This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/v0EgzvwenfUuFzJ1WPOCjKPv3xA.roa
File:                     v0EgzvwenfUuFzJ1WPOCjKPv3xA.roa (raw, json)
Hash identifier:          HBF5KdghmC5VF+0k49VIpdG77syNkClmpAWbA/Bfosc=
Subject key identifier:   BF:41:20:CE:FC:1E:9D:F5:2E:17:32:75:58:F3:82:8C:A3:EF:DF:10
Certificate issuer:       /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial:       019B7F845434E2FF1763BB850B98E10A1176
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/v0EgzvwenfUuFzJ1WPOCjKPv3xA.roa
Signing time:             Fri 02 Jan 2026 16:22:17 +0000
ROA not before:           Fri 02 Jan 2026 16:22:17 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214882
IP address blocks:        195.88.211.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:24:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:84:54:34:e2:ff:17:63:bb:85:0b:98:e1:0a:11:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
        Validity
            Not Before: Jan  2 16:22:17 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bf4120cefc1e9df52e17327558f3828ca3efdf10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:27:6f:f9:56:25:7b:78:da:69:53:cc:8b:23:
                    b2:c3:24:01:5c:e7:02:f1:f7:db:9e:37:0c:8b:9f:
                    3e:74:47:f1:df:88:e4:a2:90:ce:28:b8:2e:95:b0:
                    0e:a3:d6:dd:7d:00:4e:9a:f7:69:a9:60:fd:24:e1:
                    89:24:27:82:2f:fe:29:2b:2e:9b:c2:ce:ac:36:be:
                    68:5d:6a:82:9d:24:9d:29:d3:e1:f3:15:7c:bd:31:
                    34:7e:7f:2f:eb:1b:7a:4d:27:41:9a:0d:cc:67:1a:
                    6a:68:67:e1:a0:bc:ff:80:e6:0e:bf:99:bf:45:67:
                    8c:d7:0e:45:b7:52:f3:98:2d:69:5b:74:b3:e3:64:
                    6a:f1:b1:ac:a8:3f:42:7f:fc:34:b6:a7:b7:96:33:
                    57:5d:64:7c:44:43:ff:33:3e:e6:97:1f:ca:a5:a8:
                    b0:37:15:9e:11:18:a1:f0:c3:4a:0b:45:72:28:3f:
                    ec:f3:a3:3a:3f:a5:e6:d4:34:c6:3d:24:61:94:7e:
                    ec:ea:7c:56:9b:7c:34:0b:e5:67:a7:6c:66:2d:31:
                    d5:06:f6:99:3a:7e:9a:36:3b:8a:1b:cc:2e:d5:bb:
                    38:c2:2f:db:e5:f4:8b:73:ca:29:5f:dc:f8:e4:9b:
                    58:e1:61:f8:17:3e:cf:f7:ad:9d:cc:23:c9:d7:5d:
                    50:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:41:20:CE:FC:1E:9D:F5:2E:17:32:75:58:F3:82:8C:A3:EF:DF:10
            X509v3 Authority Key Identifier:
                keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/v0EgzvwenfUuFzJ1WPOCjKPv3xA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.88.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:11:9e:d2:ca:0a:77:71:6b:fa:65:51:56:5b:9d:e8:3b:f1:
         b4:0f:db:25:5b:a3:7d:8e:7d:4d:00:5c:9e:42:75:e9:6e:9d:
         94:2a:e1:c8:f2:08:1d:17:f0:38:9d:73:6e:25:0a:80:fa:6d:
         84:49:1e:7f:6e:34:b3:d2:ed:cf:34:86:1e:e8:4c:af:f0:bf:
         4b:03:90:71:a7:35:bf:7e:15:03:92:f5:4c:6f:0b:f0:c7:64:
         f1:91:95:34:b5:4f:ab:84:ad:05:ee:66:22:c0:33:72:32:48:
         05:a0:01:6f:d7:b0:1e:dc:28:05:0d:1c:60:3e:5a:81:5c:b2:
         62:b3:8e:e9:79:9a:d8:73:0d:b9:af:ca:56:7d:4c:cc:b5:4e:
         64:e8:ab:55:ab:3a:c3:0c:e5:89:13:36:c9:a2:2f:98:3f:c2:
         d4:83:22:98:78:6d:d4:ed:c2:f6:dd:ca:07:1d:ce:fd:f2:6b:
         94:5e:29:86:f6:5c:ee:7d:90:54:2c:d6:81:f2:55:43:1d:0e:
         d2:d4:dc:54:75:97:95:79:1d:ac:bd:08:df:04:41:39:db:f2:
         56:64:ee:29:a3:ac:54:c1:55:27:e4:bb:90:97:21:3d:55:9b:
         2a:4b:da:f2:3c:50:95:09:9e:06:65:1e:44:ae:a3:a4:94:2e:
         5c:60:22:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hFQ04v8XY7uFC5jhChF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwMTAyMTYyMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQxMjBjZWZjMWU5ZGY1MmUxNzMyNzU1OGYzODI4Y2EzZWZkZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwydv+VYle3jaaVPMiyOywyQBXOcC
8ffbnjcMi58+dEfx34jkopDOKLgulbAOo9bdfQBOmvdpqWD9JOGJJCeCL/4pKy6b
ws6sNr5oXWqCnSSdKdPh8xV8vTE0fn8v6xt6TSdBmg3MZxpqaGfhoLz/gOYOv5m/
RWeM1w5Ft1LzmC1pW3Sz42Rq8bGsqD9Cf/w0tqe3ljNXXWR8REP/Mz7mlx/Kpaiw
NxWeERih8MNKC0VyKD/s86M6P6Xm1DTGPSRhlH7s6nxWm3w0C+Vnp2xmLTHVBvaZ
On6aNjuKG8wu1bs4wi/b5fSLc8opX9z45JtY4WH4Fz7P962dzCPJ111Q9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9BIM78Hp31LhcydVjzgoyj798QMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvdjBFZ3p2d2VuZlV1RnpKMVdQT0NqS1B2M3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1jTMA0G
CSqGSIb3DQEBCwUAA4IBAQCVEZ7Sygp3cWv6ZVFWW53oO/G0D9slW6N9jn1NAFye
QnXpbp2UKuHI8ggdF/A4nXNuJQqA+m2ESR5/bjSz0u3PNIYe6Eyv8L9LA5BxpzW/
fhUDkvVMbwvwx2TxkZU0tU+rhK0F7mYiwDNyMkgFoAFv17Ae3CgFDRxgPlqBXLJi
s47peZrYcw25r8pWfUzMtU5k6KtVqzrDDOWJEzbJoi+YP8LUgyKYeG3U7cL23coH
Hc798muUXimG9lzufZBULNaB8lVDHQ7S1NxUdZeVeR2svQjfBEE52/JWZO4po6xU
wVUn5LuQlyE9VZsqS9ryPFCVCZ4GZR5ErqOklC5cYCIQ
-----END CERTIFICATE-----