This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/5Njr2mqPF2SIUOGWRVBmVFry3-w.roa
File:                     5Njr2mqPF2SIUOGWRVBmVFry3-w.roa (raw, json)
Hash identifier:          nHGTx1wNDs5K/IAjCY5ZwTLkqSDSDFcvxCbH3GdIFEY=
Subject key identifier:   E4:D8:EB:DA:6A:8F:17:64:88:50:E1:96:45:50:66:54:5A:F2:DF:EC
Certificate issuer:       /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial:       019B7D5B824881D0C0E7F9A161DBFB13983D
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/5Njr2mqPF2SIUOGWRVBmVFry3-w.roa
Signing time:             Fri 02 Jan 2026 06:18:27 +0000
ROA not before:           Fri 02 Jan 2026 06:18:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     395753
IP address blocks:        217.79.162.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5b:82:48:81:d0:c0:e7:f9:a1:61:db:fb:13:98:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
        Validity
            Not Before: Jan  2 06:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e4d8ebda6a8f17648850e196455066545af2dfec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5e:2a:f0:03:b3:58:8f:10:cc:69:ad:7e:a7:
                    72:60:05:10:1a:32:98:81:4c:b5:6a:2b:32:85:e6:
                    9b:52:f9:39:88:b7:f0:6d:13:3c:47:7d:44:af:e0:
                    07:4d:05:97:1a:92:0d:a9:43:c7:77:12:65:d5:08:
                    96:6f:4b:90:4d:71:7a:7b:bb:75:65:cf:fb:89:af:
                    91:48:0d:bc:f2:f3:ee:f5:c3:df:22:c7:87:f7:5d:
                    94:16:eb:90:b9:b4:71:0f:b2:1f:b3:18:76:c2:ab:
                    96:15:ed:5c:f7:6f:38:42:24:18:e1:17:f2:35:13:
                    41:6d:43:80:60:64:f2:b0:34:01:51:65:30:6d:6d:
                    ec:14:01:48:4a:f2:ee:14:61:7f:f6:f4:ce:e0:54:
                    f2:76:8b:29:1e:80:dd:96:bb:19:dd:c1:e2:d2:a7:
                    99:43:53:a6:5a:52:81:a1:82:40:4f:62:e1:e5:09:
                    93:4d:cf:c1:fb:13:08:d7:f5:6d:95:c9:f4:a8:ad:
                    a7:18:e0:2d:8a:2b:a6:82:7b:5c:03:e7:9a:ab:82:
                    6b:f7:29:ad:4a:5b:a4:b8:01:b8:0e:b1:76:c4:b5:
                    f9:42:b9:17:e6:ea:45:dd:da:79:5d:db:9f:b3:de:
                    1a:6e:88:fb:47:bc:ca:3b:c6:ae:6d:5b:70:de:0e:
                    34:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D8:EB:DA:6A:8F:17:64:88:50:E1:96:45:50:66:54:5A:F2:DF:EC
            X509v3 Authority Key Identifier:
                keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/5Njr2mqPF2SIUOGWRVBmVFry3-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.79.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:be:db:4c:4d:e4:78:c5:bb:ba:99:ff:1f:67:68:61:19:51:
         c2:11:56:62:21:73:ef:33:b5:4b:f6:50:52:35:15:7e:d4:8c:
         e5:89:03:b1:9c:b8:24:2e:df:de:84:0e:86:db:34:5d:f7:c4:
         e1:ea:28:b3:b0:d8:95:63:f6:5a:12:4c:ea:e5:ab:57:b5:7c:
         bc:e8:b5:39:45:ac:00:cd:c2:5f:a5:5c:41:35:c5:a4:1b:34:
         9b:0d:d0:f1:d3:e3:68:86:c9:17:f5:e4:94:17:8e:b8:2f:11:
         e0:94:7e:6e:8f:c1:bd:11:a1:e2:25:65:62:4c:2e:09:61:8d:
         78:45:c7:90:c0:26:f4:ed:12:0e:ce:de:88:39:78:b4:87:b6:
         60:72:d4:2c:95:01:b6:7a:49:93:90:c4:db:cf:07:f1:8e:d9:
         03:cd:21:70:4a:a8:7e:f7:25:c5:40:44:39:c1:28:08:41:4a:
         d7:41:b7:da:cb:dc:01:5f:d5:c7:ea:ba:c8:58:ad:95:fe:34:
         a6:f2:95:b7:31:50:4d:40:f5:30:00:33:e1:7c:fe:03:9b:04:
         06:42:90:c2:67:aa:52:7d:98:86:c3:d5:b5:ae:3c:54:87:51:
         49:70:ed:ab:59:f4:e3:75:86:e4:43:78:68:67:51:28:ac:cf:
         0b:7d:fe:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9W4JIgdDA5/mhYdv7E5g9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjYwMTAyMDYxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ4ZWJkYTZhOGYxNzY0ODg1MGUxOTY0NTUwNjY1NDVhZjJkZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl4q8AOzWI8QzGmtfqdyYAUQGjKY
gUy1aisyheabUvk5iLfwbRM8R31Er+AHTQWXGpINqUPHdxJl1QiWb0uQTXF6e7t1
Zc/7ia+RSA288vPu9cPfIseH912UFuuQubRxD7Ifsxh2wquWFe1c9284QiQY4Rfy
NRNBbUOAYGTysDQBUWUwbW3sFAFISvLuFGF/9vTO4FTydospHoDdlrsZ3cHi0qeZ
Q1OmWlKBoYJAT2Lh5QmTTc/B+xMI1/Vtlcn0qK2nGOAtiiumgntcA+eaq4Jr9ymt
SlukuAG4DrF2xLX5QrkX5upF3dp5Xdufs94aboj7R7zKO8aubVtw3g40NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTY69pqjxdkiFDhlkVQZlRa8t/sMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvNU5qcjJtcVBGMlNJVU9HV1JWQm1WRnJ5My13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2U+iMA0G
CSqGSIb3DQEBCwUAA4IBAQBpvttMTeR4xbu6mf8fZ2hhGVHCEVZiIXPvM7VL9lBS
NRV+1IzliQOxnLgkLt/ehA6G2zRd98Th6iizsNiVY/ZaEkzq5atXtXy86LU5RawA
zcJfpVxBNcWkGzSbDdDx0+NohskX9eSUF464LxHglH5uj8G9EaHiJWViTC4JYY14
RceQwCb07RIOzt6IOXi0h7ZgctQslQG2ekmTkMTbzwfxjtkDzSFwSqh+9yXFQEQ5
wSgIQUrXQbfay9wBX9XH6rrIWK2V/jSm8pW3MVBNQPUwADPhfP4DmwQGQpDCZ6pS
fZiGw9W1rjxUh1FJcO2rWfTjdYbkQ3hoZ1EorM8Lff6m
-----END CERTIFICATE-----