This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ZolgXVRV8VEUAeyL5pcC--uLXDs.roa
File:                     ZolgXVRV8VEUAeyL5pcC--uLXDs.roa (raw, json)
Hash identifier:          OetY+FbtDKCO0/4jYeRdHRkeUVdAxOsZlvKzDDYPGQI=
Subject key identifier:   66:89:60:5D:54:55:F1:51:14:01:EC:8B:E6:97:02:FB:EB:8B:5C:3B
Certificate issuer:       /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial:       019B77C76D725EC20AC0F23557528C0AB290
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ZolgXVRV8VEUAeyL5pcC--uLXDs.roa
Signing time:             Thu 01 Jan 2026 04:18:36 +0000
ROA not before:           Thu 01 Jan 2026 04:18:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215330
IP address blocks:        2a0b:7a80::/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:6d:72:5e:c2:0a:c0:f2:35:57:52:8c:0a:b2:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
        Validity
            Not Before: Jan  1 04:18:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6689605d5455f1511401ec8be69702fbeb8b5c3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:95:38:6c:f5:fe:2c:96:f2:a3:7f:14:c4:67:
                    73:db:c7:ca:f5:91:dd:76:32:39:81:70:b4:bc:c4:
                    d0:2b:9e:75:20:b7:17:c0:b2:47:76:a9:b0:2d:78:
                    78:5d:66:47:02:b7:7e:3a:c1:e0:74:6d:a7:5a:e9:
                    6a:50:2e:91:9c:34:4f:8d:dc:49:91:00:2c:6b:fc:
                    aa:9b:08:29:a8:06:51:42:9c:56:1c:a4:76:31:05:
                    8b:50:72:d7:18:a2:74:de:5a:45:5d:4d:2a:1d:0d:
                    d9:5c:95:bf:0d:62:e8:ff:01:1e:1a:3b:f2:8a:f7:
                    fc:af:eb:11:2a:85:f2:0e:8d:d1:56:63:93:40:2f:
                    8d:1a:a0:07:16:84:a4:d5:4f:de:95:5e:78:08:c3:
                    7d:35:de:6f:2d:64:01:33:ef:98:96:5b:92:d4:94:
                    e7:4e:00:75:cd:1d:0e:b4:bc:68:6e:84:4b:67:31:
                    80:be:a7:0f:7e:db:55:51:1c:29:28:57:a2:c4:7f:
                    54:2a:25:e7:7d:f4:10:b2:2d:34:1c:49:a4:f7:eb:
                    cc:9a:77:1b:e2:9f:a4:fb:8c:a3:8a:5c:8a:91:ed:
                    57:a0:20:aa:e4:63:7e:de:df:2c:20:b1:80:c3:49:
                    fe:4a:9a:a2:b5:30:05:39:1f:85:3e:3b:b8:d7:ec:
                    37:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:89:60:5D:54:55:F1:51:14:01:EC:8B:E6:97:02:FB:EB:8B:5C:3B
            X509v3 Authority Key Identifier:
                keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/ZolgXVRV8VEUAeyL5pcC--uLXDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:7a80::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:b1:7f:31:aa:16:51:d7:d9:aa:5b:42:bb:9b:6d:1f:0d:5d:
         ff:72:b4:a0:76:ae:f6:a3:59:6d:bf:77:3d:a9:76:b3:0f:30:
         b4:62:5e:32:71:4c:d4:4a:06:0c:16:67:02:18:25:d7:94:7f:
         b9:2d:90:b7:59:8a:f1:9a:97:a8:db:7d:a0:f2:ad:85:f8:d8:
         4b:ca:79:80:ce:cf:b7:b3:04:30:13:a1:fd:86:dc:4c:66:1b:
         5a:74:94:34:d2:c8:15:b1:2f:56:46:e5:c2:bc:45:3e:5c:07:
         05:bb:b6:89:2d:77:61:8e:4c:8c:2f:4d:a8:20:81:e6:9c:61:
         da:ba:55:1d:d6:cb:3a:63:97:42:28:93:19:e3:ef:63:6c:c8:
         56:ca:d4:f4:c6:b3:6e:94:f7:bb:9a:99:88:2f:c3:5c:fe:fc:
         a3:62:61:31:12:e0:e6:ba:53:f1:40:43:db:3f:9a:5c:c3:1f:
         8f:46:6f:1a:58:73:71:fc:d4:88:8d:ae:a9:4c:c7:7f:ea:77:
         7c:e0:1f:cb:ad:69:6c:c9:70:30:06:b3:a1:87:fb:69:03:ca:
         c8:11:7d:8a:22:0e:cf:e1:69:11:44:f4:80:73:ba:ab:a6:05:
         e1:87:75:e8:21:4b:8a:d3:cb:2f:59:05:ef:db:f2:3e:e9:9d:
         00:74:c7:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt3x21yXsIKwPI1V1KMCrKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjYwMTAxMDQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg5NjA1ZDU0NTVmMTUxMTQwMWVjOGJlNjk3MDJmYmViOGI1YzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pU4bPX+LJbyo38UxGdz28fK9ZHd
djI5gXC0vMTQK551ILcXwLJHdqmwLXh4XWZHArd+OsHgdG2nWulqUC6RnDRPjdxJ
kQAsa/yqmwgpqAZRQpxWHKR2MQWLUHLXGKJ03lpFXU0qHQ3ZXJW/DWLo/wEeGjvy
ivf8r+sRKoXyDo3RVmOTQC+NGqAHFoSk1U/elV54CMN9Nd5vLWQBM++YlluS1JTn
TgB1zR0OtLxoboRLZzGAvqcPfttVURwpKFeixH9UKiXnffQQsi00HEmk9+vMmncb
4p+k+4yjilyKke1XoCCq5GN+3t8sILGAw0n+SpqitTAFOR+FPju41+w3ywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGaJYF1UVfFRFAHsi+aXAvvri1w7MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvWm9sZ1hWUlY4VkVVQWV5TDVwY0MtLXVMWERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgt6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAU7F/MaoWUdfZqltCu5ttHw1d/3K0oHau9qNZbb93
Pal2sw8wtGJeMnFM1EoGDBZnAhgl15R/uS2Qt1mK8ZqXqNt9oPKthfjYS8p5gM7P
t7MEMBOh/YbcTGYbWnSUNNLIFbEvVkblwrxFPlwHBbu2iS13YY5MjC9NqCCB5pxh
2rpVHdbLOmOXQiiTGePvY2zIVsrU9MazbpT3u5qZiC/DXP78o2JhMRLg5rpT8UBD
2z+aXMMfj0ZvGlhzcfzUiI2uqUzHf+p3fOAfy61pbMlwMAazoYf7aQPKyBF9iiIO
z+FpEUT0gHO6q6YF4Yd16CFLitPLL1kF79vyPumdAHTHxg==
-----END CERTIFICATE-----