This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/lQbx2GFG3GJlYjI818tRZTvWCqU.roa
File:                     lQbx2GFG3GJlYjI818tRZTvWCqU.roa (raw, json)
Hash identifier:          hYFJgU1AzbjoQcSMuHA0vL1GNjSzMHcYgTXKGRPWjps=
Subject key identifier:   95:06:F1:D8:61:46:DC:62:65:62:32:3C:D7:CB:51:65:3B:D6:0A:A5
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       019B7AC8121BD88C59DE3E5ADA0F9BC5522B
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/lQbx2GFG3GJlYjI818tRZTvWCqU.roa
Signing time:             Thu 01 Jan 2026 18:18:10 +0000
ROA not before:           Thu 01 Jan 2026 18:18:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     138985
IP address blocks:        185.2.48.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 23:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:12:1b:d8:8c:59:de:3e:5a:da:0f:9b:c5:52:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Jan  1 18:18:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9506f1d86146dc626562323cd7cb51653bd60aa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:61:3b:42:63:42:77:32:24:83:51:56:28:a2:
                    03:58:3c:14:6c:12:54:27:82:59:55:87:58:ce:3c:
                    64:af:61:3f:24:d6:46:13:82:b3:68:6c:70:9e:98:
                    7e:fa:11:e1:5d:8b:8b:43:d4:5f:ba:16:62:cc:92:
                    b1:54:a7:b6:b8:73:b2:0f:f0:1b:60:fc:a1:84:8c:
                    d1:70:26:c4:8e:a2:bd:51:49:ba:5b:52:d7:10:77:
                    93:90:11:b8:ae:18:db:3c:d3:c3:7f:59:13:0d:da:
                    44:2f:fd:35:02:58:f3:7e:6c:9c:68:c0:2b:42:a9:
                    18:0e:38:82:9a:e2:c9:3a:14:3f:59:81:af:83:2a:
                    f1:d3:4f:f0:8d:1b:30:de:a0:81:67:c1:66:5b:76:
                    02:3e:0d:e7:00:59:b1:ed:bf:e4:29:d9:fd:4d:98:
                    ba:35:d6:4d:44:89:e0:dc:1b:a4:b6:05:a3:73:f0:
                    a0:93:5f:15:24:ce:89:e1:7a:81:d2:77:58:4d:6a:
                    b7:57:cc:68:56:a0:2d:e0:0c:20:11:9d:7c:a2:9e:
                    1a:3e:72:66:be:5a:7b:16:ca:b4:b5:b4:d7:b5:54:
                    01:88:c7:7e:28:61:fb:0a:b4:0f:77:03:ae:ed:c0:
                    dc:96:52:c4:55:b4:18:aa:64:ec:a8:a2:fe:c9:58:
                    0d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:06:F1:D8:61:46:DC:62:65:62:32:3C:D7:CB:51:65:3B:D6:0A:A5
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/lQbx2GFG3GJlYjI818tRZTvWCqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.2.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:25:13:0f:d1:ac:63:70:02:09:fd:5b:54:30:79:79:b3:1e:
         12:0a:1c:f0:78:41:11:26:72:ef:aa:b3:1a:ee:57:4c:d1:3c:
         27:0d:a9:37:ef:eb:2e:98:6f:07:bf:cf:f7:fa:20:37:bd:99:
         68:21:81:27:69:26:4c:61:3a:10:a3:d1:f3:07:cc:e2:d2:41:
         05:4c:24:19:57:3f:dd:b7:54:1c:87:8b:5a:89:f0:5c:f3:1a:
         aa:f4:3d:1d:ea:31:56:2b:94:dc:de:e8:ed:7a:85:6d:7a:ac:
         0b:8e:82:ed:ff:61:bb:b1:9b:98:7b:e9:e9:62:89:b0:f0:30:
         dc:36:2c:4f:a9:bc:9c:86:06:b5:fa:23:8c:13:7e:9f:82:7f:
         e5:3c:92:b3:b0:af:76:a7:65:f9:f8:ba:24:e0:08:b1:fc:93:
         7b:d0:e6:00:91:8d:ec:b8:6d:53:07:7b:17:96:31:40:41:ce:
         7c:f7:4d:66:c4:5b:76:64:a5:81:c8:b0:04:14:cc:0a:36:92:
         db:2f:b8:53:31:75:76:ee:a7:84:d8:4a:a2:10:3d:9d:c0:cc:
         d2:18:01:48:36:74:43:28:13:72:b3:aa:91:3b:90:4d:b9:b4:
         b4:45:65:75:1e:92:22:ae:3c:5a:8b:86:08:13:f6:6d:f1:f3:
         6a:d1:46:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yBIb2IxZ3j5a2g+bxVIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjYwMTAxMTgxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA2ZjFkODYxNDZkYzYyNjU2MjMyM2NkN2NiNTE2NTNiZDYwYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2E7QmNCdzIkg1FWKKIDWDwUbBJU
J4JZVYdYzjxkr2E/JNZGE4KzaGxwnph++hHhXYuLQ9RfuhZizJKxVKe2uHOyD/Ab
YPyhhIzRcCbEjqK9UUm6W1LXEHeTkBG4rhjbPNPDf1kTDdpEL/01AljzfmycaMAr
QqkYDjiCmuLJOhQ/WYGvgyrx00/wjRsw3qCBZ8FmW3YCPg3nAFmx7b/kKdn9TZi6
NdZNRIng3BuktgWjc/Cgk18VJM6J4XqB0ndYTWq3V8xoVqAt4AwgEZ18op4aPnJm
vlp7Fsq0tbTXtVQBiMd+KGH7CrQPdwOu7cDcllLEVbQYqmTsqKL+yVgNMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUG8dhhRtxiZWIyPNfLUWU71gqlMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvbFFieDJHRkczR0psWWpJODE4dFJaVHZXQ3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQIwMA0G
CSqGSIb3DQEBCwUAA4IBAQCOJRMP0axjcAIJ/VtUMHl5sx4SChzweEERJnLvqrMa
7ldM0TwnDak37+sumG8Hv8/3+iA3vZloIYEnaSZMYToQo9HzB8zi0kEFTCQZVz/d
t1Qch4taifBc8xqq9D0d6jFWK5Tc3ujteoVteqwLjoLt/2G7sZuYe+npYomw8DDc
NixPqbychga1+iOME36fgn/lPJKzsK92p2X5+Lok4Aix/JN70OYAkY3suG1TB3sX
ljFAQc58901mxFt2ZKWByLAEFMwKNpLbL7hTMXV27qeE2EqiED2dwMzSGAFINnRD
KBNys6qRO5BNubS0RWV1HpIirjxai4YIE/Zt8fNq0Uap
-----END CERTIFICATE-----