This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/cJdPxb0RSH0QMcbmsxnfVVZLI9o.roa
File:                     cJdPxb0RSH0QMcbmsxnfVVZLI9o.roa (raw, json)
Hash identifier:          7Mc+8VOQ2R5S9UUsL5A35++MoKrgCRu3M3X3wsPiNFQ=
Subject key identifier:   70:97:4F:C5:BD:11:48:7D:10:31:C6:E6:B3:19:DF:55:56:4B:23:DA
Certificate issuer:       /CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
Certificate serial:       019B7CEDAB5FAF3A5F612B6057C0BB2977B0
Authority key identifier: B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/cJdPxb0RSH0QMcbmsxnfVVZLI9o.roa
Signing time:             Fri 02 Jan 2026 04:18:29 +0000
ROA not before:           Fri 02 Jan 2026 04:18:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2116
IP address blocks:        185.67.40.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/sK3wWv729l-hmmHDCuT7EcfPJbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/sK3wWv729l-hmmHDCuT7EcfPJbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 19:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:ab:5f:af:3a:5f:61:2b:60:57:c0:bb:29:77:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
        Validity
            Not Before: Jan  2 04:18:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=70974fc5bd11487d1031c6e6b319df55564b23da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8e:a5:a2:a8:f6:7f:f8:03:3b:e2:ec:08:ce:
                    14:28:3d:f1:1e:7a:9c:f0:88:f2:4c:bf:c4:cb:38:
                    24:23:4c:d4:49:d8:56:be:35:b9:cd:54:80:55:d0:
                    72:cb:f6:67:1d:e3:2a:46:29:06:d6:9c:8e:a6:65:
                    b3:3b:eb:64:db:3c:ec:9e:5a:ad:e6:7f:78:2f:6e:
                    b5:c9:c0:b8:b1:39:2e:c8:14:ba:e7:2c:8f:ce:4e:
                    34:a7:46:c2:a1:e9:18:a5:02:6d:ba:7e:0b:3d:c1:
                    46:5a:82:e0:c1:43:cf:11:fc:d2:2b:9e:4e:3c:13:
                    45:8d:3b:d2:ad:b4:a3:9a:38:35:2a:22:4d:28:28:
                    8f:ab:4a:41:6f:68:19:06:b8:68:25:a5:1a:a3:83:
                    46:6b:fd:7d:b4:be:22:6e:5f:5c:7c:7d:59:e2:67:
                    71:28:08:58:c8:45:43:78:79:dc:98:16:b3:0a:1c:
                    6b:65:8c:11:00:61:e6:d9:42:28:29:6f:5c:30:1f:
                    e9:77:df:17:37:e8:ea:e7:ea:3d:40:e6:63:7c:99:
                    1c:60:ee:ee:78:63:4d:ae:cb:c8:cf:5d:90:98:3d:
                    b5:14:36:ad:54:d9:30:0c:4e:39:e5:c8:e4:65:2d:
                    76:22:c7:83:da:c6:d8:7f:d6:fc:8c:9f:ba:b8:70:
                    cc:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:97:4F:C5:BD:11:48:7D:10:31:C6:E6:B3:19:DF:55:56:4B:23:DA
            X509v3 Authority Key Identifier:
                keyid:B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/cJdPxb0RSH0QMcbmsxnfVVZLI9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/sK3wWv729l-hmmHDCuT7EcfPJbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:df:b1:41:94:64:2a:0e:7c:1f:2a:e9:7c:34:0a:39:25:27:
         12:70:87:40:dc:00:c5:e3:61:5e:ce:e2:c7:9a:4f:95:46:af:
         24:a4:bd:01:f8:31:eb:15:09:7f:34:1b:82:58:d0:03:46:15:
         44:e6:08:cc:af:15:42:f6:8a:c2:33:6e:7c:7a:35:06:23:b6:
         68:d3:0f:a6:c9:b6:2f:af:3a:08:73:d3:c5:4f:37:d6:a2:35:
         86:cf:f4:81:93:02:ac:f8:02:f5:41:37:15:77:71:a8:c3:0b:
         e2:67:0d:46:e0:80:98:b3:1f:9c:95:21:0d:82:d8:7b:a4:71:
         2a:70:f8:ac:1d:fd:c5:a1:2a:2a:70:89:fb:e9:01:dc:91:96:
         10:32:7a:fd:3b:79:eb:9a:6b:be:c1:32:2b:0d:21:ee:03:e9:
         d8:37:f4:2f:f6:93:54:df:aa:39:80:e8:de:7c:77:f2:de:4f:
         fc:c7:f6:5b:63:7c:83:bd:83:c6:f3:d0:f6:95:46:ea:3e:f5:
         18:f0:59:19:1d:01:29:2b:25:85:c1:dc:b8:d8:10:7e:8d:d1:
         e1:e8:55:8e:53:d1:1e:d5:22:46:78:0d:54:ce:0d:bf:e0:ac:
         54:09:82:6e:95:1f:17:90:dc:e0:4a:b4:10:d1:ba:e9:89:2b:
         87:33:04:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87atfrzpfYStgV8C7KXewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWRmMDVhZmVmNmY2NWZhMTlhNjFjMzBhZTRmYjExYzdj
ZjI1YjYwHhcNMjYwMTAyMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDk3NGZjNWJkMTE0ODdkMTAzMWM2ZTZiMzE5ZGY1NTU2NGIyM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY6loqj2f/gDO+LsCM4UKD3xHnqc
8IjyTL/EyzgkI0zUSdhWvjW5zVSAVdByy/ZnHeMqRikG1pyOpmWzO+tk2zzsnlqt
5n94L261ycC4sTkuyBS65yyPzk40p0bCoekYpQJtun4LPcFGWoLgwUPPEfzSK55O
PBNFjTvSrbSjmjg1KiJNKCiPq0pBb2gZBrhoJaUao4NGa/19tL4ibl9cfH1Z4mdx
KAhYyEVDeHncmBazChxrZYwRAGHm2UIoKW9cMB/pd98XN+jq5+o9QOZjfJkcYO7u
eGNNrsvIz12QmD21FDatVNkwDE455cjkZS12IseD2sbYf9b8jJ+6uHDMrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCXT8W9EUh9EDHG5rMZ31VWSyPaMB8GA1UdIwQY
MBaAFLCt8Fr+9vZfoZphwwrk+xHHzyW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMt
NWYyZDBlMmFlNzE0LzEvY0pkUHhiMFJTSDBRTWNibXN4bmZWVlpMSTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMtNWYyZDBlMmFlNzE0
LzEvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAh37FBlGQqDnwfKul8NAo5JScScIdA3ADF42FezuLH
mk+VRq8kpL0B+DHrFQl/NBuCWNADRhVE5gjMrxVC9orCM258ejUGI7Zo0w+mybYv
rzoIc9PFTzfWojWGz/SBkwKs+AL1QTcVd3GowwviZw1G4ICYsx+clSENgth7pHEq
cPisHf3FoSoqcIn76QHckZYQMnr9O3nrmmu+wTIrDSHuA+nYN/Qv9pNU36o5gOje
fHfy3k/8x/ZbY3yDvYPG89D2lUbqPvUY8FkZHQEpKyWFwdy42BB+jdHh6FWOU9Ee
1SJGeA1Uzg2/4KxUCYJulR8XkNzgSrQQ0brpiSuHMwR/
-----END CERTIFICATE-----