This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/aBvBIhagv1Eh6Jv4p0LVBwaqyvc.roa
File:                     aBvBIhagv1Eh6Jv4p0LVBwaqyvc.roa (raw, json)
Hash identifier:          dc4tXzkN5KUEUJGZTtTk5sZozulR7ysWSoCkggZPqwU=
Subject key identifier:   68:1B:C1:22:16:A0:BF:51:21:E8:9B:F8:A7:42:D5:07:06:AA:CA:F7
Certificate issuer:       /CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
Certificate serial:       019B7FF29BD21091953084D1C3116633BE37
Authority key identifier: 07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/aBvBIhagv1Eh6Jv4p0LVBwaqyvc.roa
Signing time:             Fri 02 Jan 2026 18:22:44 +0000
ROA not before:           Fri 02 Jan 2026 18:22:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214475
IP address blocks:        77.237.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 00:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:f2:9b:d2:10:91:95:30:84:d1:c3:11:66:33:be:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
        Validity
            Not Before: Jan  2 18:22:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=681bc12216a0bf5121e89bf8a742d50706aacaf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ce:3c:da:45:62:1f:89:22:eb:7e:d1:38:bd:
                    1e:c1:0c:90:82:b4:f9:35:2a:10:15:56:d8:05:48:
                    08:1b:67:2b:a6:f6:f1:90:bb:95:24:1d:81:d2:50:
                    bf:14:9e:ee:62:90:51:00:9c:36:43:92:22:76:8a:
                    86:75:e6:dd:29:e6:0b:e8:cc:d4:c2:bb:01:76:58:
                    10:86:17:6f:2c:84:b6:87:39:1c:47:69:17:00:0c:
                    76:cb:37:77:e3:cd:ff:b5:ca:92:63:98:f3:1a:80:
                    45:f0:6c:1e:2c:1e:ca:c0:91:2d:07:7b:75:31:69:
                    89:67:65:f1:0e:95:44:e4:d3:a7:32:1a:c2:28:a6:
                    33:d6:5a:28:7c:1d:4e:25:d5:90:53:0a:1f:f4:87:
                    a2:71:8a:71:0b:5b:ff:f9:d7:5a:95:5c:03:b1:82:
                    6e:6d:07:b9:e5:85:38:7c:13:8c:f7:ca:1b:02:4d:
                    61:65:08:19:f3:38:47:9c:7b:ff:6d:be:be:fe:5f:
                    16:69:dc:b9:fc:c3:27:6e:bd:be:30:68:50:cd:1f:
                    09:c6:72:cf:3a:9b:b1:4b:3c:c0:87:50:22:f0:5d:
                    54:1e:0d:33:fa:0a:df:30:a6:c2:62:f1:25:e4:d4:
                    57:bf:24:c8:1c:25:e2:79:9a:75:da:42:c6:0d:3d:
                    ab:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:1B:C1:22:16:A0:BF:51:21:E8:9B:F8:A7:42:D5:07:06:AA:CA:F7
            X509v3 Authority Key Identifier:
                keyid:07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/aBvBIhagv1Eh6Jv4p0LVBwaqyvc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.237.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:a1:9b:e8:e3:a4:e8:d5:c0:a9:4a:f4:fa:b4:83:07:bc:fa:
         14:1e:f0:89:0e:93:39:fd:f7:f7:0b:da:10:69:69:af:7d:93:
         23:62:58:f3:98:b2:78:1f:4d:30:4e:f0:d6:82:e6:8c:9c:98:
         9a:10:f7:5f:4f:49:6d:5d:75:5b:f1:86:de:26:47:f2:20:da:
         24:f4:cd:d3:62:82:9d:d7:ef:9c:a9:e0:ca:09:de:a5:f5:7a:
         14:f7:3c:eb:ce:6e:9e:fb:cc:46:86:28:36:7e:39:d3:7e:6c:
         3b:7c:5c:98:ea:36:07:af:70:6b:5e:b4:bd:3b:b3:a6:49:93:
         8d:ca:8a:51:09:75:03:7b:c5:74:7b:c4:7b:9c:04:d4:5b:be:
         9a:ea:e9:1a:21:3b:c6:1b:26:62:59:67:11:98:bc:49:41:df:
         4f:c4:11:08:39:44:d8:cc:40:94:2d:fa:ef:0c:84:b0:af:bd:
         ba:7a:9b:07:43:0e:fc:03:f5:5e:9e:33:f5:fc:a7:6a:bf:5b:
         d9:a7:f7:36:cd:9f:55:bd:6f:92:45:16:95:28:4a:ce:8b:6d:
         84:d8:c5:09:49:36:fb:50:ae:98:40:b6:e4:05:ae:1b:bc:02:
         ae:0a:55:92:03:f0:a7:ed:fe:53:fa:56:68:0f:9d:11:72:44:
         40:02:52:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/8pvSEJGVMITRwxFmM743MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWZkY2Q1ZTk3YWMxYzEwMjQ3OWM5NTRkNWY5MjJiMTI2
Y2JjMTQwHhcNMjYwMTAyMTgyMjQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFiYzEyMjE2YTBiZjUxMjFlODliZjhhNzQyZDUwNzA2YWFjYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns482kViH4ki637ROL0ewQyQgrT5
NSoQFVbYBUgIG2crpvbxkLuVJB2B0lC/FJ7uYpBRAJw2Q5IidoqGdebdKeYL6MzU
wrsBdlgQhhdvLIS2hzkcR2kXAAx2yzd3483/tcqSY5jzGoBF8GweLB7KwJEtB3t1
MWmJZ2XxDpVE5NOnMhrCKKYz1loofB1OJdWQUwof9IeicYpxC1v/+ddalVwDsYJu
bQe55YU4fBOM98obAk1hZQgZ8zhHnHv/bb6+/l8Wady5/MMnbr2+MGhQzR8JxnLP
OpuxSzzAh1Ai8F1UHg0z+grfMKbCYvEl5NRXvyTIHCXieZp12kLGDT2rPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgbwSIWoL9RIeib+KdC1QcGqsr3MB8GA1UdIwQY
MBaAFAev3NXpesHBAkeclU1fkisSbLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEt
ZmY2ODUxNzc3MGU0LzEvYUJ2QkloYWd2MUVoNkp2NHAwTFZCd2FxeXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEtZmY2ODUxNzc3MGU0
LzEvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATe1PMA0G
CSqGSIb3DQEBCwUAA4IBAQAKoZvo46To1cCpSvT6tIMHvPoUHvCJDpM5/ff3C9oQ
aWmvfZMjYljzmLJ4H00wTvDWguaMnJiaEPdfT0ltXXVb8YbeJkfyINok9M3TYoKd
1++cqeDKCd6l9XoU9zzrzm6e+8xGhig2fjnTfmw7fFyY6jYHr3BrXrS9O7OmSZON
yopRCXUDe8V0e8R7nATUW76a6ukaITvGGyZiWWcRmLxJQd9PxBEIOUTYzECULfrv
DISwr726epsHQw78A/VenjP1/Kdqv1vZp/c2zZ9VvW+SRRaVKErOi22E2MUJSTb7
UK6YQLbkBa4bvAKuClWSA/Cn7f5T+lZoD50RckRAAlIz
-----END CERTIFICATE-----