This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/pnsSYMuSCnD02i5X7aNjfb6KV2Y.roa
File:                     pnsSYMuSCnD02i5X7aNjfb6KV2Y.roa (raw, json)
Hash identifier:          gAxKlvosqMdTFPRmtfb6Fr6F4VKWhUBjaqqguPZxYyQ=
Subject key identifier:   A6:7B:12:60:CB:92:0A:70:F4:DA:2E:57:ED:A3:63:7D:BE:8A:57:66
Certificate issuer:       /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial:       019B77C74F706F6AD8AD4EB1EA638C91A2B1
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/pnsSYMuSCnD02i5X7aNjfb6KV2Y.roa
Signing time:             Thu 01 Jan 2026 04:18:29 +0000
ROA not before:           Thu 01 Jan 2026 04:18:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     59793
IP address blocks:        2a02:d0c2:1::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:4f:70:6f:6a:d8:ad:4e:b1:ea:63:8c:91:a2:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
        Validity
            Not Before: Jan  1 04:18:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a67b1260cb920a70f4da2e57eda3637dbe8a5766
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:6b:28:6a:2f:de:29:3d:6a:e8:64:b5:3b:d1:
                    b7:fa:eb:88:cc:74:d0:1e:82:57:e1:bd:a1:29:69:
                    e3:7f:fb:38:4e:1f:f0:10:26:b5:c3:b7:84:63:5a:
                    a0:68:dd:ea:51:76:7a:6e:bd:94:4e:86:96:fb:d4:
                    df:a6:77:f4:fb:d8:55:0f:48:d1:c6:fd:62:a8:75:
                    79:e3:3d:52:18:15:d9:0f:6c:57:3a:17:4d:10:3b:
                    7c:88:c7:a9:c0:0e:1d:1a:5e:f2:58:51:86:d4:cb:
                    5f:25:87:b9:a1:06:5a:27:5e:1c:80:68:43:bf:04:
                    09:5d:92:14:a3:3f:48:7f:28:e9:cd:f1:d7:b3:bf:
                    a9:a3:9d:e3:35:c8:77:c4:85:44:17:2a:9b:b8:88:
                    f3:de:22:1b:7d:b3:6d:b6:f8:ce:42:05:66:aa:44:
                    e3:ae:b3:0a:71:d0:2c:aa:ec:cd:77:9d:1f:13:0f:
                    bb:7b:eb:7e:41:36:89:b7:3c:31:b1:19:cc:4d:b1:
                    cc:b8:e8:dc:f5:ea:94:e5:dc:26:91:73:a8:48:30:
                    b5:d4:43:eb:bb:fa:43:8b:e9:18:d3:c8:72:d0:75:
                    45:07:04:e3:2a:e9:07:05:65:58:84:7d:ce:9f:b1:
                    70:22:50:03:45:ba:31:29:fe:12:dc:48:2b:1d:43:
                    b9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:7B:12:60:CB:92:0A:70:F4:DA:2E:57:ED:A3:63:7D:BE:8A:57:66
            X509v3 Authority Key Identifier:
                keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/pnsSYMuSCnD02i5X7aNjfb6KV2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:d0c2:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:4d:bb:dc:94:8c:6a:69:16:1f:65:99:69:aa:5c:e4:07:17:
         20:85:00:96:c8:4a:12:49:85:b1:a4:20:a8:1f:37:a6:44:a0:
         f3:ec:fc:5e:bf:6f:63:62:a5:70:b7:fd:63:36:ac:48:4f:7d:
         8e:35:e1:47:d5:62:b3:b7:90:9a:09:0a:85:d7:05:b4:5e:84:
         d8:5f:ec:3b:e0:2b:2a:b5:94:f5:ad:ce:96:ab:e1:d3:7c:de:
         34:8e:0a:e6:3f:a1:43:38:f2:46:e0:b0:08:f3:e3:b6:34:63:
         a2:1c:83:4d:5e:07:f8:c3:0c:31:ab:f1:b3:cf:e0:77:16:ef:
         0a:38:4c:d4:80:1d:2d:52:f4:65:4f:61:e0:25:55:99:55:a4:
         9d:61:93:78:03:c5:d5:2f:cc:5c:33:a8:a1:37:65:22:78:16:
         27:60:8c:64:5b:37:a3:a0:88:b6:12:05:34:fd:9f:cd:92:5c:
         45:6f:54:04:1a:a0:4e:c4:d6:75:af:83:ff:d6:2d:44:06:e3:
         5b:dc:e8:f2:5c:a2:51:d6:5e:dd:1c:99:c5:6f:37:29:e9:a5:
         94:60:9c:af:fd:71:ed:e5:5e:b5:bc:73:43:56:b2:a0:ac:74:
         2d:03:44:19:58:43:da:a3:43:be:18:49:72:bd:fd:cb:c8:55:
         d9:ca:12:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt3x09wb2rYrU6x6mOMkaKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNDVkYWNjODM3Nzk4YzNlNmNmMzFmNGQyNzk0NmEzM2Iw
ZGU2NjEwHhcNMjYwMTAxMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdiMTI2MGNiOTIwYTcwZjRkYTJlNTdlZGEzNjM3ZGJlOGE1NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52soai/eKT1q6GS1O9G3+uuIzHTQ
HoJX4b2hKWnjf/s4Th/wECa1w7eEY1qgaN3qUXZ6br2UToaW+9Tfpnf0+9hVD0jR
xv1iqHV54z1SGBXZD2xXOhdNEDt8iMepwA4dGl7yWFGG1MtfJYe5oQZaJ14cgGhD
vwQJXZIUoz9IfyjpzfHXs7+po53jNch3xIVEFyqbuIjz3iIbfbNttvjOQgVmqkTj
rrMKcdAsquzNd50fEw+7e+t+QTaJtzwxsRnMTbHMuOjc9eqU5dwmkXOoSDC11EPr
u/pDi+kY08hy0HVFBwTjKukHBWVYhH3On7FwIlADRboxKf4S3EgrHUO5lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKZ7EmDLkgpw9NouV+2jY32+ildmMB8GA1UdIwQY
MBaAFBBF2syDd5jD5s8x9NJ5RqM7DeZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEt
OWMxNzRlNTNlNGZlLzEvcG5zU1lNdVNDbkQwMmk1WDdhTmpmYjZLVjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEtOWMxNzRlNTNlNGZl
LzEvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLQwgAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBcTbvclIxqaRYfZZlpqlzkBxcghQCWyEoSSYWx
pCCoHzemRKDz7Pxev29jYqVwt/1jNqxIT32ONeFH1WKzt5CaCQqF1wW0XoTYX+w7
4CsqtZT1rc6Wq+HTfN40jgrmP6FDOPJG4LAI8+O2NGOiHINNXgf4wwwxq/Gzz+B3
Fu8KOEzUgB0tUvRlT2HgJVWZVaSdYZN4A8XVL8xcM6ihN2UieBYnYIxkWzejoIi2
EgU0/Z/NklxFb1QEGqBOxNZ1r4P/1i1EBuNb3OjyXKJR1l7dHJnFbzcp6aWUYJyv
/XHt5V61vHNDVrKgrHQtA0QZWEPao0O+GElyvf3LyFXZyhJ/
-----END CERTIFICATE-----