This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PfsLhCtbvE2n1tsnqd1GEpkMK7Y.roa
File:                     PfsLhCtbvE2n1tsnqd1GEpkMK7Y.roa (raw, json)
Hash identifier:          tGDemrpcgfB44niW2RWNA2HJ8z15etD1aGQVWCC5rpI=
Subject key identifier:   3D:FB:0B:84:2B:5B:BC:4D:A7:D6:DB:27:A9:DD:46:12:99:0C:2B:B6
Certificate issuer:       /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial:       019B7CECE47AFD482619D1F4DCC43AD160C6
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PfsLhCtbvE2n1tsnqd1GEpkMK7Y.roa
Signing time:             Fri 02 Jan 2026 04:17:38 +0000
ROA not before:           Fri 02 Jan 2026 04:17:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212500
IP address blocks:        45.152.50.0/23 maxlen: 24
                          45.152.51.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ec:e4:7a:fd:48:26:19:d1:f4:dc:c4:3a:d1:60:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
        Validity
            Not Before: Jan  2 04:17:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3dfb0b842b5bbc4da7d6db27a9dd4612990c2bb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ea:8c:9d:a9:87:91:57:89:c1:df:21:ff:b9:
                    77:af:7a:a4:a9:34:9c:9b:5c:ce:80:91:79:9f:dd:
                    b8:f5:0f:02:c7:42:20:3a:94:a1:5d:8f:5c:4a:33:
                    64:58:44:4a:82:b7:b4:7b:f5:d4:4d:f5:e4:09:23:
                    b8:e3:a1:21:3f:cb:81:9c:32:c0:ae:04:89:0f:a6:
                    00:a0:ce:b0:ae:e1:59:0a:cc:69:8a:0b:24:c2:8f:
                    fe:ce:51:32:ec:e0:28:95:02:47:8b:84:73:d0:91:
                    26:d6:18:34:df:ae:11:c4:bf:c0:27:89:54:05:0b:
                    5b:e8:c6:17:03:98:b6:6a:ba:d2:16:19:fe:c2:57:
                    4f:a7:45:a5:d0:83:6f:ce:17:58:61:fb:aa:dd:51:
                    ed:30:c4:e4:0b:e7:10:c2:75:80:90:cd:1e:c6:30:
                    e2:08:64:22:d2:46:e6:14:2f:c0:c3:5c:a1:93:30:
                    6a:ac:c6:e6:77:d5:9d:c5:69:de:ba:94:86:24:a2:
                    04:d3:36:55:3f:2c:a9:0c:fa:da:0e:9b:71:0b:a8:
                    71:de:58:90:63:50:87:72:a1:40:55:55:56:99:4b:
                    e9:79:17:a3:18:44:29:f0:47:a4:b7:37:7d:02:37:
                    3e:5c:6b:63:09:52:19:d1:2a:24:a1:d7:19:c4:bd:
                    7e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:FB:0B:84:2B:5B:BC:4D:A7:D6:DB:27:A9:DD:46:12:99:0C:2B:B6
            X509v3 Authority Key Identifier:
                keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PfsLhCtbvE2n1tsnqd1GEpkMK7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:3f:10:19:c5:a1:f0:de:01:fe:6e:b0:88:9b:ce:99:a8:11:
         d2:03:59:bd:0e:ce:30:c5:11:55:b1:06:43:cc:d5:7c:92:f7:
         27:3b:15:14:e3:a0:75:e7:81:e3:3c:10:b7:dc:5d:24:8c:56:
         33:78:4f:fc:45:5c:1b:45:51:ba:eb:32:5a:1f:34:96:99:30:
         f9:a7:d6:ab:2e:0e:af:b1:99:fe:a8:94:bb:8f:55:7f:c4:94:
         94:36:40:b2:0b:b4:e0:75:3a:4d:7b:cb:7b:af:69:b7:bc:72:
         74:45:bc:19:e7:b8:1d:55:f0:46:a9:aa:a8:7c:d2:79:16:a1:
         45:f8:9c:32:50:05:71:be:c6:3a:e2:1e:c8:46:c3:95:dd:9d:
         4a:fe:49:b0:6a:85:f5:c1:85:38:67:d0:c1:6d:d5:14:7b:f2:
         ed:c2:0c:63:af:cf:16:29:b2:d3:ef:f1:5a:6e:22:66:eb:e9:
         af:5b:8d:cd:c1:ea:88:86:21:0f:dd:42:9f:15:48:b8:2a:9b:
         9e:f9:bd:01:a8:40:e2:ab:63:ba:5f:b5:c3:6d:17:54:b6:3d:
         74:b7:33:cd:43:e4:1f:23:51:c1:e4:64:e9:8f:78:3c:3c:36:
         9b:73:6a:40:28:57:1e:c0:c7:34:7b:17:64:0f:71:ef:12:f5:
         35:41:22:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87OR6/UgmGdH03MQ60WDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjYwMTAyMDQxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGZiMGI4NDJiNWJiYzRkYTdkNmRiMjdhOWRkNDYxMjk5MGMyYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuqMnamHkVeJwd8h/7l3r3qkqTSc
m1zOgJF5n9249Q8Cx0IgOpShXY9cSjNkWERKgre0e/XUTfXkCSO446EhP8uBnDLA
rgSJD6YAoM6wruFZCsxpigskwo/+zlEy7OAolQJHi4Rz0JEm1hg0364RxL/AJ4lU
BQtb6MYXA5i2arrSFhn+wldPp0Wl0INvzhdYYfuq3VHtMMTkC+cQwnWAkM0exjDi
CGQi0kbmFC/Aw1yhkzBqrMbmd9WdxWneupSGJKIE0zZVPyypDPraDptxC6hx3liQ
Y1CHcqFAVVVWmUvpeRejGEQp8Eektzd9Ajc+XGtjCVIZ0SokodcZxL1+gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD37C4QrW7xNp9bbJ6ndRhKZDCu2MB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvUGZzTGhDdGJ2RTJuMXRzbnFkMUdFcGtNSzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZgyMA0G
CSqGSIb3DQEBCwUAA4IBAQAePxAZxaHw3gH+brCIm86ZqBHSA1m9Ds4wxRFVsQZD
zNV8kvcnOxUU46B154HjPBC33F0kjFYzeE/8RVwbRVG66zJaHzSWmTD5p9arLg6v
sZn+qJS7j1V/xJSUNkCyC7TgdTpNe8t7r2m3vHJ0RbwZ57gdVfBGqaqofNJ5FqFF
+JwyUAVxvsY64h7IRsOV3Z1K/kmwaoX1wYU4Z9DBbdUUe/Ltwgxjr88WKbLT7/Fa
biJm6+mvW43NweqIhiEP3UKfFUi4Kpue+b0BqEDiq2O6X7XDbRdUtj10tzPNQ+Qf
I1HB5GTpj3g8PDabc2pAKFcewMc0exdkD3HvEvU1QSLP
-----END CERTIFICATE-----