This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/Jul-hlkH3B_yi8db3Xa6bxqhyTY.roa
File:                     Jul-hlkH3B_yi8db3Xa6bxqhyTY.roa (raw, json)
Hash identifier:          LUngNTkp4Q/Zn5TQsP3wRApERFrtYeibr/XkTVutBeY=
Subject key identifier:   26:E9:7E:86:59:07:DC:1F:F2:8B:C7:5B:DD:76:BA:6F:1A:A1:C9:36
Certificate issuer:       /CN=23dd05eb7bd945c65df1873552dcc90cb2e17723
Certificate serial:       019B7CECBB90F46486E2862005117B8AABA1
Authority key identifier: 23:DD:05:EB:7B:D9:45:C6:5D:F1:87:35:52:DC:C9:0C:B2:E1:77:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I90F63vZRcZd8Yc1UtzJDLLhdyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/Jul-hlkH3B_yi8db3Xa6bxqhyTY.roa
Signing time:             Fri 02 Jan 2026 04:17:27 +0000
ROA not before:           Fri 02 Jan 2026 04:17:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200495
IP address blocks:        91.198.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/I90F63vZRcZd8Yc1UtzJDLLhdyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/I90F63vZRcZd8Yc1UtzJDLLhdyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I90F63vZRcZd8Yc1UtzJDLLhdyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ec:bb:90:f4:64:86:e2:86:20:05:11:7b:8a:ab:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23dd05eb7bd945c65df1873552dcc90cb2e17723
        Validity
            Not Before: Jan  2 04:17:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=26e97e865907dc1ff28bc75bdd76ba6f1aa1c936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:f2:82:64:ff:93:95:ea:37:2d:9e:14:3a:e1:
                    40:80:71:f3:44:77:6f:57:14:b3:9f:25:f4:22:6b:
                    0b:79:d4:7f:12:16:8e:25:1f:d1:5d:8d:96:e3:92:
                    55:ef:d0:4b:c7:0e:52:e6:88:fc:dc:29:8b:bf:15:
                    57:f4:37:7f:fa:a7:92:e8:8d:5a:83:1e:61:e2:68:
                    5f:bc:40:60:f9:65:9b:f5:d0:35:12:91:0e:c6:cc:
                    d3:42:6f:14:04:b1:14:fa:56:a4:d3:9a:75:b7:8a:
                    67:d3:17:47:7c:63:38:f9:d1:36:03:cb:a0:38:e6:
                    6a:22:8b:f6:60:ae:00:03:d8:fc:01:82:74:8b:82:
                    1c:27:e9:b8:5c:61:9b:b7:0c:32:31:c5:e0:56:46:
                    53:68:d8:84:3b:30:2c:af:3b:96:6f:f6:6a:21:4a:
                    62:4c:13:85:11:74:08:42:4e:00:76:a6:08:49:7e:
                    44:df:dc:df:a9:6e:cf:a9:49:ea:b6:cf:58:db:ab:
                    45:f1:b9:a2:b4:6f:90:c0:0c:b0:08:c6:5f:6e:b7:
                    4d:ec:59:80:b2:de:8c:7f:ff:8b:02:50:47:8d:75:
                    bf:12:82:47:4c:84:32:bd:8e:33:b1:59:c3:5c:09:
                    d8:0d:5f:ba:73:eb:4d:ac:54:13:77:dd:27:31:c3:
                    4b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:E9:7E:86:59:07:DC:1F:F2:8B:C7:5B:DD:76:BA:6F:1A:A1:C9:36
            X509v3 Authority Key Identifier:
                keyid:23:DD:05:EB:7B:D9:45:C6:5D:F1:87:35:52:DC:C9:0C:B2:E1:77:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I90F63vZRcZd8Yc1UtzJDLLhdyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/Jul-hlkH3B_yi8db3Xa6bxqhyTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b87e50-3510-420e-8bf5-c4a3a0a5a9b1/1/I90F63vZRcZd8Yc1UtzJDLLhdyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:bd:0c:16:ef:50:aa:86:7f:75:a0:44:f9:37:c8:f3:60:55:
         b2:7a:8c:78:61:e2:ff:fb:4e:52:7b:c8:69:d2:6e:79:0e:15:
         2a:e7:85:9f:b7:d2:35:fb:a5:8e:a1:b1:59:4c:5e:9b:fc:ef:
         e4:c8:71:1f:43:3b:de:8e:e0:37:10:12:e8:80:94:57:0e:08:
         e6:e1:34:e4:c9:a3:cb:fb:ab:6d:84:38:75:d8:c6:98:e9:c7:
         af:00:1c:c9:0a:c1:4e:5b:c3:bf:88:61:83:7b:73:80:2c:15:
         6d:9b:f1:cf:0f:ba:ff:8c:9c:36:12:67:41:de:cb:99:a9:04:
         ee:a4:eb:03:53:c9:e1:7b:8b:34:0b:5b:44:79:72:09:ea:dd:
         ba:b5:21:c1:8d:29:b3:d0:0e:db:e0:6c:ef:88:6b:49:1b:db:
         17:e6:09:60:f2:21:03:7f:d1:6c:73:a6:03:c0:8b:8d:a7:e3:
         db:05:5c:ae:a1:08:c0:1b:20:84:2c:c4:20:86:84:df:97:c5:
         ab:26:53:3c:84:3a:c3:71:89:bf:4b:76:26:9e:2a:16:f7:f8:
         66:a8:a0:bf:66:09:cc:c2:0d:fb:e1:d8:0c:a2:b9:6b:7c:d1:
         3e:fd:f6:5a:e3:3d:c2:ac:c6:35:b7:ad:55:22:7f:ff:4d:5f:
         1e:bc:fb:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87LuQ9GSG4oYgBRF7iquhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZGQwNWViN2JkOTQ1YzY1ZGYxODczNTUyZGNjOTBjYjJl
MTc3MjMwHhcNMjYwMTAyMDQxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmU5N2U4NjU5MDdkYzFmZjI4YmM3NWJkZDc2YmE2ZjFhYTFjOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fKCZP+Tleo3LZ4UOuFAgHHzRHdv
VxSznyX0ImsLedR/EhaOJR/RXY2W45JV79BLxw5S5oj83CmLvxVX9Dd/+qeS6I1a
gx5h4mhfvEBg+WWb9dA1EpEOxszTQm8UBLEU+lak05p1t4pn0xdHfGM4+dE2A8ug
OOZqIov2YK4AA9j8AYJ0i4IcJ+m4XGGbtwwyMcXgVkZTaNiEOzAsrzuWb/ZqIUpi
TBOFEXQIQk4AdqYISX5E39zfqW7PqUnqts9Y26tF8bmitG+QwAywCMZfbrdN7FmA
st6Mf/+LAlBHjXW/EoJHTIQyvY4zsVnDXAnYDV+6c+tNrFQTd90nMcNLUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbpfoZZB9wf8ovHW912um8aock2MB8GA1UdIwQY
MBaAFCPdBet72UXGXfGHNVLcyQyy4XcjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTkwRjYzdlpSY1pkOFljMVV0ekpETExoZHlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iODdlNTAtMzUxMC00MjBlLThiZjUt
YzRhM2EwYTVhOWIxLzEvSnVsLWhsa0gzQl95aThkYjNYYTZieHFoeVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iODdlNTAtMzUxMC00MjBlLThiZjUtYzRhM2EwYTVhOWIx
LzEvSTkwRjYzdlpSY1pkOFljMVV0ekpETExoZHlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8a8MA0G
CSqGSIb3DQEBCwUAA4IBAQBevQwW71Cqhn91oET5N8jzYFWyeox4YeL/+05Se8hp
0m55DhUq54Wft9I1+6WOobFZTF6b/O/kyHEfQzvejuA3EBLogJRXDgjm4TTkyaPL
+6tthDh12MaY6cevABzJCsFOW8O/iGGDe3OALBVtm/HPD7r/jJw2EmdB3suZqQTu
pOsDU8nhe4s0C1tEeXIJ6t26tSHBjSmz0A7b4GzviGtJG9sX5glg8iEDf9Fsc6YD
wIuNp+PbBVyuoQjAGyCELMQghoTfl8WrJlM8hDrDcYm/S3YmnioW9/hmqKC/ZgnM
wg374dgMorlrfNE+/fZa4z3CrMY1t61VIn//TV8evPvX
-----END CERTIFICATE-----