This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/lWZWuIJZ3q5_hVt6znDikSoBR3M.roa
File:                     lWZWuIJZ3q5_hVt6znDikSoBR3M.roa (raw, json)
Hash identifier:          y85mPvpTXgrTdx2E8ZlH0eaEQJTPz5/4CbPHnZc0y/0=
Subject key identifier:   95:66:56:B8:82:59:DE:AE:7F:85:5B:7A:CE:70:E2:91:2A:01:47:73
Certificate issuer:       /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial:       019B797EE2839D416E5FEC1D8EBF40DFF222
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/lWZWuIJZ3q5_hVt6znDikSoBR3M.roa
Signing time:             Thu 01 Jan 2026 12:18:37 +0000
ROA not before:           Thu 01 Jan 2026 12:18:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203984
IP address blocks:        185.145.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 12:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:e2:83:9d:41:6e:5f:ec:1d:8e:bf:40:df:f2:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
        Validity
            Not Before: Jan  1 12:18:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=956656b88259deae7f855b7ace70e2912a014773
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:6b:af:4f:1c:c2:9d:14:a4:94:fc:26:23:6e:
                    c3:8f:31:eb:f2:a2:36:40:15:ce:86:83:f8:94:ee:
                    4d:f7:73:2a:89:71:82:62:67:07:dc:d7:e8:d4:28:
                    49:f5:b3:3b:1e:b1:dc:5a:8f:42:0a:81:fc:cf:7a:
                    5f:3a:c4:39:da:1a:a4:5d:d9:8e:ca:d8:da:ec:35:
                    10:76:02:da:8e:81:59:e5:b6:4a:b3:bb:89:22:8f:
                    44:b5:25:02:c1:04:3b:ee:79:e2:a1:bd:63:fa:fa:
                    43:12:43:4d:75:13:be:97:75:af:4c:9c:59:0f:e8:
                    62:3b:b8:85:93:55:74:f8:d7:13:c3:70:b0:a6:38:
                    72:d2:63:3d:f3:6f:36:bc:0e:20:6c:0b:8d:72:af:
                    25:84:4e:d9:78:3c:cd:eb:9d:29:76:18:ae:61:48:
                    3c:c3:fa:83:d4:1c:79:51:22:59:39:82:69:bd:80:
                    09:e2:4a:48:99:eb:bf:cb:ff:82:46:62:46:40:ee:
                    8b:4a:84:c2:eb:66:89:fb:25:00:b1:1d:b4:93:0e:
                    cf:ff:bf:84:05:f4:19:9b:e5:01:1b:59:b1:b8:a3:
                    65:bb:40:c8:55:cf:a5:6a:56:a4:53:57:ea:dd:29:
                    d0:99:1f:db:d1:f3:42:94:4b:f9:33:bc:d7:ff:f8:
                    8c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:66:56:B8:82:59:DE:AE:7F:85:5B:7A:CE:70:E2:91:2A:01:47:73
            X509v3 Authority Key Identifier:
                keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/lWZWuIJZ3q5_hVt6znDikSoBR3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:12:ec:ce:f8:38:1e:bc:bd:d1:fa:a5:bb:f6:2b:ec:db:e1:
         27:6f:15:eb:8c:31:62:a1:74:e9:4e:4b:e5:0a:13:0a:43:ec:
         1d:a7:63:79:8e:af:26:32:42:78:d2:ea:c9:57:b5:fd:22:a6:
         5b:77:8c:bc:57:14:f6:b8:ab:0c:1a:34:36:77:20:04:5b:75:
         4c:12:30:d3:64:29:00:41:85:fc:ee:29:ca:3c:67:8a:f5:92:
         97:07:27:a3:0a:ce:59:85:c7:9c:4f:e9:76:25:73:d3:90:54:
         2f:67:0b:76:69:a3:24:7b:57:c2:7c:79:c4:a2:a2:7e:01:6a:
         d4:8a:9e:98:be:dc:b2:68:c8:e8:b1:70:f4:0c:db:3c:47:95:
         83:fd:35:0f:71:fb:c6:0d:dd:a4:8c:b1:02:32:e2:82:84:23:
         84:cc:6d:a7:66:f6:d8:43:34:32:4e:2d:13:72:0e:df:97:b0:
         7e:33:40:b7:95:81:5b:2c:9e:f8:b5:6d:56:2a:f6:3c:5f:1b:
         77:6c:a6:03:d3:d3:46:91:87:61:6c:44:a4:61:09:cb:52:4c:
         96:68:e3:e6:5e:0d:f5:90:71:f8:d8:cd:56:0e:74:ba:22:bf:
         ea:87:50:2d:ab:d9:e0:33:8d:8f:02:6b:01:d9:37:a6:ee:e1:
         b1:84:bb:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fuKDnUFuX+wdjr9A3/IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjYwMTAxMTIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY2NTZiODgyNTlkZWFlN2Y4NTViN2FjZTcwZTI5MTJhMDE0NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2muvTxzCnRSklPwmI27DjzHr8qI2
QBXOhoP4lO5N93MqiXGCYmcH3Nfo1ChJ9bM7HrHcWo9CCoH8z3pfOsQ52hqkXdmO
ytja7DUQdgLajoFZ5bZKs7uJIo9EtSUCwQQ77nniob1j+vpDEkNNdRO+l3WvTJxZ
D+hiO7iFk1V0+NcTw3Cwpjhy0mM98282vA4gbAuNcq8lhE7ZeDzN650pdhiuYUg8
w/qD1Bx5USJZOYJpvYAJ4kpImeu/y/+CRmJGQO6LSoTC62aJ+yUAsR20kw7P/7+E
BfQZm+UBG1mxuKNlu0DIVc+lalakU1fq3SnQmR/b0fNClEv5M7zX//iMOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVmVriCWd6uf4Vbes5w4pEqAUdzMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvbFdaV3VJSlozcTVfaFZ0NnpuRGlrU29CUjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZFMMA0G
CSqGSIb3DQEBCwUAA4IBAQAeEuzO+DgevL3R+qW79ivs2+EnbxXrjDFioXTpTkvl
ChMKQ+wdp2N5jq8mMkJ40urJV7X9IqZbd4y8VxT2uKsMGjQ2dyAEW3VMEjDTZCkA
QYX87inKPGeK9ZKXByejCs5ZhcecT+l2JXPTkFQvZwt2aaMke1fCfHnEoqJ+AWrU
ip6YvtyyaMjosXD0DNs8R5WD/TUPcfvGDd2kjLECMuKChCOEzG2nZvbYQzQyTi0T
cg7fl7B+M0C3lYFbLJ74tW1WKvY8Xxt3bKYD09NGkYdhbESkYQnLUkyWaOPmXg31
kHH42M1WDnS6Ir/qh1Atq9ngM42PAmsB2Tem7uGxhLua
-----END CERTIFICATE-----