This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jlKOUasUa3u-JFxkn5nWNnzfPhQ.roa
File:                     jlKOUasUa3u-JFxkn5nWNnzfPhQ.roa (raw, json)
Hash identifier:          O/0o4/opctywwuKVoo/Apk7Kdx6pGh1wrVruR7K1RrM=
Subject key identifier:   8E:52:8E:51:AB:14:6B:7B:BE:24:5C:64:9F:99:D6:36:7C:DF:3E:14
Certificate issuer:       /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial:       019BB1BAE5F4F5D6B97ED613BDEBBE66ECBD
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jlKOUasUa3u-JFxkn5nWNnzfPhQ.roa
Signing time:             Mon 12 Jan 2026 10:22:54 +0000
ROA not before:           Mon 12 Jan 2026 10:22:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     59432
IP address blocks:        92.62.253.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:b1:ba:e5:f4:f5:d6:b9:7e:d6:13:bd:eb:be:66:ec:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
        Validity
            Not Before: Jan 12 10:22:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8e528e51ab146b7bbe245c649f99d6367cdf3e14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:58:0f:17:30:29:6a:a2:92:b2:e9:a9:1e:1a:
                    8d:0e:ce:61:ce:62:75:65:52:d0:9c:2b:68:a7:f8:
                    cb:9f:50:6a:36:d6:77:59:78:80:29:a8:33:de:f5:
                    ac:02:9a:e4:e6:b9:05:01:81:3f:16:c3:e4:54:1c:
                    12:61:df:ef:29:62:3e:eb:99:38:56:b9:e7:1d:61:
                    1d:98:ad:6e:07:ce:c7:05:15:54:ce:0b:18:da:13:
                    98:24:d6:b1:9c:75:e7:1d:81:79:18:30:cc:9a:6d:
                    57:92:8f:66:d0:54:1b:ca:9d:ad:e6:11:dd:d3:ce:
                    12:7d:a4:b5:af:71:05:2b:52:88:3c:11:f1:7b:2f:
                    56:48:fc:98:e0:13:27:7d:13:00:21:ce:da:41:bd:
                    bc:de:1b:f7:de:83:57:b5:cc:e9:77:4f:d6:6b:3c:
                    28:6b:32:a8:bd:4c:35:39:f4:26:01:9a:c4:35:cc:
                    19:a0:4c:1d:5c:57:72:51:1f:a2:af:06:86:27:59:
                    49:f6:4e:8b:f5:cd:97:a4:cc:3e:2d:e9:f4:65:f7:
                    53:70:4e:71:ee:32:11:60:5b:d9:89:84:3c:97:3b:
                    1c:78:69:f2:b6:ec:cd:1d:c6:d2:a2:f8:fe:74:17:
                    7e:4f:1c:85:23:0f:50:1f:d2:cf:e3:fa:1a:04:d8:
                    05:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:52:8E:51:AB:14:6B:7B:BE:24:5C:64:9F:99:D6:36:7C:DF:3E:14
            X509v3 Authority Key Identifier:
                keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jlKOUasUa3u-JFxkn5nWNnzfPhQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.62.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:b1:be:11:77:2c:49:49:6f:ef:37:43:97:ec:d9:5b:28:d7:
         a3:59:d5:ec:69:cc:b1:56:90:78:84:41:dc:64:dc:69:8e:70:
         6e:27:e9:e8:72:18:dc:a4:e6:f2:60:0f:7f:bf:63:f1:eb:fe:
         de:2d:14:9d:13:6d:e1:88:f5:2e:22:8b:73:c7:97:aa:ff:1a:
         c2:48:f7:49:ff:fe:a9:03:8d:eb:46:f9:ba:95:01:b8:be:b6:
         af:88:ae:05:7e:85:b4:7f:7d:95:2d:76:7c:56:b3:de:e1:03:
         a6:38:c1:4a:46:07:df:b3:30:0c:bc:04:3c:00:c0:1f:e7:42:
         ff:0b:07:2d:92:5f:0f:da:d6:92:80:5f:a4:50:c5:38:71:0e:
         58:12:44:91:98:08:10:4f:c2:f2:94:b4:7f:ee:76:11:83:1f:
         e4:e8:91:69:a6:1c:5d:7f:4e:c4:1d:97:a2:ca:e4:34:95:fd:
         af:6d:c7:5d:d3:24:2e:3b:ed:b3:b4:01:82:1e:9f:06:04:bf:
         0a:f5:ae:dc:51:b1:ae:82:13:2c:53:aa:d0:f2:74:85:99:06:
         f9:32:94:d2:60:0a:29:e2:10:e4:1b:09:1c:7d:38:e6:0b:5b:
         8c:60:c7:01:f3:de:81:72:c6:5e:f5:a3:ec:89:89:3b:63:eb:
         57:0e:37:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZuxuuX09da5ftYTveu+Zuy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMTEyMTAyMjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUyOGU1MWFiMTQ2YjdiYmUyNDVjNjQ5Zjk5ZDYzNjdjZGYzZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFgPFzApaqKSsumpHhqNDs5hzmJ1
ZVLQnCtop/jLn1BqNtZ3WXiAKagz3vWsAprk5rkFAYE/FsPkVBwSYd/vKWI+65k4
VrnnHWEdmK1uB87HBRVUzgsY2hOYJNaxnHXnHYF5GDDMmm1Xko9m0FQbyp2t5hHd
084SfaS1r3EFK1KIPBHxey9WSPyY4BMnfRMAIc7aQb283hv33oNXtczpd0/Wazwo
azKovUw1OfQmAZrENcwZoEwdXFdyUR+irwaGJ1lJ9k6L9c2XpMw+Len0ZfdTcE5x
7jIRYFvZiYQ8lzsceGnytuzNHcbSovj+dBd+TxyFIw9QH9LP4/oaBNgFywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5SjlGrFGt7viRcZJ+Z1jZ83z4UMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvamxLT1Vhc1VhM3UtSkZ4a241bldObnpmUGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD79MA0G
CSqGSIb3DQEBCwUAA4IBAQCEsb4RdyxJSW/vN0OX7NlbKNejWdXsacyxVpB4hEHc
ZNxpjnBuJ+nochjcpObyYA9/v2Px6/7eLRSdE23hiPUuIotzx5eq/xrCSPdJ//6p
A43rRvm6lQG4vraviK4FfoW0f32VLXZ8VrPe4QOmOMFKRgffszAMvAQ8AMAf50L/
Cwctkl8P2taSgF+kUMU4cQ5YEkSRmAgQT8LylLR/7nYRgx/k6JFpphxdf07EHZei
yuQ0lf2vbcdd0yQuO+2ztAGCHp8GBL8K9a7cUbGughMsU6rQ8nSFmQb5MpTSYAop
4hDkGwkcfTjmC1uMYMcB896BcsZe9aPsiYk7Y+tXDjd2
-----END CERTIFICATE-----