This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/Ta8RJhTfDtDSrvIZ66hfAVxkrV4.roa
File:                     Ta8RJhTfDtDSrvIZ66hfAVxkrV4.roa (raw, json)
Hash identifier:          C76g0etT/OIC0z2fgzI8IUCLQgWuRLferJwyCXf5SIw=
Subject key identifier:   4D:AF:11:26:14:DF:0E:D0:D2:AE:F2:19:EB:A8:5F:01:5C:64:AD:5E
Certificate issuer:       /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial:       019BD62A1A289D5164D94D8669DF784C3B0A
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/Ta8RJhTfDtDSrvIZ66hfAVxkrV4.roa
Signing time:             Mon 19 Jan 2026 12:10:41 +0000
ROA not before:           Mon 19 Jan 2026 12:10:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     63199
IP address blocks:        185.56.44.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 09:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:d6:2a:1a:28:9d:51:64:d9:4d:86:69:df:78:4c:3b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
        Validity
            Not Before: Jan 19 12:10:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4daf112614df0ed0d2aef219eba85f015c64ad5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:68:fe:5e:c3:54:e8:e1:cb:c4:bd:28:06:c9:
                    ae:67:26:26:c8:57:1e:a6:92:b4:0e:a9:03:fc:c8:
                    d0:10:91:c3:b9:e3:83:a5:fa:06:88:b8:75:42:1f:
                    99:fe:9d:00:d0:df:9a:31:22:a8:1c:3f:a5:3f:8c:
                    8d:58:5f:da:9d:c7:cd:cc:cf:23:d8:a6:da:19:4d:
                    e3:f7:fa:d9:91:58:43:41:f8:2e:68:19:33:70:6b:
                    bc:95:b3:9e:bd:76:56:5e:fd:1b:b2:e6:5d:d2:66:
                    5e:d0:05:82:3b:13:03:ac:cd:a5:c2:ae:b4:2f:48:
                    3e:77:77:0f:ac:75:27:b2:a2:01:e8:f9:38:77:43:
                    19:b1:16:4d:7f:ce:85:c8:aa:8c:1a:56:65:d3:fb:
                    e8:94:ff:d6:92:37:71:4c:71:e7:23:97:6f:e1:f3:
                    fb:ab:fb:70:3e:8f:4a:ff:aa:76:e6:05:5d:7a:e1:
                    d9:14:6e:1d:7e:a2:b3:bc:f7:7c:05:43:07:cd:a2:
                    f1:f9:87:f5:cd:5c:fb:c1:d7:0f:79:d5:5f:ae:d2:
                    6c:dc:e0:a1:2a:89:a2:63:87:55:92:fa:63:73:34:
                    84:9f:99:7c:b3:71:5a:91:b3:2f:7a:b5:20:b2:43:
                    63:fa:c1:1a:c6:e4:61:42:c5:90:5e:7b:43:48:fb:
                    43:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:AF:11:26:14:DF:0E:D0:D2:AE:F2:19:EB:A8:5F:01:5C:64:AD:5E
            X509v3 Authority Key Identifier:
                keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/Ta8RJhTfDtDSrvIZ66hfAVxkrV4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.56.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:9a:ef:8a:21:fe:f9:05:20:75:a3:b5:bf:2d:ce:9b:72:ea:
         db:cf:f2:ba:dd:89:2d:c9:03:56:28:94:f9:c0:2d:60:b0:fe:
         bd:72:2b:af:66:f3:53:aa:35:82:bb:c6:61:0a:47:ab:e8:25:
         64:82:a4:26:e9:08:f7:73:0b:18:e0:31:5d:9f:ee:40:f7:56:
         d6:3a:bf:75:0f:d6:6f:0c:40:86:73:68:14:71:2d:43:06:95:
         ef:ce:6b:db:ff:75:b2:de:c4:3e:90:35:08:9a:6e:f8:2e:d3:
         fb:ab:0a:3c:1f:4c:b3:dc:15:e9:bd:0f:0f:58:51:ac:56:20:
         4e:05:de:cf:4c:fd:e5:33:4f:d7:cb:4d:6f:7e:68:94:5d:9f:
         1a:98:a5:ab:6f:44:5b:8a:d1:f3:c4:d2:67:dd:67:7f:6e:92:
         21:c6:26:55:4c:5e:f7:1e:83:97:51:00:c6:94:95:d9:7e:ee:
         91:3c:f5:16:1c:42:5a:34:c3:7d:18:fd:09:5c:ad:bf:c8:ae:
         0f:78:a0:d1:84:59:6c:aa:00:0a:1c:c0:a2:e7:47:e2:cf:77:
         51:d2:ef:7b:35:fd:5b:c9:f8:82:62:20:76:dd:27:27:c3:a3:
         19:4a:39:80:95:a3:6e:af:d1:a6:fa:99:c8:09:59:32:2c:a8:
         af:b8:78:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvWKhoonVFk2U2Gad94TDsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjYwMTE5MTIxMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFmMTEyNjE0ZGYwZWQwZDJhZWYyMTllYmE4NWYwMTVjNjRhZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGj+XsNU6OHLxL0oBsmuZyYmyFce
ppK0DqkD/MjQEJHDueODpfoGiLh1Qh+Z/p0A0N+aMSKoHD+lP4yNWF/ancfNzM8j
2KbaGU3j9/rZkVhDQfguaBkzcGu8lbOevXZWXv0bsuZd0mZe0AWCOxMDrM2lwq60
L0g+d3cPrHUnsqIB6Pk4d0MZsRZNf86FyKqMGlZl0/volP/WkjdxTHHnI5dv4fP7
q/twPo9K/6p25gVdeuHZFG4dfqKzvPd8BUMHzaLx+Yf1zVz7wdcPedVfrtJs3OCh
KomiY4dVkvpjczSEn5l8s3FakbMverUgskNj+sEaxuRhQsWQXntDSPtDFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2vESYU3w7Q0q7yGeuoXwFcZK1eMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvVGE4UkpoVGZEdERTcnZJWjY2aGZBVnhrclY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTgsMA0G
CSqGSIb3DQEBCwUAA4IBAQBMmu+KIf75BSB1o7W/Lc6bcurbz/K63YktyQNWKJT5
wC1gsP69ciuvZvNTqjWCu8ZhCker6CVkgqQm6Qj3cwsY4DFdn+5A91bWOr91D9Zv
DECGc2gUcS1DBpXvzmvb/3Wy3sQ+kDUImm74LtP7qwo8H0yz3BXpvQ8PWFGsViBO
Bd7PTP3lM0/Xy01vfmiUXZ8amKWrb0RbitHzxNJn3Wd/bpIhxiZVTF73HoOXUQDG
lJXZfu6RPPUWHEJaNMN9GP0JXK2/yK4PeKDRhFlsqgAKHMCi50fiz3dR0u97Nf1b
yfiCYiB23Scnw6MZSjmAlaNur9Gm+pnICVkyLKivuHi/
-----END CERTIFICATE-----