This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O7VNxySc2ZzF5Xq5yHqvjvPU8IA.roa
File:                     O7VNxySc2ZzF5Xq5yHqvjvPU8IA.roa (raw, json)
Hash identifier:          8VF9UXQtErvqyTzcc042s3YJiKcDXrWU4HxLILP1IUw=
Subject key identifier:   3B:B5:4D:C7:24:9C:D9:9C:C5:E5:7A:B9:C8:7A:AF:8E:F3:D4:F0:80
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       019B7F1450449E56FCE7D6014C23C277CD6B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O7VNxySc2ZzF5Xq5yHqvjvPU8IA.roa
Signing time:             Fri 02 Jan 2026 14:19:56 +0000
ROA not before:           Fri 02 Jan 2026 14:19:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     59504
IP address blocks:        147.45.46.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:14:50:44:9e:56:fc:e7:d6:01:4c:23:c2:77:cd:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 14:19:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3bb54dc7249cd99cc5e57ab9c87aaf8ef3d4f080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c6:04:d9:cb:81:95:99:8a:25:3d:a4:fc:46:
                    b6:e4:f7:3f:27:f6:ab:31:c6:96:25:2a:4a:de:bd:
                    4d:ef:33:07:b8:3a:c4:86:d2:9e:78:a3:ef:bf:92:
                    1c:44:de:51:46:cb:1c:5c:33:2b:3c:9a:ad:ed:bb:
                    f7:db:d8:e4:ce:43:ca:aa:97:58:62:f6:89:8c:97:
                    29:c4:07:96:5b:f5:3e:35:f8:58:7d:8b:31:e0:86:
                    e6:4d:11:84:1b:fa:e1:f0:b3:77:1b:9f:92:dc:b3:
                    c9:48:ca:09:f0:58:e6:c2:ff:79:87:d1:14:6b:e9:
                    75:61:91:be:d6:10:0a:d4:c7:94:9a:b7:ed:bf:b7:
                    e5:4a:61:f7:da:cb:0e:53:38:c8:bd:fb:16:db:6f:
                    b0:13:44:ce:6f:15:51:73:bc:12:5e:4c:ee:a1:cb:
                    e6:f4:21:6c:8b:db:44:35:65:f2:d0:e5:79:d0:75:
                    e9:52:b1:08:bb:c0:0e:90:7a:2a:0c:0f:75:e2:92:
                    36:2a:7b:35:af:87:6c:59:c0:f7:0c:a2:7c:da:a0:
                    80:f0:74:92:c7:ca:5a:85:3f:07:ce:fc:be:ee:4b:
                    3d:58:b6:69:31:49:6d:89:9a:1b:bb:dc:6a:0b:66:
                    00:eb:8e:b3:57:11:b0:65:c6:47:21:59:58:01:92:
                    11:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:B5:4D:C7:24:9C:D9:9C:C5:E5:7A:B9:C8:7A:AF:8E:F3:D4:F0:80
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O7VNxySc2ZzF5Xq5yHqvjvPU8IA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:f8:20:ea:43:24:b4:c5:07:e1:a7:ef:e9:6c:8e:fc:87:69:
         6d:5b:5b:8b:7b:3f:47:5c:69:44:c2:f9:83:a0:6f:a1:b8:36:
         c5:18:76:0e:29:56:10:d3:ef:c8:6c:f7:03:d2:1d:f3:42:fc:
         c9:38:dc:61:08:de:0c:bc:95:d9:ec:3d:1d:3a:c1:35:15:c2:
         25:2d:1a:df:59:b7:59:43:cc:ff:59:e5:0a:3a:7b:8d:5d:10:
         a4:e2:57:c7:32:64:d8:86:72:07:7c:70:31:33:c5:0a:04:53:
         a0:0c:ef:f9:8d:54:53:27:35:37:43:1d:cd:22:0f:0e:06:1a:
         47:0f:14:8e:2c:26:ca:03:a8:b2:10:2d:22:d3:63:d7:4d:ba:
         dc:fc:ad:52:18:93:cd:cd:13:da:3d:09:63:ef:89:a1:dc:61:
         c3:57:ec:c1:4e:53:96:4e:68:24:f2:e6:bc:32:08:b4:14:1a:
         3a:5d:98:a2:7d:61:e1:96:39:31:fb:f3:63:10:99:6b:aa:7d:
         48:aa:36:f5:c2:fa:9f:54:87:7b:aa:48:9c:2f:c9:41:f9:45:
         4b:eb:3e:c2:24:22:dd:44:ef:90:6c:39:2e:88:ae:67:3e:4f:
         ca:4d:60:33:8a:fd:41:7a:9d:c0:06:6d:d0:a3:26:b5:12:3f:
         11:cb:fa:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FFBEnlb859YBTCPCd81rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwMTAyMTQxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI1NGRjNzI0OWNkOTljYzVlNTdhYjljODdhYWY4ZWYzZDRmMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28YE2cuBlZmKJT2k/Ea25Pc/J/ar
McaWJSpK3r1N7zMHuDrEhtKeeKPvv5IcRN5RRsscXDMrPJqt7bv329jkzkPKqpdY
YvaJjJcpxAeWW/U+NfhYfYsx4IbmTRGEG/rh8LN3G5+S3LPJSMoJ8Fjmwv95h9EU
a+l1YZG+1hAK1MeUmrftv7flSmH32ssOUzjIvfsW22+wE0TObxVRc7wSXkzuocvm
9CFsi9tENWXy0OV50HXpUrEIu8AOkHoqDA914pI2Kns1r4dsWcD3DKJ82qCA8HSS
x8pahT8Hzvy+7ks9WLZpMUltiZobu9xqC2YA646zVxGwZcZHIVlYAZIRBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu1TccknNmcxeV6uch6r47z1PCAMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTzdWTnh5U2MyWnpGNVhxNXlIcXZqdlBVOElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAky0uMA0G
CSqGSIb3DQEBCwUAA4IBAQBy+CDqQyS0xQfhp+/pbI78h2ltW1uLez9HXGlEwvmD
oG+huDbFGHYOKVYQ0+/IbPcD0h3zQvzJONxhCN4MvJXZ7D0dOsE1FcIlLRrfWbdZ
Q8z/WeUKOnuNXRCk4lfHMmTYhnIHfHAxM8UKBFOgDO/5jVRTJzU3Qx3NIg8OBhpH
DxSOLCbKA6iyEC0i02PXTbrc/K1SGJPNzRPaPQlj74mh3GHDV+zBTlOWTmgk8ua8
Mgi0FBo6XZiifWHhljkx+/NjEJlrqn1Iqjb1wvqfVId7qkicL8lB+UVL6z7CJCLd
RO+QbDkuiK5nPk/KTWAziv1Bep3ABm3Qoya1Ej8Ry/rQ
-----END CERTIFICATE-----