:02 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     272713
IP address blocks:        185.236.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5a:fd:97:f3:1a:e6:00:07:bd:e5:d1:a9:3b:06:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f1a427072b31d44784c375dfae42278e71fa836
        Validity
            Not Before: Jan  1 16:19:02 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4e72c695e2d66c5e976e2a75448762aeee25ce59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:cc:d1:04:21:be:c0:7d:31:c7:39:06:66:49:
                    9d:30:50:55:bf:ec:d6:80:fb:36:ba:7e:c4:0b:6b:
                    71:95:48:af:d3:3b:44:7c:09:51:af:93:a8:1e:5f:
                    5e:92:9d:2b:d4:37:30:94:37:46:31:75:d9:f3:e8:
                    85:6b:fd:e4:69:27:0a:ec:10:1c:c9:19:fa:7d:5f:
                    d8:80:16:63:9f:94:dd:27:06:74:c6:94:02:d7:bd:
                    fb:7b:77:2f:4f:18:e8:d2:db:1b:1d:6c:44:73:74:
                    06:73:8f:61:ab:d1:44:50:7a:fb:0b:dd:5d:06:dd:
                    2f:b2:c1:4d:14:14:a3:c5:22:e6:29:3e:b7:4c:12:
                    7a:e2:ac:e1:f0:d7:79:c1:fe:9d:03:55:5d:75:10:
                    92:f0:d2:3f:7d:c0:f3:ea:1d:38:5f:fe:69:12:05:
                    53:18:84:e3:68:60:d3:8e:3d:8d:9a:25:60:28:62:
                    1e:72:61:b7:a7:86:d0:8f:f8:bd:c4:ee:7e:ff:cc:
                    93:94:71:9c:30:00:e1:bb:23:99:9a:e5:4a:b6:75:
                    16:e3:fa:b6:1d:a2:a8:31:9d:4b:bf:0c:03:3b:ed:
                    35:fd:d4:fa:a2:ba:1d:dd:6c:5e:b6:22:04:12:21:
                    78:10:e2:64:e2:94:e0:12:cf:3e:4c:c2:9f:7a:ce:
                    33:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:72:C6:95:E2:D6:6C:5E:97:6E:2A:75:44:87:62:AE:EE:25:CE:59
            X509v3 Authority Key Identifier:
                keyid:5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/TnLGleLWbF6Xbip1RIdiru4lzlk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:82:0f:8e:ee:d1:e5:11:6f:83:27:41:26:8e:cb:45:58:30:
         8f:95:9b:2d:eb:98:2f:42:b8:77:05:b4:d2:c2:a8:43:47:80:
         27:7b:3e:72:40:08:2f:6e:9f:62:d2:e1:d8:f3:48:8f:8f:93:
         c2:a4:1a:3b:b6:d2:40:a4:2e:2c:e7:46:8c:72:56:9e:8f:8b:
         5d:75:9d:9c:45:8d:96:83:d9:f5:1a:02:26:81:cc:eb:3b:0f:
         a4:9d:d2:cf:56:30:37:06:69:5d:9f:0e:5b:c1:d3:ec:f3:16:
         70:62:35:4b:7c:7c:85:f7:92:5f:a2:29:fe:7e:8c:b7:76:9a:
         0d:9a:ce:24:8e:4b:d3:26:67:09:68:26:ac:0b:90:04:fa:3b:
         48:11:b2:f4:71:33:6b:71:1a:53:c4:16:19:d7:1f:94:58:b9:
         95:0c:af:29:d8:9a:3e:dc:e4:f1:6a:5e:5f:c3:96:30:1b:60:
         bc:d9:3c:2e:0f:40:af:55:ec:81:3c:a5:c0:9f:31:42:ce:35:
         4f:19:97:3f:a2:a6:1a:b8:3a:13:25:a4:bf:72:f6:23:e3:26:
         00:18:d6:18:ad:1a:35:e6:00:5a:69:63:05:b7:3b:62:fb:ec:
         6c:d7:86:bf:44:f4:f3:e4:0f:46:d6:b7:6e:58:1f:cb:9e:6e:
         d8:eb:46:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6Wv2X8xrmAAe95dGpOwbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWE0MjcwNzJiMzFkNDQ3ODRjMzc1ZGZhZTQyMjc4ZTcx
ZmE4MzYwHhcNMjYwMTAxMTYxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTcyYzY5NWUyZDY2YzVlOTc2ZTJhNzU0NDg3NjJhZWVlMjVjZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68zRBCG+wH0xxzkGZkmdMFBVv+zW
gPs2un7EC2txlUiv0ztEfAlRr5OoHl9ekp0r1DcwlDdGMXXZ8+iFa/3kaScK7BAc
yRn6fV/YgBZjn5TdJwZ0xpQC1737e3cvTxjo0tsbHWxEc3QGc49hq9FEUHr7C91d
Bt0vssFNFBSjxSLmKT63TBJ64qzh8Nd5wf6dA1VddRCS8NI/fcDz6h04X/5pEgVT
GITjaGDTjj2NmiVgKGIecmG3p4bQj/i9xO5+/8yTlHGcMADhuyOZmuVKtnUW4/q2
HaKoMZ1LvwwDO+01/dT6orod3WxetiIEEiF4EOJk4pTgEs8+TMKfes4zkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5yxpXi1mxel24qdUSHYq7uJc5ZMB8GA1UdIwQY
MBaAFF8aQnBysx1EeEw3XfrkInjnH6g2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDct
ZGQyMGJiMjA4YmJhLzEvVG5MR2xlTFdiRjZYYmlwMVJJZGlydTRsemxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDctZGQyMGJiMjA4YmJh
LzEvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuey3MA0G
CSqGSIb3DQEBCwUAA4IBAQDDgg+O7tHlEW+DJ0EmjstFWDCPlZst65gvQrh3BbTS
wqhDR4Anez5yQAgvbp9i0uHY80iPj5PCpBo7ttJApC4s50aMclaej4tddZ2cRY2W
g9n1GgImgczrOw+kndLPVjA3Bmldnw5bwdPs8xZwYjVLfHyF95Jfoin+foy3dpoN
ms4kjkvTJmcJaCasC5AE+jtIEbL0cTNrcRpTxBYZ1x+UWLmVDK8p2Jo+3OTxal5f
w5YwG2C82TwuD0CvVeyBPKXAnzFCzjVPGZc/oqYauDoTJaS/cvYj4yYAGNYYrRo1
5gBaaWMFtzti++xs14a/RPTz5A9G1rduWB/Lnm7Y60bV
-----END CERTIFICATE-----