This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/escRk3d2NjI3vOhsunfMskewVFU.roa
File:                     escRk3d2NjI3vOhsunfMskewVFU.roa (raw, json)
Hash identifier:          zPSViHW+zBVRTJi3BUxGbJ65sQUAitf2bEnfu5wf6oI=
Subject key identifier:   7A:C7:11:93:77:76:36:32:37:BC:E8:6C:BA:77:CC:B2:47:B0:54:55
Certificate issuer:       /CN=230340d27e4b24f9124977322edb36942e2d160c
Certificate serial:       019A6CFF80F700319EAACA9B4B06601988DB
Authority key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/escRk3d2NjI3vOhsunfMskewVFU.roa
Signing time:             Mon 10 Nov 2025 09:01:15 +0000
ROA not before:           Mon 10 Nov 2025 09:01:15 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     43386
IP address blocks:        81.6.139.0/24 maxlen: 24
                          81.6.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 02:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:6c:ff:80:f7:00:31:9e:aa:ca:9b:4b:06:60:19:88:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=230340d27e4b24f9124977322edb36942e2d160c
        Validity
            Not Before: Nov 10 09:01:15 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7ac711937776363237bce86cba77ccb247b05455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:58:16:54:76:d6:e5:38:73:47:c8:c5:27:34:
                    5e:a8:71:97:05:4e:10:e8:e0:1a:a8:41:2d:9a:9d:
                    78:a7:3b:69:82:f8:75:42:7e:bc:1b:4c:13:c5:ad:
                    d8:3d:24:07:2f:0a:de:32:92:15:0d:ce:13:3e:d5:
                    7c:9f:1d:5d:5b:77:64:b5:01:98:99:66:e2:90:a2:
                    3e:e1:9a:d5:a7:61:25:46:9d:d6:ae:03:df:2f:33:
                    fe:2a:41:44:84:81:ac:ee:63:bf:df:ab:24:10:ac:
                    98:19:7b:9b:82:b0:e5:52:9b:b3:d2:53:4f:6b:39:
                    e9:37:43:71:96:04:42:4b:93:c5:b9:5a:fd:e8:fb:
                    47:c2:7f:5d:01:45:27:62:ca:75:f7:17:4d:f9:01:
                    81:cb:af:6e:76:dc:43:a2:3e:cd:a1:17:7f:17:4c:
                    39:37:f2:87:40:4c:5d:59:38:93:d1:26:a2:a6:dd:
                    43:55:45:11:27:7a:60:d6:9a:5f:2d:53:81:02:e9:
                    97:03:30:ef:f9:b6:3d:b6:18:d1:da:48:6d:76:34:
                    b1:ce:70:76:21:1d:cb:e6:35:89:22:4f:c1:0f:0c:
                    06:bd:b7:a8:63:70:3b:08:94:9b:e4:87:2b:15:d4:
                    f4:b1:ae:d6:f1:86:48:ab:46:61:25:37:2a:72:0a:
                    f1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C7:11:93:77:76:36:32:37:BC:E8:6C:BA:77:CC:B2:47:B0:54:55
            X509v3 Authority Key Identifier:
                keyid:23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/escRk3d2NjI3vOhsunfMskewVFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.6.139.0-81.6.140.255

    Signature Algorithm: sha256WithRSAEncryption
         98:f4:fa:33:f2:f8:e6:51:20:c8:f8:5e:cc:e1:56:1a:b1:de:
         90:83:a6:94:a5:ef:04:17:f8:a7:35:cb:a0:10:c5:64:85:c6:
         6e:e0:3d:02:ce:0e:f8:92:9b:ab:ae:79:7f:3e:f0:bb:1d:90:
         7c:18:56:20:e1:aa:ca:2e:a5:4c:df:1a:64:76:5c:43:fd:90:
         9e:87:4b:9d:07:1f:90:32:bb:14:47:9f:3e:16:27:2f:2b:2f:
         2c:27:0e:c6:fa:57:15:ea:9d:04:1d:01:d4:73:d9:86:f0:f5:
         53:b1:aa:70:43:8f:bf:26:7a:59:90:0f:dd:0a:c9:fc:21:0d:
         a6:36:e9:25:64:28:58:fc:81:08:71:77:26:6c:8b:bf:d5:0f:
         1d:a1:87:00:44:61:52:fc:31:5a:eb:ce:0b:46:ee:46:22:c1:
         70:96:e6:34:97:80:25:2b:13:8b:2b:af:66:02:3a:fc:f2:e7:
         4e:22:8a:03:e3:17:66:86:bb:14:0c:d7:f2:6e:47:18:fc:30:
         62:7f:a2:36:ae:0a:23:d7:d0:ae:8b:d4:e1:26:77:3b:a4:83:
         c2:d7:6b:0b:cc:8b:2e:96:25:ac:68:48:11:31:9c:2c:51:01:
         a8:d8:18:64:d8:b7:ba:94:82:0e:af:f8:38:21:6d:41:d7:64:
         35:42:c8:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZps/4D3ADGeqsqbSwZgGYjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDM0MGQyN2U0YjI0ZjkxMjQ5NzczMjJlZGIzNjk0MmUy
ZDE2MGMwHhcNMjUxMTEwMDkwMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM3MTE5Mzc3NzYzNjMyMzdiY2U4NmNiYTc3Y2NiMjQ3YjA1NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylgWVHbW5ThzR8jFJzReqHGXBU4Q
6OAaqEEtmp14pztpgvh1Qn68G0wTxa3YPSQHLwreMpIVDc4TPtV8nx1dW3dktQGY
mWbikKI+4ZrVp2ElRp3WrgPfLzP+KkFEhIGs7mO/36skEKyYGXubgrDlUpuz0lNP
aznpN0NxlgRCS5PFuVr96PtHwn9dAUUnYsp19xdN+QGBy69udtxDoj7NoRd/F0w5
N/KHQExdWTiT0Saipt1DVUURJ3pg1ppfLVOBAumXAzDv+bY9thjR2khtdjSxznB2
IR3L5jWJIk/BDwwGvbeoY3A7CJSb5IcrFdT0sa7W8YZIq0ZhJTcqcgrxjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHrHEZN3djYyN7zobLp3zLJHsFRVMB8GA1UdIwQY
MBaAFCMDQNJ+SyT5Ekl3Mi7bNpQuLRYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAt
YjU3MDkwN2I1OWViLzEvZXNjUmszZDJOakkzdk9oc3VuZk1za2V3VkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAtYjU3MDkwN2I1OWVi
LzEvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABRBosD
BABRBowwDQYJKoZIhvcNAQELBQADggEBAJj0+jPy+OZRIMj4XszhVhqx3pCDppSl
7wQX+Kc1y6AQxWSFxm7gPQLODviSm6uueX8+8LsdkHwYViDhqsoupUzfGmR2XEP9
kJ6HS50HH5AyuxRHnz4WJy8rLywnDsb6VxXqnQQdAdRz2Ybw9VOxqnBDj78melmQ
D90KyfwhDaY26SVkKFj8gQhxdyZsi7/VDx2hhwBEYVL8MVrrzgtG7kYiwXCW5jSX
gCUrE4srr2YCOvzy504iigPjF2aGuxQM1/JuRxj8MGJ/ojauCiPX0K6L1OEmdzuk
g8LXawvMiy6WJaxoSBExnCxRAajYGGTYt7qUgg6v+DghbUHXZDVCyKk=
-----END CERTIFICATE-----