This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa
File:                     sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa (raw, json)
Hash identifier:          obNWII8S7VxaHifOdhDpl8/q/V3M1i4VuliV8Z+MBow=
Subject key identifier:   B1:0F:2A:42:0E:51:0A:12:69:F4:9B:1F:30:16:7B:55:9C:13:F1:61
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       019B7B35E962E45954B566E588BDFCF759F1
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa
Signing time:             Thu 01 Jan 2026 20:18:09 +0000
ROA not before:           Thu 01 Jan 2026 20:18:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     50565
IP address blocks:        45.143.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:e9:62:e4:59:54:b5:66:e5:88:bd:fc:f7:59:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jan  1 20:18:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b10f2a420e510a1269f49b1f30167b559c13f161
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e3:d8:b3:45:6b:20:a4:77:63:49:b9:8d:9f:
                    f9:02:dd:c0:37:1c:00:b0:fc:3a:f0:17:45:62:92:
                    42:6f:37:93:64:0b:65:3b:71:53:72:c2:cf:d0:71:
                    49:7b:3e:b5:9a:03:c1:a5:b7:16:56:15:06:31:66:
                    49:1a:92:5d:e5:e4:1b:e3:9f:eb:24:71:d1:56:e7:
                    b0:4d:dd:f1:38:bf:97:82:6a:49:c1:12:1c:6d:41:
                    d4:28:96:19:20:11:f2:af:73:83:3b:e3:80:d8:c7:
                    f0:7c:cc:c9:ac:41:c5:c6:98:c2:42:b9:8b:da:0f:
                    15:ed:6d:42:c5:67:c5:32:00:20:d9:f9:8c:55:4e:
                    4c:83:f6:4d:ef:86:d3:ad:b7:c7:5f:ac:89:b7:ac:
                    9b:d1:06:34:24:52:da:ae:cc:35:fb:5e:f8:23:2c:
                    f9:3d:e8:37:00:8a:5b:d7:70:ce:e4:90:0e:38:4e:
                    79:55:73:8a:cf:97:98:fd:7f:8e:f7:a2:9a:b0:fe:
                    fa:d6:db:c7:21:16:ab:1a:be:3d:c1:1b:30:a4:43:
                    d8:f5:9c:f8:cf:4e:9f:7d:8a:76:64:6f:43:c2:a0:
                    15:ec:48:2d:53:0c:ca:6c:85:59:1f:24:20:dd:dd:
                    80:bc:98:64:81:75:eb:50:56:ee:43:98:f7:a7:ce:
                    df:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:0F:2A:42:0E:51:0A:12:69:F4:9B:1F:30:16:7B:55:9C:13:F1:61
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/sQ8qQg5RChJp9JsfMBZ7VZwT8WE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:92:fc:4e:24:77:f3:4a:de:93:8f:e5:71:29:6c:be:62:e4:
         b3:d3:40:86:54:ce:64:a7:93:18:98:d3:69:fa:eb:b1:90:52:
         ab:0d:2f:c2:1e:b0:df:84:d7:b4:f0:2b:3a:e3:c0:80:44:4b:
         fd:96:2b:1a:0b:18:84:fd:fe:45:4d:7a:77:a9:b1:3a:cf:7e:
         7a:b2:7f:55:1a:85:0f:f1:b3:ad:20:fd:de:fb:bd:03:32:d5:
         38:2b:37:c1:10:84:80:df:bc:f4:e1:26:a1:84:9b:11:0a:67:
         75:b4:8f:73:64:75:a1:dc:2e:79:8d:6c:5b:f8:97:65:e6:79:
         34:31:c5:60:e6:f6:0e:b1:f8:17:df:0a:27:67:b9:72:ac:de:
         e4:9a:5a:db:f1:c8:70:74:1c:90:38:ed:ee:3f:45:b4:8d:ed:
         c7:65:fe:f2:d8:5b:fb:ec:d7:b5:4e:2d:d5:99:1b:3d:83:29:
         44:ba:e8:f5:e2:b4:d8:02:0a:74:3d:4b:97:d1:41:5c:b2:ae:
         72:c5:e4:84:ae:4c:b7:b7:e7:ca:76:23:48:95:7a:77:b8:f0:
         8e:43:98:db:18:3d:92:60:f8:c9:bc:b9:b8:43:cc:b7:63:86:
         56:45:3a:86:e8:57:63:ac:08:05:d2:39:89:37:78:cf:0e:a5:
         e7:78:1f:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7Neli5FlUtWbliL3891nxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjYwMTAxMjAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBmMmE0MjBlNTEwYTEyNjlmNDliMWYzMDE2N2I1NTljMTNmMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+PYs0VrIKR3Y0m5jZ/5At3ANxwA
sPw68BdFYpJCbzeTZAtlO3FTcsLP0HFJez61mgPBpbcWVhUGMWZJGpJd5eQb45/r
JHHRVuewTd3xOL+XgmpJwRIcbUHUKJYZIBHyr3ODO+OA2MfwfMzJrEHFxpjCQrmL
2g8V7W1CxWfFMgAg2fmMVU5Mg/ZN74bTrbfHX6yJt6yb0QY0JFLarsw1+174Iyz5
Peg3AIpb13DO5JAOOE55VXOKz5eY/X+O96KasP761tvHIRarGr49wRswpEPY9Zz4
z06ffYp2ZG9DwqAV7EgtUwzKbIVZHyQg3d2AvJhkgXXrUFbuQ5j3p87fowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEPKkIOUQoSafSbHzAWe1WcE/FhMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvc1E4cVFnNVJDaEpwOUpzZk1CWjdWWndUOFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY9hMA0G
CSqGSIb3DQEBCwUAA4IBAQA0kvxOJHfzSt6Tj+VxKWy+YuSz00CGVM5kp5MYmNNp
+uuxkFKrDS/CHrDfhNe08Cs648CAREv9lisaCxiE/f5FTXp3qbE6z356sn9VGoUP
8bOtIP3e+70DMtU4KzfBEISA37z04SahhJsRCmd1tI9zZHWh3C55jWxb+Jdl5nk0
McVg5vYOsfgX3wonZ7lyrN7kmlrb8chwdByQOO3uP0W0je3HZf7y2Fv77Ne1Ti3V
mRs9gylEuuj14rTYAgp0PUuX0UFcsq5yxeSErky3t+fKdiNIlXp3uPCOQ5jbGD2S
YPjJvLm4Q8y3Y4ZWRTqG6FdjrAgF0jmJN3jPDqXneB8G
-----END CERTIFICATE-----