This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/iBkluHdof_8F1tiIIeu1IUHVsdo.roa
File:                     iBkluHdof_8F1tiIIeu1IUHVsdo.roa (raw, json)
Hash identifier:          RauoNPl8ybB9uctj5qhY44EnOPIJ7Dn5vhqsB1W7sqI=
Subject key identifier:   88:19:25:B8:77:68:7F:FF:05:D6:D8:88:21:EB:B5:21:41:D5:B1:DA
Certificate issuer:       /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial:       019B775905D2EDD19D34211EF829F1BE837F
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/iBkluHdof_8F1tiIIeu1IUHVsdo.roa
Signing time:             Thu 01 Jan 2026 02:18:01 +0000
ROA not before:           Thu 01 Jan 2026 02:18:01 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     154049
IP address blocks:        84.55.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:05:d2:ed:d1:9d:34:21:1e:f8:29:f1:be:83:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
        Validity
            Not Before: Jan  1 02:18:01 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=881925b877687fff05d6d88821ebb52141d5b1da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a9:0e:8c:2b:c6:c6:5c:95:a4:bb:2e:f5:ea:
                    27:8b:b5:bb:14:ba:b9:e3:7b:19:1c:ca:4b:f9:90:
                    87:7b:c1:bb:af:80:6f:be:f1:bf:fd:4e:2f:89:2f:
                    1d:4e:cb:94:f6:63:ee:a5:1a:f2:82:64:8f:3e:47:
                    16:91:a7:80:85:00:85:b3:29:da:84:b4:12:70:90:
                    cb:37:b7:b5:1e:7f:aa:99:c6:85:c9:2d:25:4b:b2:
                    64:4d:8c:13:90:4b:d5:bd:1d:78:f1:f8:05:fb:24:
                    04:98:25:24:dc:36:42:77:06:85:07:85:9e:2f:7a:
                    f3:bf:29:b4:ee:54:d0:c2:cb:63:ee:9c:8d:3a:b8:
                    59:40:53:c9:b0:d9:90:16:30:5c:89:3b:ad:53:e7:
                    91:a8:60:cb:ef:45:6b:dd:74:b1:3d:59:42:10:41:
                    a8:3e:a9:22:87:a0:3b:c4:4e:d2:a2:fb:cb:1e:cc:
                    c0:a7:7f:dc:7a:71:70:3a:18:53:48:8f:25:5d:7e:
                    23:82:c2:80:38:9f:1a:c0:05:ab:2d:66:12:d2:d3:
                    f7:8b:d1:d2:77:97:9d:28:b7:20:56:97:7a:39:16:
                    34:08:fe:92:c2:e7:a0:16:2b:c1:85:62:fa:2a:41:
                    a1:cf:b7:49:57:a2:79:d9:02:0c:38:e3:62:3b:ac:
                    38:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:19:25:B8:77:68:7F:FF:05:D6:D8:88:21:EB:B5:21:41:D5:B1:DA
            X509v3 Authority Key Identifier:
                keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/iBkluHdof_8F1tiIIeu1IUHVsdo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.55.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:f7:28:c3:64:b9:21:77:12:7d:1c:a6:c7:bc:e1:47:43:33:
         8d:65:5d:ef:73:ea:8a:7a:c7:d6:e0:41:6d:2d:10:47:f4:5e:
         66:a0:c3:a4:0b:6f:f7:5e:d3:35:77:16:e5:ea:9d:80:c7:bf:
         47:1d:35:a1:d2:b7:20:16:bb:47:90:53:a8:7b:71:c8:ca:f4:
         f9:c4:06:80:a7:c2:a2:17:10:2c:64:f2:95:db:23:ec:94:3e:
         e1:a7:19:b0:f4:9f:09:03:e6:6f:17:1b:0d:da:c6:72:9f:c4:
         f3:66:1f:35:b1:eb:f2:d5:b4:b0:92:02:25:59:a3:8b:cd:8b:
         35:df:05:ba:8a:4c:7c:73:32:f6:ca:45:b7:65:a8:75:7e:ca:
         6b:3e:f8:03:4e:42:a5:1a:3d:0d:df:5e:8a:ac:93:2c:27:42:
         35:a5:df:b5:87:0d:e4:91:67:c1:37:e8:72:a7:f6:73:36:a5:
         e4:86:87:7d:ac:98:27:e7:67:a8:7c:43:4d:ff:a3:d1:8f:4f:
         04:93:06:b3:b7:1e:5a:6a:5c:6c:c3:ea:66:79:ba:7d:76:3e:
         eb:4d:ae:2d:c7:e5:7f:5d:70:9a:79:9f:db:37:2d:fd:e0:73:
         a4:53:3d:4f:9c:77:04:f4:75:2e:d9:c5:a0:dd:05:5d:73:7c:
         71:45:be:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WQXS7dGdNCEe+CnxvoN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwMTAxMDIxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE5MjViODc3Njg3ZmZmMDVkNmQ4ODgyMWViYjUyMTQxZDViMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0akOjCvGxlyVpLsu9eoni7W7FLq5
43sZHMpL+ZCHe8G7r4BvvvG//U4viS8dTsuU9mPupRrygmSPPkcWkaeAhQCFsyna
hLQScJDLN7e1Hn+qmcaFyS0lS7JkTYwTkEvVvR148fgF+yQEmCUk3DZCdwaFB4We
L3rzvym07lTQwstj7pyNOrhZQFPJsNmQFjBciTutU+eRqGDL70Vr3XSxPVlCEEGo
Pqkih6A7xE7SovvLHszAp3/cenFwOhhTSI8lXX4jgsKAOJ8awAWrLWYS0tP3i9HS
d5edKLcgVpd6ORY0CP6SwuegFivBhWL6KkGhz7dJV6J52QIMOONiO6w4GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgZJbh3aH//BdbYiCHrtSFB1bHaMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvaUJrbHVIZG9mXzhGMXRpSUlldTFJVUhWc2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVDcOMA0G
CSqGSIb3DQEBCwUAA4IBAQAw9yjDZLkhdxJ9HKbHvOFHQzONZV3vc+qKesfW4EFt
LRBH9F5moMOkC2/3XtM1dxbl6p2Ax79HHTWh0rcgFrtHkFOoe3HIyvT5xAaAp8Ki
FxAsZPKV2yPslD7hpxmw9J8JA+ZvFxsN2sZyn8TzZh81sevy1bSwkgIlWaOLzYs1
3wW6ikx8czL2ykW3Zah1fsprPvgDTkKlGj0N316KrJMsJ0I1pd+1hw3kkWfBN+hy
p/ZzNqXkhod9rJgn52eofENN/6PRj08Ekwaztx5aalxsw+pmebp9dj7rTa4tx+V/
XXCaeZ/bNy394HOkUz1PnHcE9HUu2cWg3QVdc3xxRb6u
-----END CERTIFICATE-----