This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xNYCxmHksH6qLZTwSfQRVO-v8gs.roa
File:                     xNYCxmHksH6qLZTwSfQRVO-v8gs.roa (raw, json)
Hash identifier:          mKM6CU+BxlAKG+xcl8Ymb8m0ux3SlTWN5QBNwQ7SXFk=
Subject key identifier:   C4:D6:02:C6:61:E4:B0:7E:AA:2D:94:F0:49:F4:11:54:EF:AF:F2:0B
Certificate issuer:       /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial:       019B7F15C540A26D58199AACC6EFD2BB3CDB
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xNYCxmHksH6qLZTwSfQRVO-v8gs.roa
Signing time:             Fri 02 Jan 2026 14:21:31 +0000
ROA not before:           Fri 02 Jan 2026 14:21:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208726
IP address blocks:        195.77.242.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:c5:40:a2:6d:58:19:9a:ac:c6:ef:d2:bb:3c:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
        Validity
            Not Before: Jan  2 14:21:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c4d602c661e4b07eaa2d94f049f41154efaff20b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c9:7c:8d:af:b6:93:13:a6:2c:8c:18:98:4b:
                    7c:79:fd:3d:ce:9d:d8:28:f2:ee:30:f2:0d:65:11:
                    2f:65:35:cc:86:17:46:ee:f0:a6:83:df:c6:cb:48:
                    6e:45:ab:c7:a5:a4:cb:3c:45:62:b3:9d:1f:0b:68:
                    81:a5:a5:0a:fd:f1:8a:00:12:ff:79:f3:0a:23:4d:
                    75:ae:2d:51:e7:66:59:77:55:88:77:d9:63:f8:5b:
                    91:9a:39:e4:06:82:05:3e:41:6d:c6:1b:db:7c:0e:
                    aa:94:bb:47:a6:08:c7:5b:77:9e:63:43:9d:06:ef:
                    fd:31:9a:fa:0d:18:d5:91:82:79:9f:a7:27:d3:1d:
                    dc:54:23:8a:8c:b4:10:71:33:ac:9e:72:3b:b8:0e:
                    c7:3f:d7:0b:09:73:ee:96:4a:ce:5a:dc:a7:b0:18:
                    1b:8f:6c:99:cb:4e:78:c0:53:c9:93:2e:51:e2:95:
                    84:05:51:91:74:e3:c7:e4:f3:d6:23:49:3c:b4:37:
                    95:e7:8f:82:1d:53:38:dc:55:af:60:29:e4:ed:86:
                    db:ec:b0:3f:b6:09:a0:e7:a5:94:2f:34:26:63:3e:
                    5e:9b:c1:b0:06:df:4b:7c:cf:fd:1f:58:f7:3b:0f:
                    1c:79:c5:81:50:12:e2:ec:bf:8e:43:c0:04:4c:4b:
                    e5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:D6:02:C6:61:E4:B0:7E:AA:2D:94:F0:49:F4:11:54:EF:AF:F2:0B
            X509v3 Authority Key Identifier:
                keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xNYCxmHksH6qLZTwSfQRVO-v8gs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.77.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:73:40:6d:dc:02:98:9a:b1:01:72:30:a8:96:60:fb:f5:05:
         cf:6c:76:3e:11:47:a7:18:f0:b9:6a:42:c2:c8:4b:29:4e:a0:
         2f:93:37:e2:e1:b6:a8:9b:a7:99:a5:83:f4:52:19:c0:22:7b:
         37:b3:aa:b3:bc:0b:c3:15:4a:8f:35:a1:e3:df:64:6b:73:6b:
         52:17:5e:bd:c5:d5:11:35:ff:88:71:40:ba:a4:34:ac:59:c4:
         6f:d6:cb:4d:db:d2:04:e0:4b:ce:6b:1a:90:0e:e9:28:fa:90:
         fe:70:2e:05:18:aa:a9:29:4c:de:7d:c0:af:c9:f2:f6:03:e6:
         65:96:45:27:12:c3:0d:d5:cd:86:68:ae:58:4c:79:75:d8:ed:
         bc:85:bf:53:9a:d9:3e:82:45:62:5f:5c:01:23:0d:9f:79:8f:
         fc:64:34:64:c9:c7:22:83:2d:43:f5:a2:ca:06:c8:17:5b:f7:
         ae:a7:c0:a8:6d:ff:55:ca:fc:3b:1b:93:92:2e:75:64:15:a2:
         c4:76:dc:af:6b:6a:4f:c4:9d:68:5e:9c:bc:36:cd:af:9a:89:
         51:59:60:63:95:e3:83:47:8b:e1:11:0e:02:fd:aa:2a:c3:3c:
         fc:a9:44:11:7e:d6:52:c7:f6:00:5d:67:1c:4e:4b:75:47:32:
         a8:d7:cb:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FcVAom1YGZqsxu/SuzzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjYwMTAyMTQyMTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ2MDJjNjYxZTRiMDdlYWEyZDk0ZjA0OWY0MTE1NGVmYWZmMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcl8ja+2kxOmLIwYmEt8ef09zp3Y
KPLuMPINZREvZTXMhhdG7vCmg9/Gy0huRavHpaTLPEVis50fC2iBpaUK/fGKABL/
efMKI011ri1R52ZZd1WId9lj+FuRmjnkBoIFPkFtxhvbfA6qlLtHpgjHW3eeY0Od
Bu/9MZr6DRjVkYJ5n6cn0x3cVCOKjLQQcTOsnnI7uA7HP9cLCXPulkrOWtynsBgb
j2yZy054wFPJky5R4pWEBVGRdOPH5PPWI0k8tDeV54+CHVM43FWvYCnk7Ybb7LA/
tgmg56WULzQmYz5em8GwBt9LfM/9H1j3Ow8cecWBUBLi7L+OQ8AETEvlCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTWAsZh5LB+qi2U8En0EVTvr/ILMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEveE5ZQ3htSGtzSDZxTFpUd1NmUVJWTy12OGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw03yMA0G
CSqGSIb3DQEBCwUAA4IBAQAAc0Bt3AKYmrEBcjColmD79QXPbHY+EUenGPC5akLC
yEspTqAvkzfi4baom6eZpYP0UhnAIns3s6qzvAvDFUqPNaHj32Rrc2tSF169xdUR
Nf+IcUC6pDSsWcRv1stN29IE4EvOaxqQDuko+pD+cC4FGKqpKUzefcCvyfL2A+Zl
lkUnEsMN1c2GaK5YTHl12O28hb9Tmtk+gkViX1wBIw2feY/8ZDRkyccigy1D9aLK
BsgXW/eup8Cobf9Vyvw7G5OSLnVkFaLEdtyva2pPxJ1oXpy8Ns2vmolRWWBjleOD
R4vhEQ4C/aoqwzz8qUQRftZSx/YAXWccTkt1RzKo18se
-----END CERTIFICATE-----