This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/Rr66ufKb1MLh9Wv3Z89vKrKFJI0.roa
File:                     Rr66ufKb1MLh9Wv3Z89vKrKFJI0.roa (raw, json)
Hash identifier:          Yiy6bWp1Un5UwdmVbAZxKqnd38OQfcX3Y4LJySknw8Y=
Subject key identifier:   46:BE:BA:B9:F2:9B:D4:C2:E1:F5:6B:F7:67:CF:6F:2A:B2:85:24:8D
Certificate issuer:       /CN=acebf396c9adf94f84dc901656e255ce6d50660c
Certificate serial:       019B7F15A1B4F8B6DA814885E1AE71221B2A
Authority key identifier: AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/Rr66ufKb1MLh9Wv3Z89vKrKFJI0.roa
Signing time:             Fri 02 Jan 2026 14:21:22 +0000
ROA not before:           Fri 02 Jan 2026 14:21:22 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15779
IP address blocks:        194.153.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:a1:b4:f8:b6:da:81:48:85:e1:ae:71:22:1b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acebf396c9adf94f84dc901656e255ce6d50660c
        Validity
            Not Before: Jan  2 14:21:22 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=46bebab9f29bd4c2e1f56bf767cf6f2ab285248d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d1:7c:e8:d5:e8:6c:32:d5:b3:ac:cf:b3:96:
                    55:32:8b:ed:15:89:35:9c:64:af:08:e3:05:85:70:
                    2c:d4:86:f8:bb:4e:c2:6e:2c:03:c6:b2:df:41:62:
                    4b:e3:34:84:84:7f:dd:36:ce:df:57:85:79:3e:fe:
                    2a:dd:6b:9e:b6:c5:c2:5d:63:13:ca:f4:01:73:89:
                    91:c3:34:87:87:3a:6a:99:98:69:22:03:9f:31:1f:
                    8c:05:74:0a:17:35:49:89:a2:d5:16:20:88:03:71:
                    ab:34:f4:64:9f:09:65:7b:fb:f4:22:70:5a:86:23:
                    64:94:9f:ef:af:e5:5c:54:a1:ec:03:b0:09:c0:01:
                    91:ea:93:1f:0f:3a:39:81:85:f3:08:24:a7:8e:2d:
                    a2:1e:ce:46:9c:98:aa:9e:2a:b3:e6:3c:53:7f:7a:
                    cd:46:ca:4b:55:86:99:3d:16:7c:78:fa:39:25:b9:
                    ae:95:aa:58:f6:27:c6:0a:02:1a:3e:99:e3:1f:62:
                    9f:8d:4b:0b:59:ae:05:86:1d:fc:aa:47:0d:1c:99:
                    66:11:7c:4a:09:bd:0d:7e:59:55:4e:74:7b:2e:ed:
                    6e:f3:e6:7f:f9:0b:8f:9c:c6:2d:4d:78:4a:5e:ed:
                    76:a3:4a:f4:c3:a4:1d:35:4c:77:d6:41:ba:a4:2b:
                    5d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:BE:BA:B9:F2:9B:D4:C2:E1:F5:6B:F7:67:CF:6F:2A:B2:85:24:8D
            X509v3 Authority Key Identifier:
                keyid:AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/Rr66ufKb1MLh9Wv3Z89vKrKFJI0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.153.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:33:5f:85:3d:4e:b8:0d:5d:2c:65:b5:37:dc:ed:f2:92:98:
         de:5e:3f:c9:96:20:20:95:98:75:66:68:7f:bd:6b:7d:74:1b:
         72:19:89:11:12:64:37:a4:4d:99:d4:02:06:dc:6b:78:cf:17:
         24:a1:2d:62:d4:a8:e1:7e:87:2c:38:44:32:12:21:be:90:21:
         fc:0c:52:23:b5:aa:cd:1f:b0:c9:1b:41:64:d1:68:ce:e5:8a:
         43:15:83:6d:13:47:6e:27:15:82:60:8c:d5:fe:ea:96:fe:d3:
         ef:ad:69:1f:38:f9:15:c1:db:85:d3:f4:76:d8:23:b0:f4:b7:
         5a:56:d3:81:ca:c1:00:74:42:07:bf:71:8f:33:0c:d3:81:3c:
         da:e0:76:36:fb:c2:60:df:62:11:e7:d1:f8:2e:e8:c3:dc:e1:
         f9:9e:03:89:c4:52:1c:81:0f:4c:e5:0c:c6:46:f5:fb:97:d0:
         24:be:cb:0d:06:a2:1e:2c:32:96:60:2b:3f:c9:b6:03:2f:f0:
         6e:b0:17:59:d6:64:98:45:0c:76:fd:d5:33:10:80:ba:15:8e:
         6e:78:b3:a7:ee:ac:cc:07:39:08:d2:99:fe:b2:96:1a:a4:6a:
         f8:a3:a6:b1:0a:28:4a:49:fc:bd:b1:ab:cc:5d:cb:01:96:23:
         79:16:af:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FaG0+LbagUiF4a5xIhsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZWJmMzk2YzlhZGY5NGY4NGRjOTAxNjU2ZTI1NWNlNmQ1
MDY2MGMwHhcNMjYwMTAyMTQyMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmJlYmFiOWYyOWJkNGMyZTFmNTZiZjc2N2NmNmYyYWIyODUyNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dF86NXobDLVs6zPs5ZVMovtFYk1
nGSvCOMFhXAs1Ib4u07CbiwDxrLfQWJL4zSEhH/dNs7fV4V5Pv4q3WuetsXCXWMT
yvQBc4mRwzSHhzpqmZhpIgOfMR+MBXQKFzVJiaLVFiCIA3GrNPRknwlle/v0InBa
hiNklJ/vr+VcVKHsA7AJwAGR6pMfDzo5gYXzCCSnji2iHs5GnJiqniqz5jxTf3rN
RspLVYaZPRZ8ePo5JbmulapY9ifGCgIaPpnjH2KfjUsLWa4Fhh38qkcNHJlmEXxK
Cb0NfllVTnR7Lu1u8+Z/+QuPnMYtTXhKXu12o0r0w6QdNUx31kG6pCtd4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEa+urnym9TC4fVr92fPbyqyhSSNMB8GA1UdIwQY
MBaAFKzr85bJrflPhNyQFlbiVc5tUGYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQt
NDg0N2QzOTNhYjU1LzEvUnI2NnVmS2IxTUxoOVd2M1o4OXZLcktGSkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQtNDg0N2QzOTNhYjU1
LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwplkMA0G
CSqGSIb3DQEBCwUAA4IBAQAQM1+FPU64DV0sZbU33O3ykpjeXj/JliAglZh1Zmh/
vWt9dBtyGYkREmQ3pE2Z1AIG3Gt4zxckoS1i1KjhfocsOEQyEiG+kCH8DFIjtarN
H7DJG0Fk0WjO5YpDFYNtE0duJxWCYIzV/uqW/tPvrWkfOPkVwduF0/R22COw9Lda
VtOBysEAdEIHv3GPMwzTgTza4HY2+8Jg32IR59H4LujD3OH5ngOJxFIcgQ9M5QzG
RvX7l9AkvssNBqIeLDKWYCs/ybYDL/BusBdZ1mSYRQx2/dUzEIC6FY5ueLOn7qzM
BzkI0pn+spYapGr4o6axCihKSfy9savMXcsBliN5Fq+A
-----END CERTIFICATE-----