This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/75TrWgQIlP4CMecW1OW7UU9IZMo.roa
File:                     75TrWgQIlP4CMecW1OW7UU9IZMo.roa (raw, json)
Hash identifier:          caNbijAZLi+KtVhBcZ3qPnTJXoTzawiulVXu3JLB6A4=
Subject key identifier:   EF:94:EB:5A:04:08:94:FE:02:31:E7:16:D4:E5:BB:51:4F:48:64:CA
Certificate issuer:       /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial:       019B7C1232B6824AE33803FA17E6E9385EBA
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/75TrWgQIlP4CMecW1OW7UU9IZMo.roa
Signing time:             Fri 02 Jan 2026 00:18:46 +0000
ROA not before:           Fri 02 Jan 2026 00:18:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15843
IP address blocks:        194.27.192.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 00:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:32:b6:82:4a:e3:38:03:fa:17:e6:e9:38:5e:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
        Validity
            Not Before: Jan  2 00:18:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ef94eb5a040894fe0231e716d4e5bb514f4864ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:2e:3a:97:ad:29:d8:ef:85:7b:26:67:e2:60:
                    85:7f:01:ae:f1:db:18:71:a4:26:d7:81:69:65:ac:
                    ac:36:a3:eb:2e:ac:2d:7e:f1:ae:cc:45:b3:09:9c:
                    cf:40:e7:35:88:c6:38:f0:c9:87:de:bb:f6:ec:27:
                    c4:13:66:91:59:11:24:0d:f3:7a:4a:f7:be:63:eb:
                    bc:ab:62:4b:20:6e:88:4a:bc:dd:72:8c:82:ab:fa:
                    82:97:97:b7:74:d4:83:02:db:b8:1d:8b:bd:7e:d2:
                    3f:24:ca:d9:07:f6:89:1c:80:97:c8:da:a9:f5:0a:
                    36:72:38:0e:4c:99:1a:f6:60:68:71:db:f5:77:7e:
                    ed:ef:2d:89:3d:bb:d2:f5:d6:4b:bd:63:a2:8c:07:
                    7d:40:17:23:ef:2c:bf:5c:8a:f2:39:2e:8a:b8:82:
                    09:f5:65:0c:bb:e1:78:45:63:07:cb:19:8c:6b:da:
                    5f:da:d5:fd:c8:62:67:25:df:18:58:81:06:f1:8b:
                    9d:26:f1:89:62:ce:f7:78:28:2c:55:c4:ba:87:b9:
                    e0:45:cf:a5:a8:9c:78:f3:d6:a6:f5:ce:b9:bd:06:
                    e9:76:01:bd:e9:5d:ec:0f:ae:44:3d:2f:34:24:0f:
                    87:9a:a0:73:de:1a:49:2e:11:08:0f:65:d7:1a:4a:
                    2d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:94:EB:5A:04:08:94:FE:02:31:E7:16:D4:E5:BB:51:4F:48:64:CA
            X509v3 Authority Key Identifier:
                keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/75TrWgQIlP4CMecW1OW7UU9IZMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.27.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:dc:39:a4:47:21:73:b5:9d:c1:02:29:d8:e9:69:fc:d1:9a:
         33:e3:e4:b4:32:74:57:5c:16:d3:ff:7e:df:1a:46:e9:83:b0:
         d8:9e:b7:b2:a8:3b:9e:f1:51:cd:99:f1:5a:fb:fc:42:50:60:
         82:aa:44:2e:b7:c5:d9:06:e7:c9:1e:7d:3f:ba:c7:f0:0b:b9:
         44:24:39:23:93:65:dc:95:5a:bf:d0:d2:b4:e8:9b:3c:01:0e:
         42:a0:d7:e7:56:63:f8:03:a7:f3:6b:a3:c9:8e:90:46:35:af:
         f8:b8:d4:89:e8:30:07:cb:aa:29:75:fb:4d:43:03:79:32:50:
         c0:11:53:6d:d3:5f:19:2e:03:b1:dc:13:65:21:e1:5c:b2:96:
         bd:90:e3:d7:2e:60:4a:f0:60:e8:3d:0a:fe:14:17:bb:6c:32:
         c3:6c:d7:90:d9:eb:c6:89:ab:03:45:03:e3:f2:c8:75:d1:6f:
         db:75:09:76:50:7c:42:e9:66:34:18:96:30:56:9a:45:d4:cc:
         08:18:42:b1:03:a8:a5:16:6b:7f:1d:9e:81:39:8c:58:91:6d:
         ef:e8:e6:a4:21:cb:bf:41:22:31:b3:72:78:c0:d5:74:3c:2c:
         b3:94:3d:8b:17:92:db:3e:94:a7:17:e8:72:0d:d7:40:d4:66:
         fb:ad:e8:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8EjK2gkrjOAP6F+bpOF66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjYwMTAyMDAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjk0ZWI1YTA0MDg5NGZlMDIzMWU3MTZkNGU1YmI1MTRmNDg2NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0C46l60p2O+FeyZn4mCFfwGu8dsY
caQm14FpZaysNqPrLqwtfvGuzEWzCZzPQOc1iMY48MmH3rv27CfEE2aRWREkDfN6
Sve+Y+u8q2JLIG6ISrzdcoyCq/qCl5e3dNSDAtu4HYu9ftI/JMrZB/aJHICXyNqp
9Qo2cjgOTJka9mBocdv1d37t7y2JPbvS9dZLvWOijAd9QBcj7yy/XIryOS6KuIIJ
9WUMu+F4RWMHyxmMa9pf2tX9yGJnJd8YWIEG8YudJvGJYs73eCgsVcS6h7ngRc+l
qJx489am9c65vQbpdgG96V3sD65EPS80JA+HmqBz3hpJLhEID2XXGkotNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+U61oECJT+AjHnFtTlu1FPSGTKMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvNzVUcldnUUlsUDRDTWVjVzFPVzdVVTlJWk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhvAMA0G
CSqGSIb3DQEBCwUAA4IBAQB33DmkRyFztZ3BAinY6Wn80Zoz4+S0MnRXXBbT/37f
Gkbpg7DYnreyqDue8VHNmfFa+/xCUGCCqkQut8XZBufJHn0/usfwC7lEJDkjk2Xc
lVq/0NK06Js8AQ5CoNfnVmP4A6fza6PJjpBGNa/4uNSJ6DAHy6opdftNQwN5MlDA
EVNt018ZLgOx3BNlIeFcspa9kOPXLmBK8GDoPQr+FBe7bDLDbNeQ2evGiasDRQPj
8sh10W/bdQl2UHxC6WY0GJYwVppF1MwIGEKxA6ilFmt/HZ6BOYxYkW3v6OakIcu/
QSIxs3J4wNV0PCyzlD2LF5LbPpSnF+hyDddA1Gb7reh6
-----END CERTIFICATE-----