This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/k1f4H5R1t7ioWxpD9zQTzDGVw34.roa
File:                     k1f4H5R1t7ioWxpD9zQTzDGVw34.roa (raw, json)
Hash identifier:          UazRYiujjVi7Q1FCel0edXG5MOLygjSQmvy3K0uCobk=
Subject key identifier:   93:57:F8:1F:94:75:B7:B8:A8:5B:1A:43:F7:34:13:CC:31:95:C3:7E
Certificate issuer:       /CN=a588604d25b87b82fd1259dfe294cd8fb9ff49b4
Certificate serial:       019B78342F9D754D32523F77B60981DF5B5C
Authority key identifier: A5:88:60:4D:25:B8:7B:82:FD:12:59:DF:E2:94:CD:8F:B9:FF:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/k1f4H5R1t7ioWxpD9zQTzDGVw34.roa
Signing time:             Thu 01 Jan 2026 06:17:24 +0000
ROA not before:           Thu 01 Jan 2026 06:17:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     20853
IP address blocks:        91.216.224.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:2f:9d:75:4d:32:52:3f:77:b6:09:81:df:5b:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a588604d25b87b82fd1259dfe294cd8fb9ff49b4
        Validity
            Not Before: Jan  1 06:17:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9357f81f9475b7b8a85b1a43f73413cc3195c37e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:db:61:08:68:ab:29:19:cd:06:7b:eb:61:fc:
                    9a:b7:db:0f:3c:a8:07:b4:d5:13:da:78:3e:84:82:
                    c8:a0:40:49:cc:b8:c8:aa:1b:49:60:27:a7:37:20:
                    b9:a2:a9:01:48:f5:17:16:c5:9d:81:84:48:ba:59:
                    c5:da:9a:2b:8a:b6:3f:f7:14:7a:21:3d:b8:a4:bb:
                    43:0b:99:e1:7a:53:50:8e:7e:ef:57:83:1a:98:f0:
                    3f:53:fa:ae:d1:d4:55:eb:ea:64:81:13:27:23:17:
                    16:15:68:44:5a:7e:84:e9:21:7e:2b:d5:c3:63:4e:
                    6c:9f:4e:6b:9b:8c:6f:86:0d:77:c2:1f:a4:da:e7:
                    bc:f0:74:01:5e:55:84:55:8c:d8:7a:db:54:83:03:
                    72:b3:1f:23:53:d6:86:f9:29:e1:e1:65:27:47:72:
                    1c:01:55:0a:8d:f1:d8:04:cf:65:95:27:00:98:bb:
                    cc:46:a2:a8:0f:54:69:4e:5b:d6:96:a1:e0:c6:86:
                    22:0e:0b:4b:16:dc:61:b1:88:98:c2:09:6a:82:37:
                    12:db:ee:a9:1d:0e:95:6d:5a:01:d7:8c:f1:eb:45:
                    3c:2b:f0:68:00:91:10:25:d5:de:d1:ce:64:29:52:
                    1b:30:64:4c:c0:de:c3:30:2c:a9:5a:26:9d:be:d1:
                    94:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:57:F8:1F:94:75:B7:B8:A8:5B:1A:43:F7:34:13:CC:31:95:C3:7E
            X509v3 Authority Key Identifier:
                keyid:A5:88:60:4D:25:B8:7B:82:FD:12:59:DF:E2:94:CD:8F:B9:FF:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/k1f4H5R1t7ioWxpD9zQTzDGVw34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:f6:be:15:a4:e4:33:16:6f:a7:a6:ac:15:c5:e5:e0:fe:cf:
         c7:99:11:6d:12:39:28:52:7f:4a:7b:f8:dc:6c:f8:a5:0a:87:
         47:bc:07:52:a2:a4:c9:96:4c:51:c2:b9:bb:94:b0:14:56:49:
         3b:77:7d:01:a4:ea:20:29:f2:28:9e:24:6c:df:d3:da:86:b5:
         c8:63:36:5a:93:67:ae:06:f0:04:b5:eb:9e:b5:60:ca:61:a9:
         8b:34:95:26:cd:3b:be:cd:a4:e9:41:73:cd:c0:a5:c9:bf:ef:
         a2:50:be:46:c2:b5:8f:3e:25:60:4a:0e:1b:93:3b:47:d0:90:
         21:ac:04:d6:50:34:41:91:43:f8:09:86:bd:fc:2e:b6:0a:93:
         bc:4c:62:c6:d7:ce:86:68:ec:d0:ce:7c:18:e0:0c:da:f4:34:
         e4:ec:3e:35:08:53:05:bb:9a:f7:9f:1c:1d:1e:a9:ae:28:8c:
         20:40:c4:77:bb:49:bf:09:74:d8:32:7c:2a:ab:af:99:c9:c3:
         62:0c:1c:46:94:e9:fd:8b:4c:10:17:d6:cd:6c:44:00:51:7d:
         ad:06:3e:64:08:f2:e7:6b:df:aa:69:79:32:db:2e:e2:da:4c:
         31:63:89:0f:11:2a:b4:f0:85:8c:1e:b9:72:b3:1e:d7:92:27:
         cb:e2:28:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NC+ddU0yUj93tgmB31tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODg2MDRkMjViODdiODJmZDEyNTlkZmUyOTRjZDhmYjlm
ZjQ5YjQwHhcNMjYwMTAxMDYxNzI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzU3ZjgxZjk0NzViN2I4YTg1YjFhNDNmNzM0MTNjYzMxOTVjMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtthCGirKRnNBnvrYfyat9sPPKgH
tNUT2ng+hILIoEBJzLjIqhtJYCenNyC5oqkBSPUXFsWdgYRIulnF2porirY/9xR6
IT24pLtDC5nhelNQjn7vV4MamPA/U/qu0dRV6+pkgRMnIxcWFWhEWn6E6SF+K9XD
Y05sn05rm4xvhg13wh+k2ue88HQBXlWEVYzYettUgwNysx8jU9aG+Snh4WUnR3Ic
AVUKjfHYBM9llScAmLvMRqKoD1RpTlvWlqHgxoYiDgtLFtxhsYiYwglqgjcS2+6p
HQ6VbVoB14zx60U8K/BoAJEQJdXe0c5kKVIbMGRMwN7DMCypWiadvtGUiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNX+B+Udbe4qFsaQ/c0E8wxlcN+MB8GA1UdIwQY
MBaAFKWIYE0luHuC/RJZ3+KUzY+5/0m0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFloZ1RTVzRlNEw5RWxuZjRwVE5qN25fU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81MTBhNGUtNjZlZi00ZGMxLTgwM2It
MjBkZGRiYzEyODFkLzEvazFmNEg1UjF0N2lvV3hwRDl6UVR6REdWdzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81MTBhNGUtNjZlZi00ZGMxLTgwM2ItMjBkZGRiYzEyODFk
LzEvcFloZ1RTVzRlNEw5RWxuZjRwVE5qN25fU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9jgMA0G
CSqGSIb3DQEBCwUAA4IBAQCD9r4VpOQzFm+npqwVxeXg/s/HmRFtEjkoUn9Ke/jc
bPilCodHvAdSoqTJlkxRwrm7lLAUVkk7d30BpOogKfIoniRs39PahrXIYzZak2eu
BvAEteuetWDKYamLNJUmzTu+zaTpQXPNwKXJv++iUL5GwrWPPiVgSg4bkztH0JAh
rATWUDRBkUP4CYa9/C62CpO8TGLG186GaOzQznwY4Aza9DTk7D41CFMFu5r3nxwd
HqmuKIwgQMR3u0m/CXTYMnwqq6+ZycNiDBxGlOn9i0wQF9bNbEQAUX2tBj5kCPLn
a9+qaXky2y7i2kwxY4kPESq08IWMHrlysx7XkifL4igo
-----END CERTIFICATE-----