This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/uTIQo1iOi6huXk_fCeCJe7xarCY.roa
File:                     uTIQo1iOi6huXk_fCeCJe7xarCY.roa (raw, json)
Hash identifier:          ivcVjW4Q8NkzPjE4iMw0GCYLeKdEXAuPpRYl7NOH1pY=
Subject key identifier:   B9:32:10:A3:58:8E:8B:A8:6E:5E:4F:DF:09:E0:89:7B:BC:5A:AC:26
Certificate issuer:       /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial:       019B78A365C6D789ED1852FEDE9758F16AD1
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/uTIQo1iOi6huXk_fCeCJe7xarCY.roa
Signing time:             Thu 01 Jan 2026 08:18:52 +0000
ROA not before:           Thu 01 Jan 2026 08:18:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     58224
IP address blocks:        109.95.66.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a3:65:c6:d7:89:ed:18:52:fe:de:97:58:f1:6a:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
        Validity
            Not Before: Jan  1 08:18:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b93210a3588e8ba86e5e4fdf09e0897bbc5aac26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b1:c2:6f:03:56:a2:55:03:89:00:73:b6:e3:
                    93:cd:bc:54:c9:79:67:e3:44:be:fb:47:dc:75:c4:
                    49:0f:6e:c7:95:89:be:87:03:4c:67:2e:4f:59:3a:
                    88:e3:bd:91:44:67:69:1a:b9:28:ed:b9:8a:ca:49:
                    ff:a9:fd:ec:bd:73:6a:53:a7:f7:4a:56:91:02:02:
                    cd:fc:0f:86:73:88:a8:ed:69:12:8f:f6:44:c4:97:
                    ef:20:f0:b1:c3:02:e0:e3:89:86:c0:1c:f9:25:0d:
                    90:fa:a3:47:99:ae:bf:b6:11:a3:81:03:58:8f:b6:
                    05:52:9b:af:c2:6f:fa:6f:77:13:30:5b:17:fb:08:
                    f5:8b:c3:64:d8:e9:ab:65:04:f7:45:cd:e3:87:78:
                    cc:0e:e4:89:ae:06:7d:4f:bd:6e:50:6a:e9:78:51:
                    a1:8b:1f:fa:c2:cd:b9:b1:d5:10:c4:27:80:7b:0e:
                    e2:9d:2b:ab:64:fe:fe:96:0f:86:d2:bb:f6:26:65:
                    25:11:63:bc:b0:83:d2:ff:7e:bf:27:4b:77:33:8b:
                    7f:a1:09:e8:fa:f3:74:d6:9c:0c:47:f4:4a:60:0d:
                    6d:de:65:3d:41:31:3b:6e:ca:01:60:0f:74:ad:ec:
                    ef:1d:56:d5:08:42:ea:55:c1:a9:d7:ce:b4:a4:1e:
                    57:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:32:10:A3:58:8E:8B:A8:6E:5E:4F:DF:09:E0:89:7B:BC:5A:AC:26
            X509v3 Authority Key Identifier:
                keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/uTIQo1iOi6huXk_fCeCJe7xarCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.95.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:d4:95:5d:82:1b:2a:1a:e9:32:eb:b2:d6:69:50:66:e4:c3:
         c1:98:e1:ce:b9:52:07:be:6f:5a:f5:ed:9a:c2:2d:bb:b7:72:
         0a:e0:26:33:d9:a5:6b:48:8b:cb:60:41:a7:93:07:20:cb:43:
         a2:c0:6a:78:d1:b9:2d:e9:67:1d:d8:f3:6d:a4:5b:b6:53:21:
         0f:d8:a4:f9:0f:06:d9:1e:c6:f2:49:d6:a2:66:f3:b3:35:a1:
         6e:c9:97:15:7a:72:03:bc:2a:75:7c:b5:db:af:ae:99:52:17:
         66:1c:9d:da:10:1c:07:36:b1:65:61:97:28:59:5f:c2:94:74:
         8e:a9:bd:b8:1c:ce:01:8f:a3:1d:82:c3:45:51:f1:39:d3:45:
         15:d5:87:0a:05:3e:67:d6:a8:8a:82:d3:84:69:06:69:a5:66:
         d3:ba:ec:62:81:e6:4d:d4:68:87:5f:9e:45:f8:87:37:0e:f5:
         77:01:cb:c6:c5:67:a3:19:35:00:63:f3:15:c1:bb:d4:8f:2a:
         66:34:9f:01:75:df:c1:61:76:e2:b9:18:cd:df:ab:72:6b:61:
         a3:65:d2:60:fe:df:6c:aa:ae:fb:7e:2e:75:b6:d3:27:68:39:
         7e:4c:0d:55:63:24:42:e3:89:cd:db:98:3b:54:15:74:76:1b:
         64:04:b1:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4o2XG14ntGFL+3pdY8WrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjYwMTAxMDgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTMyMTBhMzU4OGU4YmE4NmU1ZTRmZGYwOWUwODk3YmJjNWFhYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bHCbwNWolUDiQBztuOTzbxUyXln
40S++0fcdcRJD27HlYm+hwNMZy5PWTqI472RRGdpGrko7bmKykn/qf3svXNqU6f3
SlaRAgLN/A+Gc4io7WkSj/ZExJfvIPCxwwLg44mGwBz5JQ2Q+qNHma6/thGjgQNY
j7YFUpuvwm/6b3cTMFsX+wj1i8Nk2OmrZQT3Rc3jh3jMDuSJrgZ9T71uUGrpeFGh
ix/6ws25sdUQxCeAew7inSurZP7+lg+G0rv2JmUlEWO8sIPS/36/J0t3M4t/oQno
+vN01pwMR/RKYA1t3mU9QTE7bsoBYA90rezvHVbVCELqVcGp1860pB5XvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkyEKNYjouobl5P3wngiXu8WqwmMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvdVRJUW8xaU9pNmh1WGtfZkNlQ0plN3hhckNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbV9CMA0G
CSqGSIb3DQEBCwUAA4IBAQBs1JVdghsqGuky67LWaVBm5MPBmOHOuVIHvm9a9e2a
wi27t3IK4CYz2aVrSIvLYEGnkwcgy0OiwGp40bkt6Wcd2PNtpFu2UyEP2KT5DwbZ
HsbySdaiZvOzNaFuyZcVenIDvCp1fLXbr66ZUhdmHJ3aEBwHNrFlYZcoWV/ClHSO
qb24HM4Bj6MdgsNFUfE500UV1YcKBT5n1qiKgtOEaQZppWbTuuxigeZN1GiHX55F
+Ic3DvV3AcvGxWejGTUAY/MVwbvUjypmNJ8Bdd/BYXbiuRjN36tya2GjZdJg/t9s
qq77fi51ttMnaDl+TA1VYyRC44nN25g7VBV0dhtkBLHf
-----END CERTIFICATE-----