This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/RUhDge75ZRg2jm6GkiDeW_q_9R4.roa
File:                     RUhDge75ZRg2jm6GkiDeW_q_9R4.roa (raw, json)
Hash identifier:          1Rm1MMHk+9+hgPs8tOVkUq4dP1nGXvpDaYqmiRr/RDc=
Subject key identifier:   45:48:43:81:EE:F9:65:18:36:8E:6E:86:92:20:DE:5B:FA:BF:F5:1E
Certificate issuer:       /CN=be1f3dc2295306cc7df872ceeccd6894d0e0eae6
Certificate serial:       019B775921AE5302B3E0C4F480ED3D80F616
Authority key identifier: BE:1F:3D:C2:29:53:06:CC:7D:F8:72:CE:EC:CD:68:94:D0:E0:EA:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/RUhDge75ZRg2jm6GkiDeW_q_9R4.roa
Signing time:             Thu 01 Jan 2026 02:18:08 +0000
ROA not before:           Thu 01 Jan 2026 02:18:08 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     174
IP address blocks:        185.130.200.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 Jan 2026 00:18:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:21:ae:53:02:b3:e0:c4:f4:80:ed:3d:80:f6:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be1f3dc2295306cc7df872ceeccd6894d0e0eae6
        Validity
            Not Before: Jan  1 02:18:08 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=45484381eef96518368e6e869220de5bfabff51e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:39:61:23:3f:a4:cf:9e:55:a4:2a:b0:64:f0:
                    a0:58:14:3f:23:6f:73:ab:40:5f:75:8c:8c:be:48:
                    2f:d2:c0:64:eb:09:67:02:1d:a8:0d:e3:55:57:16:
                    26:dc:54:08:49:23:8d:44:02:1a:8a:99:03:08:0c:
                    bf:2d:2c:89:85:6e:44:da:49:dd:4f:9e:e9:7e:54:
                    e2:30:bd:f1:8d:75:7a:95:2e:43:c2:15:4d:12:3e:
                    32:d7:93:61:33:ac:06:fe:65:c9:ce:e7:76:04:26:
                    36:be:5c:31:55:92:48:5f:a9:e6:39:40:c4:94:c3:
                    95:6e:f2:cb:18:4b:71:43:60:5e:ea:7c:d5:a9:5f:
                    39:5d:07:ed:23:fb:7a:59:e0:e5:c5:89:18:16:08:
                    10:61:fc:4c:68:65:c9:6f:12:91:a1:4b:c4:ee:fa:
                    99:15:63:57:f1:9f:98:27:25:d6:67:d9:4d:af:1b:
                    2c:93:e5:f7:23:46:a6:ff:af:cb:29:3b:d3:f8:27:
                    c8:5f:d5:ee:f8:4c:8b:a7:ff:22:06:a7:e4:81:af:
                    39:d9:cc:91:3b:30:24:b2:bb:e0:a4:30:2e:a1:79:
                    1c:2c:fa:f4:3e:1b:d6:e6:6d:55:1b:6c:7b:62:81:
                    9a:74:4f:5e:b5:21:e3:7d:5a:32:54:d9:19:c4:34:
                    7b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:48:43:81:EE:F9:65:18:36:8E:6E:86:92:20:DE:5B:FA:BF:F5:1E
            X509v3 Authority Key Identifier:
                keyid:BE:1F:3D:C2:29:53:06:CC:7D:F8:72:CE:EC:CD:68:94:D0:E0:EA:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/RUhDge75ZRg2jm6GkiDeW_q_9R4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:07:60:66:08:c0:3a:b6:bd:72:57:4f:dc:2d:96:a7:c3:05:
         99:44:2a:da:d6:27:b8:36:7b:f7:e0:d4:4d:0a:69:74:5a:ea:
         c2:66:54:22:fb:b6:47:31:53:41:0b:e7:d0:18:be:86:3c:05:
         05:28:26:f3:82:3f:1c:45:f1:9b:45:8a:29:26:cc:bf:c3:b2:
         b4:f8:0f:c9:be:d0:d1:fd:68:4b:db:7c:78:60:71:0a:22:47:
         cc:bd:35:14:51:c6:92:9d:bc:a1:10:a2:22:87:ad:1c:b8:a3:
         2d:52:53:65:a7:83:d0:31:4d:55:74:f6:26:0b:66:53:75:f5:
         5b:d1:ff:40:62:cf:3d:9e:ae:78:d2:af:54:b4:a3:64:a0:db:
         60:c1:07:c1:53:3c:ee:c9:9c:8d:aa:ed:96:76:61:40:42:32:
         00:5c:87:f1:f6:fd:92:b0:f6:1d:c0:a9:ca:8b:1a:6f:de:ce:
         cd:76:7b:ec:b9:72:67:6b:8d:84:9e:72:d9:12:d3:9f:55:fd:
         f5:93:21:5a:ca:06:f8:88:61:22:57:b4:4c:25:f8:62:16:85:
         5b:73:81:9f:65:ac:74:2d:d9:05:93:7f:af:e8:99:c1:10:a0:
         83:08:52:3a:0b:d1:de:73:43:65:59:26:99:0a:bc:c8:cb:37:
         27:e9:50:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WSGuUwKz4MT0gO09gPYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWYzZGMyMjk1MzA2Y2M3ZGY4NzJjZWVjY2Q2ODk0ZDBl
MGVhZTYwHhcNMjYwMTAxMDIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ4NDM4MWVlZjk2NTE4MzY4ZTZlODY5MjIwZGU1YmZhYmZmNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzlhIz+kz55VpCqwZPCgWBQ/I29z
q0BfdYyMvkgv0sBk6wlnAh2oDeNVVxYm3FQISSONRAIaipkDCAy/LSyJhW5E2knd
T57pflTiML3xjXV6lS5DwhVNEj4y15NhM6wG/mXJzud2BCY2vlwxVZJIX6nmOUDE
lMOVbvLLGEtxQ2Be6nzVqV85XQftI/t6WeDlxYkYFggQYfxMaGXJbxKRoUvE7vqZ
FWNX8Z+YJyXWZ9lNrxssk+X3I0am/6/LKTvT+CfIX9Xu+EyLp/8iBqfkga852cyR
OzAksrvgpDAuoXkcLPr0PhvW5m1VG2x7YoGadE9etSHjfVoyVNkZxDR7CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVIQ4Hu+WUYNo5uhpIg3lv6v/UeMB8GA1UdIwQY
MBaAFL4fPcIpUwbMffhyzuzNaJTQ4OrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmg4OXdpbFRCc3g5LUhMTzdNMW9sTkRnNnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xYmRiZjgtMzk1Zi00YTg1LWE0NGEt
YjUxYWRmZmM2ZWVjLzEvUlVoRGdlNzVaUmcyam02R2tpRGVXX3FfOVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xYmRiZjgtMzk1Zi00YTg1LWE0NGEtYjUxYWRmZmM2ZWVj
LzEvdmg4OXdpbFRCc3g5LUhMTzdNMW9sTkRnNnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYLIMA0G
CSqGSIb3DQEBCwUAA4IBAQCUB2BmCMA6tr1yV0/cLZanwwWZRCra1ie4Nnv34NRN
Cml0WurCZlQi+7ZHMVNBC+fQGL6GPAUFKCbzgj8cRfGbRYopJsy/w7K0+A/JvtDR
/WhL23x4YHEKIkfMvTUUUcaSnbyhEKIih60cuKMtUlNlp4PQMU1VdPYmC2ZTdfVb
0f9AYs89nq540q9UtKNkoNtgwQfBUzzuyZyNqu2WdmFAQjIAXIfx9v2SsPYdwKnK
ixpv3s7NdnvsuXJna42EnnLZEtOfVf31kyFaygb4iGEiV7RMJfhiFoVbc4GfZax0
LdkFk3+v6JnBEKCDCFI6C9Hec0NlWSaZCrzIyzcn6VBr
-----END CERTIFICATE-----