This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/p40iuKxiw3-sHAL9jxdUpNkkeD4.roa
File:                     p40iuKxiw3-sHAL9jxdUpNkkeD4.roa (raw, json)
Hash identifier:          uEdVEgA7C9Cn43awEqryuYQCQHKWlCvT8PCH2NnfOgc=
Subject key identifier:   A7:8D:22:B8:AC:62:C3:7F:AC:1C:02:FD:8F:17:54:A4:D9:24:78:3E
Certificate issuer:       /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial:       019B9846DA1301D05F181EB81E81D88C4EF0
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/p40iuKxiw3-sHAL9jxdUpNkkeD4.roa
Signing time:             Wed 07 Jan 2026 11:45:38 +0000
ROA not before:           Wed 07 Jan 2026 11:45:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     134677
IP address blocks:        178.239.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:98:46:da:13:01:d0:5f:18:1e:b8:1e:81:d8:8c:4e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
        Validity
            Not Before: Jan  7 11:45:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a78d22b8ac62c37fac1c02fd8f1754a4d924783e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:74:5b:5a:d4:ee:d9:90:f0:39:f7:f1:ec:87:
                    6e:74:16:a1:93:d2:9f:f7:43:dc:fd:78:9b:33:4c:
                    67:86:94:ef:1c:ab:0e:43:a6:06:88:50:03:b8:78:
                    6b:bf:5f:8c:4d:6d:c7:69:94:c4:b5:62:36:b4:44:
                    a4:85:f2:a5:83:3f:94:c6:67:b5:c6:86:21:de:f6:
                    c9:5d:95:73:18:55:38:72:e8:8e:3e:54:47:c7:b9:
                    3e:88:76:0c:ab:d0:0d:48:05:f5:45:50:99:87:7b:
                    84:58:36:d7:42:0d:dc:f4:bc:bc:69:ae:2c:09:9b:
                    6b:09:37:3b:79:93:91:99:be:9a:59:eb:d7:c1:df:
                    7d:1b:69:5a:b7:e2:af:24:33:f7:b1:cb:38:14:bb:
                    db:7b:54:88:e6:b2:29:3a:7a:56:36:0f:b2:77:a5:
                    60:11:eb:c7:1c:f2:cf:a8:7e:61:6b:44:63:f5:b9:
                    93:de:64:20:3c:1b:df:7d:d7:1f:87:c5:8e:7f:b1:
                    bc:2f:4c:95:d1:c7:95:c4:1e:bd:a4:24:e8:c9:27:
                    08:f2:a2:0f:a9:23:cf:c5:44:d5:86:1e:50:c8:be:
                    7d:b4:fc:f7:27:49:55:9a:d6:b3:65:30:25:9a:d4:
                    04:cd:b6:d2:c6:21:5c:69:d3:e1:9b:3c:c6:aa:5b:
                    14:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:8D:22:B8:AC:62:C3:7F:AC:1C:02:FD:8F:17:54:A4:D9:24:78:3E
            X509v3 Authority Key Identifier:
                keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/p40iuKxiw3-sHAL9jxdUpNkkeD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:74:a6:84:6b:72:b8:57:86:98:36:9c:4d:47:88:8a:75:7c:
         18:86:87:e2:6e:f9:73:3f:d1:b4:ae:53:f8:b2:c0:ce:6d:23:
         98:61:ce:93:e0:5e:66:20:ba:cb:62:ef:88:9b:a7:3b:d2:1e:
         57:b7:6e:e7:26:62:cd:79:35:b6:cf:d5:8e:fc:87:a0:ec:f8:
         75:0c:1f:c9:1a:3b:a6:71:87:ab:15:27:9d:b7:09:1e:89:c5:
         d7:13:a9:13:e1:24:e1:1b:bf:28:3e:f5:81:6a:9e:5a:2c:e0:
         51:0f:fa:ca:d7:0e:62:53:67:65:60:bc:aa:3d:4d:18:82:bf:
         e3:7b:6a:a1:18:d8:57:56:7d:4f:46:1d:d6:d4:12:fb:7a:57:
         b1:41:8d:56:af:7a:f7:44:9f:e7:fd:9d:24:96:60:1a:65:86:
         99:88:52:72:6c:7b:e5:3a:cb:6f:f0:da:58:30:5b:0e:3d:b7:
         bb:b2:53:4d:ac:4f:21:b2:ea:82:c3:2b:39:7c:3b:fa:06:76:
         75:fe:86:ca:b7:9e:be:36:2c:06:73:35:8c:03:a0:69:53:76:
         f8:59:09:d3:2d:fc:d9:f4:81:db:fa:62:33:d3:df:c8:1a:e4:
         4e:21:bd:7f:f6:cd:97:4c:25:ab:7a:6a:03:10:db:d5:09:08:
         f5:0c:2a:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZuYRtoTAdBfGB64HoHYjE7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMTA3MTE0NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhkMjJiOGFjNjJjMzdmYWMxYzAyZmQ4ZjE3NTRhNGQ5MjQ3ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XRbWtTu2ZDwOffx7IdudBahk9Kf
90Pc/XibM0xnhpTvHKsOQ6YGiFADuHhrv1+MTW3HaZTEtWI2tESkhfKlgz+Uxme1
xoYh3vbJXZVzGFU4cuiOPlRHx7k+iHYMq9ANSAX1RVCZh3uEWDbXQg3c9Ly8aa4s
CZtrCTc7eZORmb6aWevXwd99G2lat+KvJDP3scs4FLvbe1SI5rIpOnpWNg+yd6Vg
EevHHPLPqH5ha0Rj9bmT3mQgPBvffdcfh8WOf7G8L0yV0ceVxB69pCToyScI8qIP
qSPPxUTVhh5QyL59tPz3J0lVmtazZTAlmtQEzbbSxiFcadPhmzzGqlsU6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeNIrisYsN/rBwC/Y8XVKTZJHg+MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvcDQwaXVLeGl3My1zSEFMOWp4ZFVwTmtrZUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu91MA0G
CSqGSIb3DQEBCwUAA4IBAQCEdKaEa3K4V4aYNpxNR4iKdXwYhofibvlzP9G0rlP4
ssDObSOYYc6T4F5mILrLYu+Im6c70h5Xt27nJmLNeTW2z9WO/Ieg7Ph1DB/JGjum
cYerFSedtwkeicXXE6kT4SThG78oPvWBap5aLOBRD/rK1w5iU2dlYLyqPU0Ygr/j
e2qhGNhXVn1PRh3W1BL7elexQY1Wr3r3RJ/n/Z0klmAaZYaZiFJybHvlOstv8NpY
MFsOPbe7slNNrE8hsuqCwys5fDv6BnZ1/obKt56+NiwGczWMA6BpU3b4WQnTLfzZ
9IHb+mIz09/IGuROIb1/9s2XTCWremoDENvVCQj1DCp2
-----END CERTIFICATE-----