This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/idDB5SsOi3M4d5YPdc4kaYpnsfY.roa
File:                     idDB5SsOi3M4d5YPdc4kaYpnsfY.roa (raw, json)
Hash identifier:          VzSr4liY8PEx5fC0RMBBlkwvYxH1Ole1oxoZXE3bNBo=
Subject key identifier:   89:D0:C1:E5:2B:0E:8B:73:38:77:96:0F:75:CE:24:69:8A:67:B1:F6
Certificate issuer:       /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial:       019B797E368B511EC304A063DBA2AEF510F8
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/idDB5SsOi3M4d5YPdc4kaYpnsfY.roa
Signing time:             Thu 01 Jan 2026 12:17:53 +0000
ROA not before:           Thu 01 Jan 2026 12:17:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205839
IP address blocks:        89.18.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 21:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:36:8b:51:1e:c3:04:a0:63:db:a2:ae:f5:10:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
        Validity
            Not Before: Jan  1 12:17:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=89d0c1e52b0e8b733877960f75ce24698a67b1f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:34:8d:4e:0c:b1:72:88:9a:fd:80:08:7f:1e:
                    10:2b:cf:53:1b:f9:e9:89:4f:59:5b:25:a5:d8:64:
                    62:13:53:fb:c1:f1:84:80:3c:c9:e9:d9:4c:74:29:
                    c1:ff:e3:57:fb:3d:c8:ff:fa:30:67:04:3b:d2:ae:
                    c9:f6:a4:b4:77:bf:d2:d7:bd:16:db:8c:29:0c:a3:
                    06:98:9c:be:14:67:3e:a5:a2:89:f9:7e:ff:cf:4d:
                    54:88:c7:db:bc:d2:ff:f6:9c:51:e6:db:e0:30:c7:
                    62:5c:5e:2c:4b:10:50:37:5e:af:0d:98:2b:17:65:
                    bd:81:50:ee:33:f8:38:49:db:c4:bd:3b:7e:b7:aa:
                    bd:44:fd:4b:da:48:81:c8:ac:b2:f7:36:b4:70:c4:
                    8a:0c:9a:ea:f6:72:22:af:7c:e6:4c:41:a8:6d:e4:
                    8f:8a:e2:51:59:62:2f:da:31:4d:d2:39:a5:bc:b4:
                    9b:af:7d:5d:71:7f:59:12:cd:7a:b5:be:eb:46:90:
                    59:9b:1c:2d:bd:20:0d:a2:e2:77:7d:4c:df:be:60:
                    72:53:2d:13:15:40:d7:06:8a:8b:fb:83:30:4f:d2:
                    c6:39:a4:d2:49:3f:8c:fa:6a:ad:08:2b:88:99:ac:
                    dd:79:f1:cf:68:f0:0a:3d:09:a5:ef:7e:ae:13:6c:
                    cf:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D0:C1:E5:2B:0E:8B:73:38:77:96:0F:75:CE:24:69:8A:67:B1:F6
            X509v3 Authority Key Identifier:
                keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/idDB5SsOi3M4d5YPdc4kaYpnsfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.18.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:79:44:21:ba:36:05:2a:43:72:09:62:6c:72:bd:84:3a:74:
         23:ee:a7:1f:dc:5e:0a:d5:4b:df:8a:d7:b2:ac:3d:e4:47:0a:
         ab:95:50:02:50:ea:e2:4d:7f:21:13:da:10:5f:3e:ed:15:a4:
         7c:a1:33:27:d2:ce:0b:3a:a6:96:e3:4b:38:b0:01:0f:e1:dd:
         21:ae:36:39:4d:ab:88:c4:cb:d9:f4:c6:d3:05:8d:67:74:75:
         74:e1:93:90:d4:18:4b:2e:ac:45:11:bf:9c:22:d4:e0:14:44:
         50:42:d8:52:7e:de:56:7c:07:db:f2:f5:ff:e8:4c:fb:9f:29:
         cf:65:c1:60:ef:cf:18:ef:bb:b4:da:b6:02:10:47:b4:9f:78:
         1e:6a:cf:d3:7a:58:ea:a4:4b:7c:78:fa:e8:a8:52:b3:62:a9:
         90:20:5e:33:94:fd:b3:f1:1f:c8:61:5d:fb:06:91:e9:08:f5:
         83:5e:37:4a:ba:0f:08:30:42:64:3c:79:b2:91:12:86:f4:cd:
         2d:24:a1:a8:b9:19:80:45:f3:55:1d:a4:b7:16:17:ab:7a:15:
         c7:9e:17:10:73:58:30:5e:e5:49:8c:14:bc:1b:15:35:c0:8a:
         07:80:1c:7e:36:dc:6f:4d:fd:f1:1a:0b:55:84:3c:f1:7a:3c:
         51:1d:c6:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fjaLUR7DBKBj26Ku9RD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjYwMTAxMTIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQwYzFlNTJiMGU4YjczMzg3Nzk2MGY3NWNlMjQ2OThhNjdiMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojSNTgyxcoia/YAIfx4QK89TG/np
iU9ZWyWl2GRiE1P7wfGEgDzJ6dlMdCnB/+NX+z3I//owZwQ70q7J9qS0d7/S170W
24wpDKMGmJy+FGc+paKJ+X7/z01UiMfbvNL/9pxR5tvgMMdiXF4sSxBQN16vDZgr
F2W9gVDuM/g4SdvEvTt+t6q9RP1L2kiByKyy9za0cMSKDJrq9nIir3zmTEGobeSP
iuJRWWIv2jFN0jmlvLSbr31dcX9ZEs16tb7rRpBZmxwtvSANouJ3fUzfvmByUy0T
FUDXBoqL+4MwT9LGOaTSST+M+mqtCCuImazdefHPaPAKPQml736uE2zPeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInQweUrDotzOHeWD3XOJGmKZ7H2MB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvaWREQjVTc09pM000ZDVZUGRjNGthWXBuc2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRK3MA0G
CSqGSIb3DQEBCwUAA4IBAQB7eUQhujYFKkNyCWJscr2EOnQj7qcf3F4K1Uvfitey
rD3kRwqrlVACUOriTX8hE9oQXz7tFaR8oTMn0s4LOqaW40s4sAEP4d0hrjY5TauI
xMvZ9MbTBY1ndHV04ZOQ1BhLLqxFEb+cItTgFERQQthSft5WfAfb8vX/6Ez7nynP
ZcFg788Y77u02rYCEEe0n3geas/TeljqpEt8eProqFKzYqmQIF4zlP2z8R/IYV37
BpHpCPWDXjdKug8IMEJkPHmykRKG9M0tJKGouRmARfNVHaS3FherehXHnhcQc1gw
XuVJjBS8GxU1wIoHgBx+NtxvTf3xGgtVhDzxejxRHca1
-----END CERTIFICATE-----