This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/I2q3ifUktwdWLFVk814q3GS4fWI.roa
File:                     I2q3ifUktwdWLFVk814q3GS4fWI.roa (raw, json)
Hash identifier:          IGOlAHTyV8D50YrVyxyBur7sPUQLiEB5K2gkPY8V5KM=
Subject key identifier:   23:6A:B7:89:F5:24:B7:07:56:2C:55:64:F3:5E:2A:DC:64:B8:7D:62
Certificate issuer:       /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial:       019B7AC87686CE8684446F8BC97A74044A8A
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/I2q3ifUktwdWLFVk814q3GS4fWI.roa
Signing time:             Thu 01 Jan 2026 18:18:36 +0000
ROA not before:           Thu 01 Jan 2026 18:18:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     49796
IP address blocks:        185.129.189.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 18:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:76:86:ce:86:84:44:6f:8b:c9:7a:74:04:4a:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
        Validity
            Not Before: Jan  1 18:18:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=236ab789f524b707562c5564f35e2adc64b87d62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b9:e6:5d:0e:93:4a:91:8a:02:00:61:6a:7b:
                    f5:10:61:f8:66:34:a3:57:dc:6e:69:52:5f:7f:5d:
                    58:2f:b8:77:a5:7a:2a:83:30:7a:29:ae:85:f1:db:
                    7b:0f:32:7a:65:22:2b:f5:60:a9:56:29:e6:92:64:
                    dc:43:c7:32:a5:28:1f:6f:93:9c:1e:6a:bb:a4:33:
                    3d:5b:da:7a:89:33:de:1b:c6:fa:6c:8b:86:8d:d2:
                    4f:c7:54:94:de:20:70:24:08:49:0c:18:9d:2b:21:
                    01:2d:ab:49:77:5d:6c:be:83:79:4d:74:99:a0:3d:
                    3b:5a:a3:34:28:3c:ea:35:7b:48:79:ee:87:ce:65:
                    85:8d:e2:27:5e:14:50:38:9e:46:d3:fd:9b:ee:50:
                    e5:80:5d:7f:26:b7:11:d2:39:4b:17:aa:3e:b7:fe:
                    2e:d0:d2:7d:02:bd:32:7b:f7:6f:3c:62:cb:1e:d4:
                    f4:80:1f:f9:bb:f5:7c:78:79:43:d5:7d:b6:68:9d:
                    41:50:48:a0:d9:f6:26:17:00:ed:55:70:bb:c7:15:
                    c2:2c:61:cb:8f:3a:f9:96:21:eb:b5:c8:b0:0f:5c:
                    0b:a0:f1:68:58:12:73:22:8f:9f:2e:bf:1d:e7:db:
                    b0:8c:02:63:04:4e:23:9d:4c:47:8b:38:02:89:19:
                    8d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:6A:B7:89:F5:24:B7:07:56:2C:55:64:F3:5E:2A:DC:64:B8:7D:62
            X509v3 Authority Key Identifier:
                keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/I2q3ifUktwdWLFVk814q3GS4fWI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:22:44:80:ab:5e:80:88:44:13:ef:3b:35:ae:8e:bb:e5:b2:
         e0:8b:10:a1:03:3c:a2:ca:d9:a6:4c:a6:cd:ab:97:23:94:30:
         ed:5f:e1:fa:b5:09:74:14:44:00:ba:1a:1e:8e:2a:52:13:88:
         d9:51:42:98:e4:6d:61:fa:c5:e4:e0:7b:f5:81:a7:7a:94:ed:
         b9:84:a0:41:55:ed:3f:9f:21:c0:26:be:63:65:ef:29:2f:b3:
         50:38:c6:7b:56:4f:00:02:72:e0:14:21:c5:d5:5d:9b:b1:87:
         4a:a4:84:0f:9e:2d:1c:b3:97:3e:e3:fa:c5:77:66:5b:4f:42:
         10:d0:da:07:18:29:15:48:d1:1a:ee:3e:01:04:e8:62:9f:23:
         98:30:fa:e5:00:fe:17:b8:de:9a:c5:fd:80:c6:46:21:bc:06:
         a3:c2:28:00:cc:3b:df:cb:eb:48:36:f9:6c:9b:82:6a:72:84:
         21:19:20:03:cf:00:20:b2:e1:ed:62:d3:23:22:92:af:5c:e0:
         86:0e:fe:d7:c8:26:14:6c:92:22:41:6e:97:33:ef:7e:83:58:
         bf:cc:96:07:f0:28:6d:92:76:36:85:07:af:15:14:e4:4f:f9:
         cb:1e:9d:43:c7:33:ea:4f:8e:c6:73:6f:c0:e2:0a:bb:15:bb:
         97:62:d2:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yHaGzoaERG+LyXp0BEqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjYwMTAxMTgxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzZhYjc4OWY1MjRiNzA3NTYyYzU1NjRmMzVlMmFkYzY0Yjg3ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrnmXQ6TSpGKAgBhanv1EGH4ZjSj
V9xuaVJff11YL7h3pXoqgzB6Ka6F8dt7DzJ6ZSIr9WCpVinmkmTcQ8cypSgfb5Oc
Hmq7pDM9W9p6iTPeG8b6bIuGjdJPx1SU3iBwJAhJDBidKyEBLatJd11svoN5TXSZ
oD07WqM0KDzqNXtIee6HzmWFjeInXhRQOJ5G0/2b7lDlgF1/JrcR0jlLF6o+t/4u
0NJ9Ar0ye/dvPGLLHtT0gB/5u/V8eHlD1X22aJ1BUEig2fYmFwDtVXC7xxXCLGHL
jzr5liHrtciwD1wLoPFoWBJzIo+fLr8d59uwjAJjBE4jnUxHizgCiRmNFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNqt4n1JLcHVixVZPNeKtxkuH1iMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvSTJxM2lmVWt0d2RXTEZWazgxNHEzR1M0ZldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYG9MA0G
CSqGSIb3DQEBCwUAA4IBAQBuIkSAq16AiEQT7zs1ro675bLgixChAzyiytmmTKbN
q5cjlDDtX+H6tQl0FEQAuhoejipSE4jZUUKY5G1h+sXk4Hv1gad6lO25hKBBVe0/
nyHAJr5jZe8pL7NQOMZ7Vk8AAnLgFCHF1V2bsYdKpIQPni0cs5c+4/rFd2ZbT0IQ
0NoHGCkVSNEa7j4BBOhinyOYMPrlAP4XuN6axf2AxkYhvAajwigAzDvfy+tINvls
m4JqcoQhGSADzwAgsuHtYtMjIpKvXOCGDv7XyCYUbJIiQW6XM+9+g1i/zJYH8Cht
knY2hQevFRTkT/nLHp1DxzPqT47Gc2/A4gq7FbuXYtI/
-----END CERTIFICATE-----