This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aqihL1i-bJEMkvuKwqEr0guRw_g.roa
File:                     aqihL1i-bJEMkvuKwqEr0guRw_g.roa (raw, json)
Hash identifier:          a0fFsSg4oOlSy6D1Qk7D4+MuijOhbhsAowvcQS5CB4c=
Subject key identifier:   6A:A8:A1:2F:58:BE:6C:91:0C:92:FB:8A:C2:A1:2B:D2:0B:91:C3:F8
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       019B76EACB76A0BF72485C41D78882F28DAE
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aqihL1i-bJEMkvuKwqEr0guRw_g.roa
Signing time:             Thu 01 Jan 2026 00:17:37 +0000
ROA not before:           Thu 01 Jan 2026 00:17:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     199297
IP address blocks:        45.88.180.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:ea:cb:76:a0:bf:72:48:5c:41:d7:88:82:f2:8d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 00:17:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6aa8a12f58be6c910c92fb8ac2a12bd20b91c3f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:df:ee:7e:db:16:3b:2e:62:e6:58:c9:7f:e1:
                    e8:21:51:0a:a5:45:02:f5:ab:20:04:95:01:65:02:
                    b5:18:a4:89:46:db:e8:1c:59:e9:05:5f:ea:e2:51:
                    50:f4:12:21:ff:7c:60:bf:e0:c4:94:de:8e:e4:04:
                    19:23:88:5c:f4:d6:41:02:84:b1:75:a4:a3:aa:dc:
                    7e:f7:a9:5b:88:62:ea:84:a1:68:cc:28:70:92:07:
                    a3:53:5b:5c:7f:17:5f:60:7b:86:5d:b5:56:a2:de:
                    8c:8f:bc:c6:ee:b6:1a:74:6c:fc:6c:ca:e1:e7:c8:
                    a5:9c:8b:94:56:1e:84:8c:81:2d:a0:70:13:c8:e6:
                    b9:7e:da:8c:74:5d:de:ea:c7:c4:14:2f:07:36:5c:
                    4a:b6:58:fa:3a:c5:cf:a3:1c:0a:79:61:53:60:05:
                    8b:a9:7e:a5:70:48:40:35:0e:bb:f4:dd:6d:e7:61:
                    9c:d3:84:b7:c9:0d:3b:4a:95:5c:99:a7:d2:1c:51:
                    a5:fd:87:85:63:95:bc:72:43:2d:49:c3:4d:48:8b:
                    64:db:40:ba:13:99:2f:a6:f4:ad:8a:bc:d4:70:e8:
                    22:2a:bf:bf:b5:49:f0:8e:6a:4a:29:21:90:61:76:
                    5c:f9:8f:f2:a5:52:c5:11:6e:4b:2a:60:ee:ef:a2:
                    b1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:A8:A1:2F:58:BE:6C:91:0C:92:FB:8A:C2:A1:2B:D2:0B:91:C3:F8
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aqihL1i-bJEMkvuKwqEr0guRw_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:ef:45:8a:76:9e:4c:ab:4b:b4:6a:f8:c7:95:9a:ae:31:1f:
         a4:95:54:27:58:fb:5b:b7:c1:c2:48:ea:d2:48:0e:b3:23:6b:
         a5:e9:82:e7:f7:1b:3a:53:13:5e:42:81:3d:30:1e:07:1e:5a:
         51:12:9e:51:9d:98:9d:e0:32:77:9c:97:0a:67:d8:b3:b1:64:
         9e:fe:86:83:bf:1d:b7:ed:75:c2:9f:10:f9:2b:cd:3c:e4:02:
         a0:6b:9f:90:74:09:96:a7:96:0c:5a:d6:0c:54:ee:22:e9:3a:
         59:6e:33:84:f2:7d:67:22:cc:c8:c4:cd:11:60:0f:3e:c0:8d:
         32:9c:54:90:e1:80:90:75:7e:6c:22:80:5d:c7:84:c2:fd:d6:
         85:c6:9b:28:d5:79:6b:ac:6e:15:6c:45:00:4a:b3:7b:57:15:
         5d:86:2e:3c:18:85:ba:2e:27:b3:b6:1a:63:fb:23:b7:35:a0:
         29:5d:72:a3:e9:6e:92:2f:b8:3f:0c:1f:68:16:b1:00:1b:66:
         ca:16:2b:b6:d1:b8:d2:6d:a1:50:ca:a5:56:f8:f1:3b:b0:b5:
         ae:0b:bf:e4:d0:31:60:ac:72:c0:63:0c:e3:56:19:80:16:63:
         17:b1:93:cb:67:09:ee:f3:ef:d5:d1:82:43:d9:7d:fb:e8:3e:
         dc:dd:18:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26st2oL9ySFxB14iC8o2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMTAxMDAxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE4YTEyZjU4YmU2YzkxMGM5MmZiOGFjMmExMmJkMjBiOTFjM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29/uftsWOy5i5ljJf+HoIVEKpUUC
9asgBJUBZQK1GKSJRtvoHFnpBV/q4lFQ9BIh/3xgv+DElN6O5AQZI4hc9NZBAoSx
daSjqtx+96lbiGLqhKFozChwkgejU1tcfxdfYHuGXbVWot6Mj7zG7rYadGz8bMrh
58ilnIuUVh6EjIEtoHATyOa5ftqMdF3e6sfEFC8HNlxKtlj6OsXPoxwKeWFTYAWL
qX6lcEhANQ679N1t52Gc04S3yQ07SpVcmafSHFGl/YeFY5W8ckMtScNNSItk20C6
E5kvpvStirzUcOgiKr+/tUnwjmpKKSGQYXZc+Y/ypVLFEW5LKmDu76KxlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqooS9YvmyRDJL7isKhK9ILkcP4MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYXFpaEwxaS1iSkVNa3Z1S3dxRXIwZ3VSd19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVi0MA0G
CSqGSIb3DQEBCwUAA4IBAQAY70WKdp5Mq0u0avjHlZquMR+klVQnWPtbt8HCSOrS
SA6zI2ul6YLn9xs6UxNeQoE9MB4HHlpREp5RnZid4DJ3nJcKZ9izsWSe/oaDvx23
7XXCnxD5K8085AKga5+QdAmWp5YMWtYMVO4i6TpZbjOE8n1nIszIxM0RYA8+wI0y
nFSQ4YCQdX5sIoBdx4TC/daFxpso1XlrrG4VbEUASrN7VxVdhi48GIW6Liezthpj
+yO3NaApXXKj6W6SL7g/DB9oFrEAG2bKFiu20bjSbaFQyqVW+PE7sLWuC7/k0DFg
rHLAYwzjVhmAFmMXsZPLZwnu8+/V0YJD2X376D7c3RjN
-----END CERTIFICATE-----