This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iajvLo-vNQ_h5vIzQkrNJKqUZBA.roa
File:                     iajvLo-vNQ_h5vIzQkrNJKqUZBA.roa (raw, json)
Hash identifier:          jpghETpuDyvBDz6wZt69Ldt9G2KDpjHSvttY3INbJbI=
Subject key identifier:   89:A8:EF:2E:8F:AF:35:0F:E1:E6:F2:33:42:4A:CD:24:AA:94:64:10
Certificate issuer:       /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial:       019B7AC7CDA5266FA8A9E6D13C4D353CE46E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iajvLo-vNQ_h5vIzQkrNJKqUZBA.roa
Signing time:             Thu 01 Jan 2026 18:17:53 +0000
ROA not before:           Thu 01 Jan 2026 18:17:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42849
IP address blocks:        193.200.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 16:55:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:cd:a5:26:6f:a8:a9:e6:d1:3c:4d:35:3c:e4:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
        Validity
            Not Before: Jan  1 18:17:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=89a8ef2e8faf350fe1e6f233424acd24aa946410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bc:9b:40:39:fd:42:14:42:c4:4b:bd:3c:88:
                    29:db:21:8f:96:25:37:a1:86:68:9f:95:40:bc:83:
                    92:6d:e5:00:81:60:4e:bd:e6:64:a9:df:88:ea:84:
                    99:4b:aa:e4:71:82:3f:fd:76:9d:43:27:bc:36:0f:
                    7b:d4:89:e4:21:5d:31:2c:03:ef:53:3b:a6:bb:2d:
                    28:67:7d:8a:05:b0:53:be:ae:58:08:4f:92:4a:b6:
                    e2:00:0d:b0:13:eb:c3:ad:34:97:8d:6b:15:2e:d6:
                    f6:18:00:91:38:6f:14:dc:ad:fd:7e:42:f2:ae:9f:
                    07:31:47:da:cd:06:72:81:fd:79:0b:9c:cf:99:b5:
                    28:45:c3:f2:81:18:e5:68:23:bb:83:85:f3:b1:b3:
                    18:6d:ce:4d:9b:01:da:d8:20:e1:9f:50:08:89:b0:
                    41:fa:64:1a:37:e5:0d:a0:7d:8d:2f:2b:25:26:3d:
                    88:ef:09:95:ea:70:c6:96:ae:c0:07:c4:fb:0f:f2:
                    45:73:e4:a6:82:19:e1:89:20:2d:dc:4e:60:84:e4:
                    4d:a8:7b:db:a0:26:b9:0c:33:b0:51:f2:34:cf:6e:
                    f7:ce:35:6d:25:49:e6:30:cb:e8:d0:77:65:97:b0:
                    e1:0f:f2:22:5b:e1:08:7b:57:1d:bb:cd:72:76:ec:
                    77:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:A8:EF:2E:8F:AF:35:0F:E1:E6:F2:33:42:4A:CD:24:AA:94:64:10
            X509v3 Authority Key Identifier:
                keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iajvLo-vNQ_h5vIzQkrNJKqUZBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:80:fd:ae:e0:e7:53:c1:7f:5e:05:ce:64:93:21:4b:85:1c:
         f7:87:35:3f:fe:29:35:d2:79:21:f4:35:c6:bc:85:33:65:7d:
         22:e2:96:37:8b:ae:45:85:ad:23:19:d5:ff:ce:51:b0:8e:0f:
         f1:7f:44:78:99:a7:0e:78:42:83:77:db:7e:fd:5f:fb:7c:06:
         5b:7a:a8:23:01:89:a5:40:4f:92:5c:56:d6:c9:08:be:d1:46:
         8c:4a:0e:1f:a2:75:b8:9f:50:9f:fa:69:96:39:21:c1:1a:50:
         5e:db:8d:c4:11:5a:c8:03:18:e8:d7:bb:43:2b:73:6a:c4:1d:
         40:6e:2f:48:30:67:25:03:af:f8:ae:f1:89:62:b0:ed:a4:cb:
         51:e9:12:4d:7f:32:68:ae:d3:4c:4d:a9:c3:2d:41:79:99:f5:
         cf:54:05:d9:77:21:0f:1d:72:bb:b9:06:c1:ec:fc:06:e8:47:
         b7:91:d4:71:d9:90:db:b9:fa:64:85:58:08:57:38:b1:1e:bb:
         52:b2:c3:ca:0f:2a:f0:1e:34:87:39:c9:04:9e:aa:15:81:d1:
         e5:9d:28:76:7a:bb:9f:c7:1b:32:54:04:a0:0c:4b:f2:a6:68:
         88:52:4d:98:61:89:81:a6:8c:06:4a:c0:70:4b:82:9a:d8:78:
         2d:2e:36:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x82lJm+oqebRPE01PORuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMTAxMTgxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE4ZWYyZThmYWYzNTBmZTFlNmYyMzM0MjRhY2QyNGFhOTQ2NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLybQDn9QhRCxEu9PIgp2yGPliU3
oYZon5VAvIOSbeUAgWBOveZkqd+I6oSZS6rkcYI//XadQye8Ng971InkIV0xLAPv
Uzumuy0oZ32KBbBTvq5YCE+SSrbiAA2wE+vDrTSXjWsVLtb2GACROG8U3K39fkLy
rp8HMUfazQZygf15C5zPmbUoRcPygRjlaCO7g4XzsbMYbc5NmwHa2CDhn1AIibBB
+mQaN+UNoH2NLyslJj2I7wmV6nDGlq7AB8T7D/JFc+SmghnhiSAt3E5ghORNqHvb
oCa5DDOwUfI0z273zjVtJUnmMMvo0Hdll7DhD/IiW+EIe1cdu81ydux3TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImo7y6PrzUP4ebyM0JKzSSqlGQQMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaWFqdkxvLXZOUV9oNXZJelFrck5KS3FVWkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciDMA0G
CSqGSIb3DQEBCwUAA4IBAQAbgP2u4OdTwX9eBc5kkyFLhRz3hzU//ik10nkh9DXG
vIUzZX0i4pY3i65Fha0jGdX/zlGwjg/xf0R4macOeEKDd9t+/V/7fAZbeqgjAYml
QE+SXFbWyQi+0UaMSg4fonW4n1Cf+mmWOSHBGlBe243EEVrIAxjo17tDK3NqxB1A
bi9IMGclA6/4rvGJYrDtpMtR6RJNfzJortNMTanDLUF5mfXPVAXZdyEPHXK7uQbB
7PwG6Ee3kdRx2ZDbufpkhVgIVzixHrtSssPKDyrwHjSHOckEnqoVgdHlnSh2eruf
xxsyVASgDEvypmiIUk2YYYmBpowGSsBwS4Ka2HgtLjZv
-----END CERTIFICATE-----