This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/4FbUQPbInKsJV6tUxAOCJ09zMtA.roa
File:                     4FbUQPbInKsJV6tUxAOCJ09zMtA.roa (raw, json)
Hash identifier:          XDmbXmDYXHXEEVlnrPjHgOg48u89KTGeW87AL4CNgDM=
Subject key identifier:   E0:56:D4:40:F6:C8:9C:AB:09:57:AB:54:C4:03:82:27:4F:73:32:D0
Certificate issuer:       /CN=ae6f18416d7d470aa04ad00bca57683c789d854d
Certificate serial:       019B7F8322118EF64DEFE85A42512651B49B
Authority key identifier: AE:6F:18:41:6D:7D:47:0A:A0:4A:D0:0B:CA:57:68:3C:78:9D:85:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rm8YQW19RwqgStALyldoPHidhU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/4FbUQPbInKsJV6tUxAOCJ09zMtA.roa
Signing time:             Fri 02 Jan 2026 16:20:58 +0000
ROA not before:           Fri 02 Jan 2026 16:20:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3303
IP address blocks:        193.73.242.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/rm8YQW19RwqgStALyldoPHidhU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/rm8YQW19RwqgStALyldoPHidhU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rm8YQW19RwqgStALyldoPHidhU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:83:22:11:8e:f6:4d:ef:e8:5a:42:51:26:51:b4:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae6f18416d7d470aa04ad00bca57683c789d854d
        Validity
            Not Before: Jan  2 16:20:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e056d440f6c89cab0957ab54c40382274f7332d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a0:6d:92:80:7a:2b:ee:39:04:0b:4e:b8:e1:
                    af:21:4b:c6:d6:d0:62:06:a7:52:fe:16:c9:ec:80:
                    e9:80:7c:86:3c:cd:7c:48:ba:61:75:52:6b:b0:5f:
                    83:5a:8b:b6:bc:38:80:45:c7:25:d2:3b:56:2f:d5:
                    00:93:3b:d3:e8:b0:bc:54:bd:02:3d:84:19:bb:3c:
                    ab:fe:d9:26:6f:ba:78:ca:75:d3:bc:2c:1f:10:5e:
                    96:4c:9c:ce:77:61:36:eb:17:12:88:c4:b5:9d:26:
                    8a:d5:fc:80:32:59:dc:61:5b:37:34:bd:a1:c0:cc:
                    cf:20:9e:8f:04:31:b0:05:20:54:b6:29:9d:94:70:
                    97:f5:63:79:30:96:7d:85:9a:31:0c:3f:ca:35:ff:
                    be:9d:a1:24:a1:1f:7e:96:37:48:54:81:ae:db:14:
                    fa:eb:e9:52:20:99:6d:b5:34:13:f3:e9:48:7c:b6:
                    11:1d:c1:8d:5a:9d:d0:b9:6a:3b:38:06:04:ba:6a:
                    00:4d:fd:87:61:f3:a4:6f:32:0d:45:ab:4a:b8:b2:
                    ed:d1:26:b8:41:a6:80:6b:34:ba:46:12:5d:29:6a:
                    05:78:11:39:b4:64:51:7a:27:d9:4e:d7:27:ca:75:
                    74:36:85:22:35:31:1a:f4:58:d2:11:32:a4:7c:bb:
                    88:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:56:D4:40:F6:C8:9C:AB:09:57:AB:54:C4:03:82:27:4F:73:32:D0
            X509v3 Authority Key Identifier:
                keyid:AE:6F:18:41:6D:7D:47:0A:A0:4A:D0:0B:CA:57:68:3C:78:9D:85:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rm8YQW19RwqgStALyldoPHidhU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/4FbUQPbInKsJV6tUxAOCJ09zMtA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97d97e-6de9-4332-b4df-06e54dd92171/1/rm8YQW19RwqgStALyldoPHidhU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.73.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a8:69:72:63:b2:e7:62:ef:4c:10:5d:9e:05:04:e1:83:e2:bb:
         94:84:74:05:1a:dd:1f:0c:31:ea:53:f5:b8:e2:05:70:2b:3d:
         ab:c8:9b:73:e7:70:0d:b4:14:77:7d:4e:bf:2f:b0:d4:35:71:
         b7:ef:5a:35:1a:a1:56:c8:e4:15:d7:b5:d1:7b:26:fb:06:9c:
         70:90:71:8a:3c:74:0d:a3:1c:2f:dc:32:63:23:7a:e1:eb:39:
         ba:f1:f4:88:76:11:60:c8:11:b0:f1:9e:ab:d1:d0:92:b0:a1:
         2a:c5:a8:14:7c:6c:5f:e6:db:25:e2:91:c2:d9:f6:02:42:b6:
         22:f0:28:75:06:9d:a7:4f:77:33:50:f5:9f:42:af:e4:74:64:
         12:0b:47:09:e1:b9:e9:42:b3:48:68:be:1f:b1:7f:fb:3f:a1:
         e1:ce:94:f6:71:91:95:e7:fb:24:6b:f3:f6:94:c8:33:6a:db:
         7a:d0:2a:4a:30:cd:5b:77:78:64:ad:26:7c:ac:51:50:21:3a:
         6a:bf:ca:4b:16:a4:44:7e:56:8b:0b:86:09:e8:7e:49:e1:ef:
         aa:6b:e8:f0:12:20:43:c6:47:d4:d0:cc:38:5c:dc:03:ea:bd:
         2d:f7:98:f6:e3:63:d3:bf:45:16:d2:60:d3:39:63:2b:0e:de:
         27:c1:f4:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gyIRjvZN7+haQlEmUbSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNmYxODQxNmQ3ZDQ3MGFhMDRhZDAwYmNhNTc2ODNjNzg5
ZDg1NGQwHhcNMjYwMTAyMTYyMDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDU2ZDQ0MGY2Yzg5Y2FiMDk1N2FiNTRjNDAzODIyNzRmNzMzMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqBtkoB6K+45BAtOuOGvIUvG1tBi
BqdS/hbJ7IDpgHyGPM18SLphdVJrsF+DWou2vDiARccl0jtWL9UAkzvT6LC8VL0C
PYQZuzyr/tkmb7p4ynXTvCwfEF6WTJzOd2E26xcSiMS1nSaK1fyAMlncYVs3NL2h
wMzPIJ6PBDGwBSBUtimdlHCX9WN5MJZ9hZoxDD/KNf++naEkoR9+ljdIVIGu2xT6
6+lSIJlttTQT8+lIfLYRHcGNWp3QuWo7OAYEumoATf2HYfOkbzINRatKuLLt0Sa4
QaaAazS6RhJdKWoFeBE5tGRReifZTtcnynV0NoUiNTEa9FjSETKkfLuI3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBW1ED2yJyrCVerVMQDgidPczLQMB8GA1UdIwQY
MBaAFK5vGEFtfUcKoErQC8pXaDx4nYVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm04WVFXMTlSd3FnU3RBTHlsZG9QSGlkaFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2Q5N2UtNmRlOS00MzMyLWI0ZGYt
MDZlNTRkZDkyMTcxLzEvNEZiVVFQYkluS3NKVjZ0VXhBT0NKMDl6TXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2Q5N2UtNmRlOS00MzMyLWI0ZGYtMDZlNTRkZDkyMTcx
LzEvcm04WVFXMTlSd3FnU3RBTHlsZG9QSGlkaFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwUnyMA0G
CSqGSIb3DQEBCwUAA4IBAQCoaXJjsudi70wQXZ4FBOGD4ruUhHQFGt0fDDHqU/W4
4gVwKz2ryJtz53ANtBR3fU6/L7DUNXG371o1GqFWyOQV17XReyb7BpxwkHGKPHQN
oxwv3DJjI3rh6zm68fSIdhFgyBGw8Z6r0dCSsKEqxagUfGxf5tsl4pHC2fYCQrYi
8Ch1Bp2nT3czUPWfQq/kdGQSC0cJ4bnpQrNIaL4fsX/7P6HhzpT2cZGV5/ska/P2
lMgzatt60CpKMM1bd3hkrSZ8rFFQITpqv8pLFqREflaLC4YJ6H5J4e+qa+jwEiBD
xkfU0Mw4XNwD6r0t95j242PTv0UW0mDTOWMrDt4nwfRN
-----END CERTIFICATE-----