This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/MipuBL2VGxmcxz7-wPC6PIvzlC0.roa
File:                     MipuBL2VGxmcxz7-wPC6PIvzlC0.roa (raw, json)
Hash identifier:          pbdG1q6RrelOu8y48wOuYlZBSQEt24vc2iBxdFAT4TY=
Subject key identifier:   32:2A:6E:04:BD:95:1B:19:9C:C7:3E:FE:C0:F0:BA:3C:8B:F3:94:2D
Certificate issuer:       /CN=d048afb72fc98326773c5ee1fb4052fe7d9f0c68
Certificate serial:       019B7CEDC696964BE91D2FE8901F4EEF33A0
Authority key identifier: D0:48:AF:B7:2F:C9:83:26:77:3C:5E:E1:FB:40:52:FE:7D:9F:0C:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Eivty_JgyZ3PF7h-0BS_n2fDGg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/MipuBL2VGxmcxz7-wPC6PIvzlC0.roa
Signing time:             Fri 02 Jan 2026 04:18:36 +0000
ROA not before:           Fri 02 Jan 2026 04:18:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     1136
IP address blocks:        194.104.194.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/0Eivty_JgyZ3PF7h-0BS_n2fDGg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/0Eivty_JgyZ3PF7h-0BS_n2fDGg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Eivty_JgyZ3PF7h-0BS_n2fDGg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 20:39:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:c6:96:96:4b:e9:1d:2f:e8:90:1f:4e:ef:33:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d048afb72fc98326773c5ee1fb4052fe7d9f0c68
        Validity
            Not Before: Jan  2 04:18:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=322a6e04bd951b199cc73efec0f0ba3c8bf3942d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:09:6c:ea:1e:5d:da:46:07:b7:c7:55:c7:0e:
                    81:d1:87:58:a1:a8:46:90:12:d4:bf:8b:59:eb:d0:
                    70:67:d9:a7:9f:49:b3:3f:c4:47:f3:68:34:31:6d:
                    2c:e9:f8:e3:71:3c:72:15:3a:95:99:e9:6d:dc:7a:
                    b9:4f:8e:1b:d4:45:79:26:05:0a:70:7b:04:2a:46:
                    7c:72:a4:1e:c1:74:d7:38:eb:29:8e:87:40:4d:11:
                    58:ae:47:cf:dc:90:57:7b:7c:b6:76:76:c8:9b:13:
                    9d:20:2f:26:1f:90:f4:55:af:e7:de:16:31:eb:fc:
                    ab:1d:3a:4d:07:c7:ff:72:e1:bd:6e:5c:95:4d:4f:
                    c3:ec:0e:70:c4:ec:c2:1d:79:11:d6:c4:4f:65:3d:
                    e9:99:f6:cd:72:b9:03:b5:25:db:7b:a3:23:72:4a:
                    75:a3:88:49:38:b2:19:0b:9b:32:f4:f2:b6:8c:c5:
                    60:a1:c7:45:62:04:79:42:72:45:20:59:e3:ec:47:
                    9f:d7:4a:c6:14:b8:92:b4:91:9d:cd:33:2b:c3:f5:
                    3b:13:30:f7:36:cc:f6:cc:d2:2d:b2:de:c7:9f:3d:
                    96:fb:79:90:02:9f:d7:a0:88:8b:36:ab:c4:71:9a:
                    86:b0:e8:e7:92:88:e4:dd:d3:28:44:5d:ab:dd:fb:
                    c6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:2A:6E:04:BD:95:1B:19:9C:C7:3E:FE:C0:F0:BA:3C:8B:F3:94:2D
            X509v3 Authority Key Identifier:
                keyid:D0:48:AF:B7:2F:C9:83:26:77:3C:5E:E1:FB:40:52:FE:7D:9F:0C:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Eivty_JgyZ3PF7h-0BS_n2fDGg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/MipuBL2VGxmcxz7-wPC6PIvzlC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/065f76-0382-42a4-8607-77922b785fd2/1/0Eivty_JgyZ3PF7h-0BS_n2fDGg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:26:6d:fd:c5:ae:7c:e2:74:f5:3d:97:b8:20:c2:c3:a2:85:
         a8:4e:dd:9d:85:70:04:fe:5a:78:4c:8f:aa:a5:1e:5c:8f:a0:
         7e:77:05:66:22:0e:c2:08:e5:66:da:b5:30:4a:af:0a:23:7f:
         2f:5f:a3:80:ee:2c:8e:20:dc:fa:36:b8:f2:b8:38:6b:ca:7e:
         df:0a:d5:03:a4:87:04:25:50:55:f6:e8:b2:d3:2b:73:33:80:
         e1:1d:1a:50:be:ae:1e:13:44:fb:2a:8b:e9:a3:48:4c:6c:73:
         1b:43:f9:50:f0:ae:df:23:40:d3:35:be:3d:3e:f6:6a:8b:0c:
         19:77:f1:1c:6b:c3:c8:da:15:66:4b:7b:97:53:36:b9:e2:d3:
         22:a2:fe:f7:99:a2:d9:ed:90:96:e8:01:fb:b1:c3:16:4d:9b:
         a8:ae:65:9d:1e:13:52:17:83:28:f4:52:e2:65:95:65:aa:e4:
         af:2f:a0:ae:72:2f:6b:cd:95:91:e7:ea:3a:2e:5e:35:42:6b:
         d6:6f:be:a1:da:1f:95:8e:83:df:b0:9f:0c:e3:b8:7d:92:5c:
         c4:5e:10:14:03:f5:65:f2:3f:9b:7c:96:e2:04:a2:7f:16:9c:
         c8:bb:1f:bf:4b:c2:77:89:05:2f:06:d2:1b:99:51:ba:2f:2d:
         cc:e7:36:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87caWlkvpHS/okB9O7zOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDhhZmI3MmZjOTgzMjY3NzNjNWVlMWZiNDA1MmZlN2Q5
ZjBjNjgwHhcNMjYwMTAyMDQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjJhNmUwNGJkOTUxYjE5OWNjNzNlZmVjMGYwYmEzYzhiZjM5NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAls6h5d2kYHt8dVxw6B0YdYoahG
kBLUv4tZ69BwZ9mnn0mzP8RH82g0MW0s6fjjcTxyFTqVmelt3Hq5T44b1EV5JgUK
cHsEKkZ8cqQewXTXOOspjodATRFYrkfP3JBXe3y2dnbImxOdIC8mH5D0Va/n3hYx
6/yrHTpNB8f/cuG9blyVTU/D7A5wxOzCHXkR1sRPZT3pmfbNcrkDtSXbe6Mjckp1
o4hJOLIZC5sy9PK2jMVgocdFYgR5QnJFIFnj7Eef10rGFLiStJGdzTMrw/U7EzD3
Nsz2zNItst7Hnz2W+3mQAp/XoIiLNqvEcZqGsOjnkojk3dMoRF2r3fvG0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIqbgS9lRsZnMc+/sDwujyL85QtMB8GA1UdIwQY
MBaAFNBIr7cvyYMmdzxe4ftAUv59nwxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVpdnR5X0pneVozUEY3aC0wQlNfbjJmREdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wNjVmNzYtMDM4Mi00MmE0LTg2MDct
Nzc5MjJiNzg1ZmQyLzEvTWlwdUJMMlZHeG1jeHo3LXdQQzZQSXZ6bEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wNjVmNzYtMDM4Mi00MmE0LTg2MDctNzc5MjJiNzg1ZmQy
LzEvMEVpdnR5X0pneVozUEY3aC0wQlNfbjJmREdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmjCMA0G
CSqGSIb3DQEBCwUAA4IBAQCRJm39xa584nT1PZe4IMLDooWoTt2dhXAE/lp4TI+q
pR5cj6B+dwVmIg7CCOVm2rUwSq8KI38vX6OA7iyOINz6NrjyuDhryn7fCtUDpIcE
JVBV9uiy0ytzM4DhHRpQvq4eE0T7Kovpo0hMbHMbQ/lQ8K7fI0DTNb49PvZqiwwZ
d/Eca8PI2hVmS3uXUza54tMiov73maLZ7ZCW6AH7scMWTZuormWdHhNSF4Mo9FLi
ZZVlquSvL6Cuci9rzZWR5+o6Ll41QmvWb76h2h+VjoPfsJ8M47h9klzEXhAUA/Vl
8j+bfJbiBKJ/FpzIux+/S8J3iQUvBtIbmVG6Ly3M5zYi
-----END CERTIFICATE-----