This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/sbNZ4_gtOeuNBI2OMUGnYKyVZnc.roa
File:                     sbNZ4_gtOeuNBI2OMUGnYKyVZnc.roa (raw, json)
Hash identifier:          FU3HAHLK7PKxgkhKQZVUjDiWif3ooKAbB6Pzr2fCyJI=
Subject key identifier:   B1:B3:59:E3:F8:2D:39:EB:8D:04:8D:8E:31:41:A7:60:AC:95:66:77
Certificate issuer:       /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial:       019B79108074C97178A962817BD9C5E26BCB
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/sbNZ4_gtOeuNBI2OMUGnYKyVZnc.roa
Signing time:             Thu 01 Jan 2026 10:18:03 +0000
ROA not before:           Thu 01 Jan 2026 10:18:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     18994
IP address blocks:        62.73.169.48/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 Jan 2026 03:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:80:74:c9:71:78:a9:62:81:7b:d9:c5:e2:6b:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
        Validity
            Not Before: Jan  1 10:18:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b1b359e3f82d39eb8d048d8e3141a760ac956677
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b7:e1:04:fc:26:50:8d:5d:6d:a7:3e:9a:5c:
                    1d:d0:19:f7:a7:83:9a:4d:c1:c7:31:0c:66:19:3f:
                    89:d9:69:b3:ad:d3:a7:5c:8d:f7:7b:2d:3f:ba:83:
                    f7:11:ac:66:2a:56:1e:4b:8e:93:55:c8:a4:04:0a:
                    79:0c:5d:65:c2:a8:18:c5:bd:d8:84:53:fe:76:31:
                    06:83:6f:ee:bf:c2:1c:ea:af:12:8d:a4:f9:20:b9:
                    97:63:c8:22:8d:d0:63:8a:55:2e:48:ed:df:52:43:
                    72:ee:9a:a7:4c:02:77:d2:b5:e5:d1:03:0b:3e:69:
                    37:93:9a:b7:8d:b5:34:f4:fb:a2:d7:12:07:dc:80:
                    b1:64:02:56:99:aa:bf:ac:57:7a:3e:c0:cd:78:cb:
                    46:30:0f:eb:e7:7e:47:ec:57:0c:93:a7:0a:2d:ee:
                    96:7f:e3:1b:20:fd:35:d0:44:91:8d:07:b0:f4:7f:
                    a6:e3:a3:42:66:1f:8b:06:4a:38:fb:1b:9e:5b:d7:
                    67:ea:2a:f9:01:99:a5:56:9e:c2:aa:cd:fd:4c:76:
                    ce:cd:3f:93:a0:5c:e8:3a:92:0f:4f:84:b5:51:06:
                    2a:9e:4b:41:c3:0b:c2:06:f1:71:b2:4e:f5:16:88:
                    b7:8e:47:7b:1a:6d:f5:92:6e:e4:48:a3:50:b5:6e:
                    9a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:B3:59:E3:F8:2D:39:EB:8D:04:8D:8E:31:41:A7:60:AC:95:66:77
            X509v3 Authority Key Identifier:
                keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/sbNZ4_gtOeuNBI2OMUGnYKyVZnc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.73.169.48/29

    Signature Algorithm: sha256WithRSAEncryption
         a0:2c:f2:19:ef:55:e8:00:41:40:ea:5d:e1:61:eb:40:d6:c2:
         b2:07:ab:f1:e9:cc:47:d8:ef:58:ac:0c:a6:6d:d4:84:a5:a1:
         43:cc:58:e6:25:73:28:1d:69:86:40:96:5d:8c:96:9f:c5:17:
         51:ab:52:f4:ef:97:03:d3:23:35:4f:fe:37:92:17:d7:e8:77:
         da:b0:e8:e8:66:23:39:9b:77:4d:46:9f:e8:df:7b:87:3e:39:
         25:61:b3:b6:5e:a9:b1:63:56:42:7a:64:37:f1:31:87:d2:f4:
         d2:de:89:f9:25:62:54:78:3d:e8:fe:a6:46:cc:3f:bb:c7:90:
         b0:02:64:0e:be:21:24:52:bf:14:8a:cf:35:33:72:24:11:cf:
         1d:66:29:26:58:64:36:ae:ee:fd:e2:df:81:f5:a4:25:e8:c7:
         09:7a:05:4c:8c:d0:a4:5d:68:f5:b0:39:7d:af:ba:4b:8d:e6:
         ee:37:4b:56:5e:b8:2f:7e:23:36:77:80:be:c3:da:97:b0:21:
         d3:ae:76:48:7b:8f:af:f7:4d:f2:7c:e9:c9:66:9c:67:4d:ab:
         31:4c:16:1d:b2:bf:08:be:13:97:f9:48:27:9f:20:ff:05:85:
         37:b2:8c:b9:3a:70:20:06:01:2a:05:cb:34:5f:d5:09:ba:87:
         0e:a3:0a:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt5EIB0yXF4qWKBe9nF4mvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjYwMTAxMTAxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIzNTllM2Y4MmQzOWViOGQwNDhkOGUzMTQxYTc2MGFjOTU2Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbfhBPwmUI1dbac+mlwd0Bn3p4Oa
TcHHMQxmGT+J2WmzrdOnXI33ey0/uoP3EaxmKlYeS46TVcikBAp5DF1lwqgYxb3Y
hFP+djEGg2/uv8Ic6q8SjaT5ILmXY8gijdBjilUuSO3fUkNy7pqnTAJ30rXl0QML
Pmk3k5q3jbU09Pui1xIH3ICxZAJWmaq/rFd6PsDNeMtGMA/r535H7FcMk6cKLe6W
f+MbIP010ESRjQew9H+m46NCZh+LBko4+xueW9dn6ir5AZmlVp7Cqs39THbOzT+T
oFzoOpIPT4S1UQYqnktBwwvCBvFxsk71Foi3jkd7Gm31km7kSKNQtW6aBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLGzWeP4LTnrjQSNjjFBp2CslWZ3MB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvc2JOWjRfZ3RPZXVOQkkyT01VR25ZS3lWWm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUDPkmpMDAN
BgkqhkiG9w0BAQsFAAOCAQEAoCzyGe9V6ABBQOpd4WHrQNbCsger8enMR9jvWKwM
pm3UhKWhQ8xY5iVzKB1phkCWXYyWn8UXUatS9O+XA9MjNU/+N5IX1+h32rDo6GYj
OZt3TUaf6N97hz45JWGztl6psWNWQnpkN/Exh9L00t6J+SViVHg96P6mRsw/u8eQ
sAJkDr4hJFK/FIrPNTNyJBHPHWYpJlhkNq7u/eLfgfWkJejHCXoFTIzQpF1o9bA5
fa+6S43m7jdLVl64L34jNneAvsPal7Ah0652SHuPr/dN8nzpyWacZ02rMUwWHbK/
CL4Tl/lIJ58g/wWFN7KMuTpwIAYBKgXLNF/VCbqHDqMKAg==
-----END CERTIFICATE-----