This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/NJ53-rR_xX4WzjhOA9BrYV2nSLM.roa
File:                     NJ53-rR_xX4WzjhOA9BrYV2nSLM.roa (raw, json)
Hash identifier:          QoLJTTNt4EV3su31vq7GYg/U/5yk5wlrs70Rl9FmejU=
Subject key identifier:   34:9E:77:FA:B4:7F:C5:7E:16:CE:38:4E:03:D0:6B:61:5D:A7:48:B3
Certificate issuer:       /CN=ed476a7486b785451293571126c5f9da3ec485d8
Certificate serial:       019B7AC79935CB6D8D4EC6D61F4EB66829BF
Authority key identifier: ED:47:6A:74:86:B7:85:45:12:93:57:11:26:C5:F9:DA:3E:C4:85:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7UdqdIa3hUUSk1cRJsX52j7Ehdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/NJ53-rR_xX4WzjhOA9BrYV2nSLM.roa
Signing time:             Thu 01 Jan 2026 18:17:39 +0000
ROA not before:           Thu 01 Jan 2026 18:17:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2119
IP address blocks:        193.160.28.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/7UdqdIa3hUUSk1cRJsX52j7Ehdg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/7UdqdIa3hUUSk1cRJsX52j7Ehdg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7UdqdIa3hUUSk1cRJsX52j7Ehdg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:99:35:cb:6d:8d:4e:c6:d6:1f:4e:b6:68:29:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed476a7486b785451293571126c5f9da3ec485d8
        Validity
            Not Before: Jan  1 18:17:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=349e77fab47fc57e16ce384e03d06b615da748b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ef:29:86:ed:4c:9a:ac:e3:01:e8:fd:c8:be:
                    d2:cc:ec:85:f5:1e:50:aa:26:ea:72:18:6b:3c:3a:
                    97:e0:a6:f9:4a:b5:37:7f:3c:89:be:9e:67:ad:91:
                    e9:71:a5:ff:52:89:53:20:b8:5b:d2:a4:54:6a:33:
                    ec:a4:d4:be:47:8d:97:db:ed:87:25:1b:9b:d3:72:
                    f4:4c:be:58:ba:e6:54:be:b4:4c:ef:e6:e3:4f:7e:
                    42:ab:d8:82:2a:23:c5:4e:18:c2:8e:91:b9:cb:21:
                    42:ac:17:df:00:ad:79:3a:0b:81:61:64:03:5b:93:
                    f2:33:63:32:86:f4:d4:50:37:f3:9a:f9:db:e0:76:
                    69:c4:cb:64:67:b2:e8:eb:eb:3b:5c:bf:13:e8:5d:
                    70:07:3c:bd:70:dc:e5:68:4b:83:72:bc:0d:50:d4:
                    20:fd:92:48:b2:aa:e5:61:54:bf:9c:32:e5:06:81:
                    0d:b9:7f:4d:b5:54:c1:31:cd:34:90:65:b2:d6:9c:
                    db:62:e9:96:81:57:11:f5:50:d1:40:aa:64:c6:57:
                    68:c3:45:00:78:e7:52:15:84:62:5a:12:cc:21:17:
                    c9:25:ba:64:58:56:4e:0d:c7:7c:28:56:db:d5:03:
                    c6:3d:31:d6:bf:f3:28:13:17:8d:74:bc:b4:78:c0:
                    74:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:9E:77:FA:B4:7F:C5:7E:16:CE:38:4E:03:D0:6B:61:5D:A7:48:B3
            X509v3 Authority Key Identifier:
                keyid:ED:47:6A:74:86:B7:85:45:12:93:57:11:26:C5:F9:DA:3E:C4:85:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7UdqdIa3hUUSk1cRJsX52j7Ehdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/NJ53-rR_xX4WzjhOA9BrYV2nSLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a0147b-058d-4f2d-b603-61f9e54ed239/1/7UdqdIa3hUUSk1cRJsX52j7Ehdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.160.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:ca:ca:06:fe:3f:d4:ce:a5:83:0f:7c:b6:67:1b:cc:f8:be:
         53:a9:a9:79:55:41:5e:7f:8e:5d:cb:62:4c:a3:59:f6:31:0e:
         e2:4a:ef:bc:54:4f:24:90:3e:d0:9f:6d:4b:fb:3c:47:d5:fb:
         56:26:1b:00:09:c0:67:57:a7:8e:45:8f:bb:6a:ac:82:3d:92:
         58:e9:d0:f9:7a:a9:0d:e3:69:67:40:56:3f:6d:e8:07:a4:8d:
         a8:57:aa:9f:5a:a1:5c:3b:d9:86:86:0e:20:45:09:5c:20:6d:
         42:8d:6b:85:99:17:0a:3c:95:cf:f0:27:ed:a6:e6:34:71:d8:
         81:2c:aa:ae:25:b2:fc:a4:49:bc:e9:2d:2f:66:c4:f5:ea:cd:
         c8:47:e0:f1:2c:92:a3:16:e3:f8:fe:80:e6:47:73:95:f5:d7:
         dc:68:d1:f7:78:98:78:01:6f:e7:9c:bc:d3:e6:94:42:01:57:
         b7:77:c4:ab:b8:dc:9a:d0:b7:0d:41:b6:0c:87:42:e4:63:4f:
         cd:fc:0e:23:c8:85:23:62:e9:17:68:52:ac:08:15:6a:34:61:
         25:9e:0a:8f:f7:ac:ee:d4:e1:9a:c6:90:b1:3d:d5:6e:fd:b8:
         9e:5a:1c:91:ee:9f:3d:10:68:08:a9:f9:ae:a7:de:e1:23:03:
         1d:34:3a:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x5k1y22NTsbWH062aCm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNDc2YTc0ODZiNzg1NDUxMjkzNTcxMTI2YzVmOWRhM2Vj
NDg1ZDgwHhcNMjYwMTAxMTgxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDllNzdmYWI0N2ZjNTdlMTZjZTM4NGUwM2QwNmI2MTVkYTc0OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+8phu1MmqzjAej9yL7SzOyF9R5Q
qibqchhrPDqX4Kb5SrU3fzyJvp5nrZHpcaX/UolTILhb0qRUajPspNS+R42X2+2H
JRub03L0TL5YuuZUvrRM7+bjT35Cq9iCKiPFThjCjpG5yyFCrBffAK15OguBYWQD
W5PyM2MyhvTUUDfzmvnb4HZpxMtkZ7Lo6+s7XL8T6F1wBzy9cNzlaEuDcrwNUNQg
/ZJIsqrlYVS/nDLlBoENuX9NtVTBMc00kGWy1pzbYumWgVcR9VDRQKpkxldow0UA
eOdSFYRiWhLMIRfJJbpkWFZODcd8KFbb1QPGPTHWv/MoExeNdLy0eMB0bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSed/q0f8V+Fs44TgPQa2Fdp0izMB8GA1UdIwQY
MBaAFO1HanSGt4VFEpNXESbF+do+xIXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1VkcWRJYTNoVVVTazFjUkpzWDUyajdFaGRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hMDE0N2ItMDU4ZC00ZjJkLWI2MDMt
NjFmOWU1NGVkMjM5LzEvTko1My1yUl94WDRXempoT0E5QnJZVjJuU0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hMDE0N2ItMDU4ZC00ZjJkLWI2MDMtNjFmOWU1NGVkMjM5
LzEvN1VkcWRJYTNoVVVTazFjUkpzWDUyajdFaGRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaAcMA0G
CSqGSIb3DQEBCwUAA4IBAQB+ysoG/j/UzqWDD3y2ZxvM+L5Tqal5VUFef45dy2JM
o1n2MQ7iSu+8VE8kkD7Qn21L+zxH1ftWJhsACcBnV6eORY+7aqyCPZJY6dD5eqkN
42lnQFY/begHpI2oV6qfWqFcO9mGhg4gRQlcIG1CjWuFmRcKPJXP8CftpuY0cdiB
LKquJbL8pEm86S0vZsT16s3IR+DxLJKjFuP4/oDmR3OV9dfcaNH3eJh4AW/nnLzT
5pRCAVe3d8SruNya0LcNQbYMh0LkY0/N/A4jyIUjYukXaFKsCBVqNGElngqP96zu
1OGaxpCxPdVu/bieWhyR7p89EGgIqfmup97hIwMdNDpG
-----END CERTIFICATE-----