This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uuSzlVFGLacpdWRdspDvUoR591k.roa
File:                     uuSzlVFGLacpdWRdspDvUoR591k.roa (raw, json)
Hash identifier:          IbU++6Q/frfws9chBt+anSnCmAi0FSUoCVarKQllfC4=
Subject key identifier:   BA:E4:B3:95:51:46:2D:A7:29:75:64:5D:B2:90:EF:52:84:79:F7:59
Certificate issuer:       /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial:       019B783495A583473985CAE8A820427F4B3C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uuSzlVFGLacpdWRdspDvUoR591k.roa
Signing time:             Thu 01 Jan 2026 06:17:50 +0000
ROA not before:           Thu 01 Jan 2026 06:17:50 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211564
IP address blocks:        192.165.11.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:95:a5:83:47:39:85:ca:e8:a8:20:42:7f:4b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
        Validity
            Not Before: Jan  1 06:17:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bae4b39551462da72975645db290ef528479f759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:94:27:ff:60:dc:12:95:ee:8b:f2:fe:c3:4d:
                    dd:ed:76:18:ce:a3:fe:ee:49:91:a3:cf:f5:c9:fa:
                    e1:7f:9a:f3:6e:db:8a:24:b4:52:91:84:50:e8:ba:
                    a4:ed:3f:87:85:82:f4:6d:58:f0:81:a8:f2:c8:a9:
                    9c:6b:b9:95:69:c0:6b:46:41:dd:bc:b5:6f:94:87:
                    d4:34:0a:e0:37:23:6b:70:3c:9b:d6:6e:23:bd:e3:
                    66:9a:7a:54:f3:25:5e:2a:be:8a:76:7b:07:43:ef:
                    27:fa:9c:f0:2a:31:15:1e:6f:4a:6b:4b:d4:d7:d2:
                    47:a7:ef:16:9a:a2:42:ef:3f:fa:cd:fe:e7:37:ed:
                    09:56:8a:af:45:b9:3f:d6:d5:75:d8:32:49:2d:45:
                    44:0a:9d:5a:d2:65:f1:da:c3:7a:41:dd:bb:23:ac:
                    c2:56:3b:33:a2:19:c5:24:7a:de:34:f3:93:7f:b3:
                    b3:d9:d7:ce:ae:f1:28:b7:26:8a:a1:bb:e5:99:cd:
                    43:85:a8:3a:94:e4:23:73:e2:1e:0a:06:ce:cc:95:
                    f9:29:e1:69:b5:b2:f3:81:6a:11:73:5e:b3:8a:94:
                    5d:fd:8a:f4:dd:59:3c:18:21:f9:44:ca:95:4e:bb:
                    0d:65:53:39:6b:98:70:8e:31:76:9c:e3:38:4b:87:
                    7a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E4:B3:95:51:46:2D:A7:29:75:64:5D:B2:90:EF:52:84:79:F7:59
            X509v3 Authority Key Identifier:
                keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uuSzlVFGLacpdWRdspDvUoR591k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.165.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:5f:bd:60:62:ef:87:e9:21:5c:3b:3b:95:5a:d3:07:2d:2b:
         47:55:0c:1b:7d:4b:5b:f9:c5:36:9b:b4:2f:c3:1b:4a:c3:97:
         c3:a9:ed:30:11:e5:a7:b0:81:5c:1d:d1:a7:19:fb:92:d1:a3:
         1c:93:53:88:55:90:7c:12:e9:11:cd:ba:27:4a:4b:30:b1:6a:
         b9:47:1c:7a:b2:85:9a:45:64:87:95:a9:7e:48:cb:e5:fb:ae:
         1b:65:67:6f:4f:26:19:bb:96:29:9c:9b:b4:f9:0d:b5:7a:a4:
         b9:47:62:58:55:b7:32:08:29:39:9c:d0:8a:43:31:68:61:83:
         b8:15:1a:07:c4:7d:ae:13:9f:ae:c5:bb:88:a4:e3:7b:6d:ed:
         2f:e3:f2:22:5c:a1:0b:ba:96:b4:69:0e:b4:89:75:a1:a3:38:
         dd:fe:76:20:d6:64:75:a8:ec:9e:fa:6f:7a:70:80:d7:07:6e:
         9a:d9:3b:22:72:d4:1e:39:f7:30:72:59:16:4e:79:fc:d5:cf:
         d2:01:e8:16:6b:71:06:15:12:e9:37:d4:45:4a:96:a1:c1:54:
         1a:8c:c3:92:20:76:59:19:61:20:fd:89:46:1e:07:3e:e4:91:
         4e:1a:c0:41:21:55:38:90:72:b1:16:65:c2:55:ee:03:34:f6:
         0f:24:1f:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NJWlg0c5hcroqCBCf0s8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMTAxMDYxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU0YjM5NTUxNDYyZGE3Mjk3NTY0NWRiMjkwZWY1Mjg0NzlmNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5Qn/2DcEpXui/L+w03d7XYYzqP+
7kmRo8/1yfrhf5rzbtuKJLRSkYRQ6Lqk7T+HhYL0bVjwgajyyKmca7mVacBrRkHd
vLVvlIfUNArgNyNrcDyb1m4jveNmmnpU8yVeKr6KdnsHQ+8n+pzwKjEVHm9Ka0vU
19JHp+8WmqJC7z/6zf7nN+0JVoqvRbk/1tV12DJJLUVECp1a0mXx2sN6Qd27I6zC
VjszohnFJHreNPOTf7Oz2dfOrvEotyaKobvlmc1Dhag6lOQjc+IeCgbOzJX5KeFp
tbLzgWoRc16zipRd/Yr03Vk8GCH5RMqVTrsNZVM5a5hwjjF2nOM4S4d6/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrks5VRRi2nKXVkXbKQ71KEefdZMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdXVTemxWRkdMYWNwZFdSZHNwRHZVb1I1OTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKULMA0G
CSqGSIb3DQEBCwUAA4IBAQAnX71gYu+H6SFcOzuVWtMHLStHVQwbfUtb+cU2m7Qv
wxtKw5fDqe0wEeWnsIFcHdGnGfuS0aMck1OIVZB8EukRzbonSkswsWq5Rxx6soWa
RWSHlal+SMvl+64bZWdvTyYZu5YpnJu0+Q21eqS5R2JYVbcyCCk5nNCKQzFoYYO4
FRoHxH2uE5+uxbuIpON7be0v4/IiXKELupa0aQ60iXWhozjd/nYg1mR1qOye+m96
cIDXB26a2TsictQeOfcwclkWTnn81c/SAegWa3EGFRLpN9RFSpahwVQajMOSIHZZ
GWEg/YlGHgc+5JFOGsBBIVU4kHKxFmXCVe4DNPYPJB+F
-----END CERTIFICATE-----