This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/FXyAhkD-8Q5q4GQ3avZeolFCnH8.roa
File:                     FXyAhkD-8Q5q4GQ3avZeolFCnH8.roa (raw, json)
Hash identifier:          ZUZeRBd+6uQSjPBdIWYrxSWAHVlOiQl5Z7Q0BZoi1ac=
Subject key identifier:   15:7C:80:86:40:FE:F1:0E:6A:E0:64:37:6A:F6:5E:A2:51:42:9C:7F
Certificate issuer:       /CN=0395add86baf6b2d06ff41f5526d347f71eeb410
Certificate serial:       019B79107BB810DFC105DA713CDD1AF17CF8
Authority key identifier: 03:95:AD:D8:6B:AF:6B:2D:06:FF:41:F5:52:6D:34:7F:71:EE:B4:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A5Wt2Guvay0G_0H1Um00f3HutBA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/FXyAhkD-8Q5q4GQ3avZeolFCnH8.roa
Signing time:             Thu 01 Jan 2026 10:18:01 +0000
ROA not before:           Thu 01 Jan 2026 10:18:01 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2200
IP address blocks:        163.9.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/A5Wt2Guvay0G_0H1Um00f3HutBA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/A5Wt2Guvay0G_0H1Um00f3HutBA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A5Wt2Guvay0G_0H1Um00f3HutBA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 19:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:7b:b8:10:df:c1:05:da:71:3c:dd:1a:f1:7c:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0395add86baf6b2d06ff41f5526d347f71eeb410
        Validity
            Not Before: Jan  1 10:18:01 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=157c808640fef10e6ae064376af65ea251429c7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:90:f3:16:46:bb:01:75:c7:59:41:ca:45:45:
                    c4:11:6b:38:9c:2c:6b:c9:22:0e:89:ff:d6:c1:98:
                    7e:5e:78:88:8f:ea:27:14:26:ff:37:66:07:41:e7:
                    b9:82:a9:fe:62:fa:63:17:79:0c:c7:6e:8e:9e:7c:
                    41:52:2c:a9:80:4f:4a:e6:bf:ba:f0:1d:3b:a4:6c:
                    29:f3:2e:bb:5f:92:25:c9:13:0d:53:8e:86:55:d8:
                    a9:95:c4:d0:0f:55:1e:2a:21:3f:60:4a:df:10:72:
                    34:f1:0f:11:a5:f9:ee:6f:22:24:27:f6:f9:6c:53:
                    65:4f:60:9f:a1:bb:b0:ae:99:3d:e3:26:42:10:28:
                    17:4a:63:dd:ed:02:7b:0a:e8:38:e8:a7:d6:cc:9e:
                    92:9a:15:0d:b6:f3:fe:df:3f:2a:7e:41:df:a2:5d:
                    4a:98:eb:15:76:ca:ee:1d:24:27:73:99:78:12:d2:
                    69:fa:ef:c4:07:93:71:51:5e:29:bb:64:f3:92:2d:
                    41:6c:7c:09:52:34:73:e9:f9:23:61:f3:12:38:d0:
                    75:8d:c0:f7:b8:68:3c:42:3a:ab:2f:73:b5:4c:86:
                    a5:36:73:10:76:33:7a:47:a6:5f:10:f3:df:b6:3b:
                    03:0e:9b:6a:53:f1:11:eb:64:bb:9b:1d:09:45:79:
                    8e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:7C:80:86:40:FE:F1:0E:6A:E0:64:37:6A:F6:5E:A2:51:42:9C:7F
            X509v3 Authority Key Identifier:
                keyid:03:95:AD:D8:6B:AF:6B:2D:06:FF:41:F5:52:6D:34:7F:71:EE:B4:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5Wt2Guvay0G_0H1Um00f3HutBA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/FXyAhkD-8Q5q4GQ3avZeolFCnH8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fdb398-3fb5-4b6a-a003-cfc4a676d6e0/1/A5Wt2Guvay0G_0H1Um00f3HutBA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.9.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         65:e4:85:c9:d3:5e:ed:c5:08:ab:a2:fb:55:2b:64:9a:7c:3d:
         2e:67:86:a4:e1:ea:12:6d:cb:47:82:27:73:6b:f4:fb:16:a0:
         26:6a:52:55:0f:c9:7a:f5:da:c1:34:7f:e4:35:1e:b0:9b:c2:
         0c:58:4a:37:f0:2e:b4:2c:e1:1f:fd:2a:b6:4b:7b:1c:df:a8:
         4d:5d:01:cc:14:cc:0f:07:b0:fa:b9:74:0a:55:ff:f0:0e:fd:
         bf:eb:07:67:a5:90:0e:14:be:b3:99:74:c5:6a:42:03:07:96:
         f3:29:a5:f7:e1:4f:1f:ef:86:e1:ae:cc:38:0b:09:60:f7:e5:
         95:e9:b4:74:8e:b2:7a:ca:83:93:01:a2:de:63:4b:89:ec:b6:
         46:06:ca:3a:38:e2:0b:b4:fb:12:63:70:83:81:7d:c3:3f:66:
         58:b5:b8:65:26:49:29:ba:72:2a:d7:4e:96:3c:99:7e:fc:52:
         c4:47:81:15:58:e2:eb:a8:b1:b2:74:64:87:23:d2:c8:27:55:
         2d:cf:a0:00:10:a4:1d:b0:47:8d:a4:8f:d3:1b:52:1c:2a:eb:
         36:2c:56:89:cf:a2:ce:03:98:19:c8:28:5a:fd:c1:c1:a9:89:
         7f:a1:7d:e0:cc:89:9c:ca:4e:a1:c2:56:fb:1a:a5:b7:58:7f:
         d5:37:6f:d6
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZt5EHu4EN/BBdpxPN0a8Xz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOTVhZGQ4NmJhZjZiMmQwNmZmNDFmNTUyNmQzNDdmNzFl
ZWI0MTAwHhcNMjYwMTAxMTAxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdjODA4NjQwZmVmMTBlNmFlMDY0Mzc2YWY2NWVhMjUxNDI5YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5DzFka7AXXHWUHKRUXEEWs4nCxr
ySIOif/WwZh+XniIj+onFCb/N2YHQee5gqn+YvpjF3kMx26OnnxBUiypgE9K5r+6
8B07pGwp8y67X5IlyRMNU46GVdiplcTQD1UeKiE/YErfEHI08Q8RpfnubyIkJ/b5
bFNlT2Cfobuwrpk94yZCECgXSmPd7QJ7Cug46KfWzJ6SmhUNtvP+3z8qfkHfol1K
mOsVdsruHSQnc5l4EtJp+u/EB5NxUV4pu2Tzki1BbHwJUjRz6fkjYfMSONB1jcD3
uGg8QjqrL3O1TIalNnMQdjN6R6ZfEPPftjsDDptqU/ER62S7mx0JRXmOKwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBV8gIZA/vEOauBkN2r2XqJRQpx/MB8GA1UdIwQY
MBaAFAOVrdhrr2stBv9B9VJtNH9x7rQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVXdDJHdXZheTBHXzBIMVVtMDBmM0h1dEJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9mZGIzOTgtM2ZiNS00YjZhLWEwMDMt
Y2ZjNGE2NzZkNmUwLzEvRlh5QWhrRC04UTVxNEdRM2F2WmVvbEZDbkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9mZGIzOTgtM2ZiNS00YjZhLWEwMDMtY2ZjNGE2NzZkNmUw
LzEvQTVXdDJHdXZheTBHXzBIMVVtMDBmM0h1dEJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAowkwDQYJ
KoZIhvcNAQELBQADggEBAGXkhcnTXu3FCKui+1UrZJp8PS5nhqTh6hJty0eCJ3Nr
9PsWoCZqUlUPyXr12sE0f+Q1HrCbwgxYSjfwLrQs4R/9KrZLexzfqE1dAcwUzA8H
sPq5dApV//AO/b/rB2elkA4UvrOZdMVqQgMHlvMppffhTx/vhuGuzDgLCWD35ZXp
tHSOsnrKg5MBot5jS4nstkYGyjo44gu0+xJjcIOBfcM/Zli1uGUmSSm6cirXTpY8
mX78UsRHgRVY4uuosbJ0ZIcj0sgnVS3PoAAQpB2wR42kj9MbUhwq6zYsVonPos4D
mBnIKFr9wcGpiX+hfeDMiZzKTqHCVvsapbdYf9U3b9Y=
-----END CERTIFICATE-----