This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/4XP7HiVkwJb7VBFxlRqtJUdrlkY.roa
File:                     4XP7HiVkwJb7VBFxlRqtJUdrlkY.roa (raw, json)
Hash identifier:          OOEInEqutnloYStbQZqNgEuL98Agm2HcQLCCh/vFSb4=
Subject key identifier:   E1:73:FB:1E:25:64:C0:96:FB:54:11:71:95:1A:AD:25:47:6B:96:46
Certificate issuer:       /CN=576b22f2790597484bf96915a83543c194b3fd1e
Certificate serial:       019B7B36A1A5B38D85F9E293E98A6C908FAA
Authority key identifier: 57:6B:22:F2:79:05:97:48:4B:F9:69:15:A8:35:43:C1:94:B3:FD:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V2si8nkFl0hL-WkVqDVDwZSz_R4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/4XP7HiVkwJb7VBFxlRqtJUdrlkY.roa
Signing time:             Thu 01 Jan 2026 20:18:56 +0000
ROA not before:           Thu 01 Jan 2026 20:18:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     6206
IP address blocks:        91.229.60.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/V2si8nkFl0hL-WkVqDVDwZSz_R4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/V2si8nkFl0hL-WkVqDVDwZSz_R4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V2si8nkFl0hL-WkVqDVDwZSz_R4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 11:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:a1:a5:b3:8d:85:f9:e2:93:e9:8a:6c:90:8f:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=576b22f2790597484bf96915a83543c194b3fd1e
        Validity
            Not Before: Jan  1 20:18:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e173fb1e2564c096fb541171951aad25476b9646
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5d:e2:e6:d1:8a:73:83:b4:53:3d:2b:25:29:
                    7e:7b:b7:65:50:76:16:82:0d:08:4b:27:9e:d2:ff:
                    d0:bc:7e:5f:75:1f:54:b3:3d:8b:84:62:52:f0:b1:
                    76:c7:44:68:40:f1:96:f8:ea:cb:a6:e1:28:75:8e:
                    5e:99:6c:9c:19:db:80:e2:d8:03:18:23:2b:ab:f3:
                    6c:00:dd:b9:08:55:60:2b:29:d7:3e:da:d5:fc:ea:
                    f9:d0:17:1f:21:a1:b0:1f:ee:03:a8:ae:cb:0a:1c:
                    04:38:a3:e1:f9:ae:04:2b:c5:c0:57:49:e3:9f:22:
                    ea:4a:fc:40:0d:04:06:3c:d7:74:1d:7a:10:fb:a4:
                    d2:b0:06:f4:ae:60:c1:9d:6a:03:2e:7e:b7:13:25:
                    b3:90:47:64:83:7c:3e:b9:02:6d:26:b3:e7:c5:0f:
                    a5:e3:53:bc:ad:c1:97:a1:c6:5c:b9:a2:b5:17:2c:
                    76:4c:ab:fc:39:c8:23:ef:3a:4b:c6:ba:e6:94:4c:
                    09:5a:c8:28:7e:43:2f:37:f9:5a:1e:4c:39:1f:d5:
                    3d:86:0c:ef:ea:6d:15:28:cc:29:68:b9:6d:b3:22:
                    22:8b:84:35:59:65:c1:7f:8d:b2:c1:e5:13:ab:63:
                    09:89:9c:90:ea:c2:d2:54:b3:23:81:7d:7b:32:db:
                    49:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:73:FB:1E:25:64:C0:96:FB:54:11:71:95:1A:AD:25:47:6B:96:46
            X509v3 Authority Key Identifier:
                keyid:57:6B:22:F2:79:05:97:48:4B:F9:69:15:A8:35:43:C1:94:B3:FD:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2si8nkFl0hL-WkVqDVDwZSz_R4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/4XP7HiVkwJb7VBFxlRqtJUdrlkY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6efac4-d75a-425d-9157-aee6eb28514d/1/V2si8nkFl0hL-WkVqDVDwZSz_R4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.229.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:f4:96:83:74:b4:eb:9f:3d:44:3a:29:3c:61:d7:62:78:55:
         65:98:84:c8:33:2f:38:cd:c7:96:66:32:72:00:fb:11:bf:73:
         b2:48:aa:10:fb:e6:a0:5e:83:ef:b9:4d:93:5a:59:da:01:b4:
         b3:88:eb:6a:03:9e:77:c7:79:9a:13:e6:48:b3:16:82:c6:90:
         c4:8b:c9:17:65:7a:d3:40:5a:18:c4:63:7f:3f:ea:5e:b6:6e:
         21:bf:8f:42:bb:86:6a:73:da:5b:b0:3f:d9:6d:c6:3c:0a:97:
         ce:98:fe:c8:6e:06:49:4f:7d:94:a7:94:c5:44:04:c8:fe:d0:
         f4:46:19:d6:9f:b1:ca:91:0b:a9:7d:4d:95:41:41:6f:88:f3:
         d4:6c:07:2d:53:4f:04:80:c4:0c:8c:4f:ca:ae:3d:6a:d6:f1:
         30:39:37:a1:8f:e6:38:bb:46:98:be:1e:74:42:c2:cf:c8:90:
         98:2f:91:47:c5:ff:63:a0:33:d4:ae:a9:62:2c:b2:b2:78:e8:
         fa:ec:56:25:89:5d:e0:34:aa:93:f9:c9:10:de:ae:a2:2e:44:
         56:a7:6b:b4:6a:21:93:0c:32:41:06:3d:ea:03:49:0b:dd:1d:
         90:e0:5f:f4:3e:2c:30:ef:42:09:62:8d:bf:db:3f:6f:64:88:
         5b:98:29:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NqGls42F+eKT6YpskI+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmIyMmYyNzkwNTk3NDg0YmY5NjkxNWE4MzU0M2MxOTRi
M2ZkMWUwHhcNMjYwMTAxMjAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTczZmIxZTI1NjRjMDk2ZmI1NDExNzE5NTFhYWQyNTQ3NmI5NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt13i5tGKc4O0Uz0rJSl+e7dlUHYW
gg0ISyee0v/QvH5fdR9Usz2LhGJS8LF2x0RoQPGW+OrLpuEodY5emWycGduA4tgD
GCMrq/NsAN25CFVgKynXPtrV/Or50BcfIaGwH+4DqK7LChwEOKPh+a4EK8XAV0nj
nyLqSvxADQQGPNd0HXoQ+6TSsAb0rmDBnWoDLn63EyWzkEdkg3w+uQJtJrPnxQ+l
41O8rcGXocZcuaK1Fyx2TKv8Ocgj7zpLxrrmlEwJWsgofkMvN/laHkw5H9U9hgzv
6m0VKMwpaLltsyIii4Q1WWXBf42yweUTq2MJiZyQ6sLSVLMjgX17MttJNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFz+x4lZMCW+1QRcZUarSVHa5ZGMB8GA1UdIwQY
MBaAFFdrIvJ5BZdIS/lpFag1Q8GUs/0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJzaThua0ZsMGhMLVdrVnFEVkR3WlN6X1I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS82ZWZhYzQtZDc1YS00MjVkLTkxNTct
YWVlNmViMjg1MTRkLzEvNFhQN0hpVmt3SmI3VkJGeGxScXRKVWRybGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS82ZWZhYzQtZDc1YS00MjVkLTkxNTctYWVlNmViMjg1MTRk
LzEvVjJzaThua0ZsMGhMLVdrVnFEVkR3WlN6X1I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+U8MA0G
CSqGSIb3DQEBCwUAA4IBAQAH9JaDdLTrnz1EOik8YddieFVlmITIMy84zceWZjJy
APsRv3OySKoQ++agXoPvuU2TWlnaAbSziOtqA553x3maE+ZIsxaCxpDEi8kXZXrT
QFoYxGN/P+petm4hv49Cu4Zqc9pbsD/ZbcY8CpfOmP7IbgZJT32Up5TFRATI/tD0
RhnWn7HKkQupfU2VQUFviPPUbActU08EgMQMjE/Krj1q1vEwOTehj+Y4u0aYvh50
QsLPyJCYL5FHxf9joDPUrqliLLKyeOj67FYliV3gNKqT+ckQ3q6iLkRWp2u0aiGT
DDJBBj3qA0kL3R2Q4F/0Piww70IJYo2/2z9vZIhbmCkP
-----END CERTIFICATE-----