This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa
File:                     jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa (raw, json)
Hash identifier:          kIr3tsaXSv0n1HwqnJcooiylPmXgSiBfGD9CqML14GU=
Subject key identifier:   8C:1B:D2:1E:E9:64:88:01:4D:66:AF:B5:4B:3F:F5:34:1C:02:E2:0C
Certificate issuer:       /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial:       019B7D5C5CDE3B08710CC59D61E5A36B14CB
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa
Signing time:             Fri 02 Jan 2026 06:19:23 +0000
ROA not before:           Fri 02 Jan 2026 06:19:23 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16347
IP address blocks:        194.0.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 12:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5c:5c:de:3b:08:71:0c:c5:9d:61:e5:a3:6b:14:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
        Validity
            Not Before: Jan  2 06:19:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8c1bd21ee96488014d66afb54b3ff5341c02e20c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ef:ec:b4:df:51:84:c1:04:f5:37:a7:46:93:
                    0b:a4:ce:c2:92:b0:59:82:9d:0b:96:33:28:4c:dd:
                    10:15:39:f7:c1:c4:e0:1e:c5:b6:dc:db:5e:91:72:
                    6e:05:d8:65:85:5c:d6:4f:8a:46:cf:e7:25:82:25:
                    66:89:9b:3f:f5:db:40:51:bb:7b:b3:72:ba:72:38:
                    47:a0:de:fe:e4:a0:91:88:4d:da:e0:68:f2:66:84:
                    37:d6:61:fb:de:89:5c:a8:8a:e9:cc:75:30:2e:0d:
                    63:80:35:d7:21:c2:93:3b:2e:3f:db:4f:ce:e6:63:
                    68:a7:0f:c5:89:80:bd:86:71:42:2b:56:8b:f9:e5:
                    41:ac:62:86:e5:3b:99:89:d8:dd:b0:aa:90:ee:3d:
                    3e:d7:82:a0:ba:b6:a9:52:f4:fd:06:9c:07:8d:91:
                    b9:82:cf:a1:ef:26:2e:cf:a2:28:4e:a4:e7:9e:e3:
                    03:ed:8d:51:b4:e0:e7:66:e7:0e:7d:ed:88:06:f7:
                    57:bf:11:b9:20:70:72:c5:43:88:bb:0d:0f:46:f6:
                    aa:5e:37:17:05:4b:3a:64:fe:ab:7c:24:a4:db:5d:
                    3c:86:08:fe:e3:45:5c:4d:a6:4a:9d:3d:df:c3:8f:
                    7c:37:a6:62:9d:4c:1c:c3:f8:e9:d3:36:ff:a2:fa:
                    ce:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:1B:D2:1E:E9:64:88:01:4D:66:AF:B5:4B:3F:F5:34:1C:02:E2:0C
            X509v3 Authority Key Identifier:
                keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:71:e9:cc:22:b6:f3:00:c4:2d:3f:09:24:15:62:48:57:0c:
         00:98:3c:d4:79:27:c9:eb:85:88:3a:a7:c7:22:22:68:6d:0f:
         f8:7f:3c:d8:ec:42:e2:e6:d3:d7:7e:f8:a0:fc:4e:56:10:a1:
         8f:cc:7d:24:d9:39:55:0e:cf:f5:37:71:af:64:ac:98:4e:6c:
         12:58:10:7f:ef:f2:bc:44:5f:dc:74:6e:1b:45:36:c9:77:c9:
         1a:8d:18:4f:c3:91:3c:9e:de:45:e9:e9:ba:4f:40:33:22:6a:
         f1:a1:57:bd:64:ba:30:33:09:84:3a:b9:69:c0:fe:87:27:c3:
         b7:5f:a5:f5:1c:25:5b:5d:d7:1d:cd:d9:79:1e:bc:8f:11:59:
         e7:ad:df:79:ad:46:65:e1:39:a3:b4:0f:98:84:74:44:9f:af:
         73:bc:42:ab:f2:d4:e9:8e:b6:be:ea:ff:0b:83:92:0a:58:61:
         58:ab:52:e7:f9:1f:65:bb:96:66:eb:0b:dc:cc:85:00:ea:9a:
         9e:7e:0f:3c:80:29:76:ea:ab:7d:f5:5a:82:ea:a1:b8:92:fb:
         ff:27:e1:e4:5d:31:e8:b8:a7:b5:72:64:d4:1b:9e:78:96:89:
         d2:82:a1:2c:4c:8b:fb:8b:48:cb:2d:bc:fa:c5:66:b2:60:9f:
         e6:11:61:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9XFzeOwhxDMWdYeWjaxTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjYwMTAyMDYxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFiZDIxZWU5NjQ4ODAxNGQ2NmFmYjU0YjNmZjUzNDFjMDJlMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO/stN9RhMEE9TenRpMLpM7CkrBZ
gp0LljMoTN0QFTn3wcTgHsW23NtekXJuBdhlhVzWT4pGz+clgiVmiZs/9dtAUbt7
s3K6cjhHoN7+5KCRiE3a4GjyZoQ31mH73olcqIrpzHUwLg1jgDXXIcKTOy4/20/O
5mNopw/FiYC9hnFCK1aL+eVBrGKG5TuZidjdsKqQ7j0+14KgurapUvT9BpwHjZG5
gs+h7yYuz6IoTqTnnuMD7Y1RtODnZucOfe2IBvdXvxG5IHByxUOIuw0PRvaqXjcX
BUs6ZP6rfCSk2108hgj+40VcTaZKnT3fw498N6ZinUwcw/jp0zb/ovrOXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwb0h7pZIgBTWavtUs/9TQcAuIMMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEvakJ2U0h1bGtpQUZOWnEtMVN6XzFOQndDNGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCZMA0G
CSqGSIb3DQEBCwUAA4IBAQCzcenMIrbzAMQtPwkkFWJIVwwAmDzUeSfJ64WIOqfH
IiJobQ/4fzzY7ELi5tPXfvig/E5WEKGPzH0k2TlVDs/1N3GvZKyYTmwSWBB/7/K8
RF/cdG4bRTbJd8kajRhPw5E8nt5F6em6T0AzImrxoVe9ZLowMwmEOrlpwP6HJ8O3
X6X1HCVbXdcdzdl5HryPEVnnrd95rUZl4TmjtA+YhHREn69zvEKr8tTpjra+6v8L
g5IKWGFYq1Ln+R9lu5Zm6wvczIUA6pqefg88gCl26qt99VqC6qG4kvv/J+HkXTHo
uKe1cmTUG554lonSgqEsTIv7i0jLLbz6xWayYJ/mEWHG
-----END CERTIFICATE-----