This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/QAp6yJwPuhUvd9i3Kzl_JEzAJVg.roa
File:                     QAp6yJwPuhUvd9i3Kzl_JEzAJVg.roa (raw, json)
Hash identifier:          Jys9YgG9ppmSQvYF69uVgiEGyzFWr92qTU99vvfDxys=
Subject key identifier:   40:0A:7A:C8:9C:0F:BA:15:2F:77:D8:B7:2B:39:7F:24:4C:C0:25:58
Certificate issuer:       /CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Certificate serial:       019B79ED27A4091602EC1C244B212D3960E4
Authority key identifier: D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/QAp6yJwPuhUvd9i3Kzl_JEzAJVg.roa
Signing time:             Thu 01 Jan 2026 14:19:03 +0000
ROA not before:           Thu 01 Jan 2026 14:19:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216127
IP address blocks:        77.110.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:27:a4:09:16:02:ec:1c:24:4b:21:2d:39:60:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
        Validity
            Not Before: Jan  1 14:19:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=400a7ac89c0fba152f77d8b72b397f244cc02558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:49:a2:b6:7f:95:49:62:7c:2f:00:5b:cf:39:
                    7f:96:71:99:a7:85:39:3b:b9:0b:3f:49:02:86:c1:
                    fd:9e:96:ae:df:b4:41:4d:a2:3b:a0:e8:69:f1:95:
                    a5:c0:8e:b2:04:f3:41:45:d2:96:23:27:7f:2d:66:
                    09:3a:5f:2b:e8:43:8c:7d:5a:61:7f:7a:e6:0f:c6:
                    03:f3:ce:9a:69:6c:73:a3:1d:34:03:af:05:30:01:
                    dd:f5:33:6a:e2:bb:69:2f:d7:09:2c:c5:94:54:96:
                    b0:84:40:af:6c:7b:2f:6f:e1:6f:4f:76:e7:4c:8d:
                    ef:c4:20:08:fb:c1:0b:a7:3d:bd:ea:4d:88:4f:a8:
                    44:e1:1b:09:14:05:17:6d:a9:45:5d:b2:d5:c7:03:
                    cd:e1:c5:86:d9:35:bb:1c:2c:1c:bf:d9:24:1c:95:
                    b3:93:84:09:58:46:d1:30:3c:71:fa:19:57:44:85:
                    0c:e2:e6:83:d3:0b:ec:be:2f:c2:4c:64:90:5b:5c:
                    6b:54:6d:1e:0b:06:25:be:38:85:a3:d1:ba:73:9d:
                    fb:2e:da:e4:07:a9:8e:23:c3:52:d0:25:a3:26:73:
                    b3:45:99:82:94:48:c2:34:21:b0:7e:b4:af:63:2c:
                    6e:70:a1:47:cc:76:b6:4f:19:27:d2:25:34:0d:44:
                    e9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:0A:7A:C8:9C:0F:BA:15:2F:77:D8:B7:2B:39:7F:24:4C:C0:25:58
            X509v3 Authority Key Identifier:
                keyid:D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/QAp6yJwPuhUvd9i3Kzl_JEzAJVg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.110.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:b5:18:8a:c7:ff:36:ed:99:54:a8:83:c9:0a:14:ce:f9:b0:
         66:09:04:60:42:ab:36:af:1b:04:f1:30:51:32:b7:70:02:87:
         72:91:bd:9b:9e:6e:21:e4:93:ce:12:bf:23:33:62:25:6c:5d:
         eb:04:9f:4b:6f:3c:e1:32:bb:19:2e:92:26:0f:1f:77:d5:c3:
         32:8b:f5:93:1f:73:3d:d4:4a:d7:a4:da:5c:2b:cb:b3:01:39:
         e1:13:0a:37:22:1f:25:cf:30:53:90:20:4d:0c:9b:75:be:a6:
         06:c2:66:1d:85:20:0f:97:5b:1d:64:75:e7:9d:45:df:77:c1:
         d1:af:c5:8b:92:14:eb:54:28:fe:e0:02:54:1b:34:3a:4f:90:
         24:3e:dc:c5:5b:d9:19:3c:1a:b4:da:4d:08:8b:cb:4e:dc:ba:
         10:74:19:43:a4:88:0a:23:e0:ca:b5:bf:5b:ba:3b:86:08:57:
         20:d2:c6:9f:43:4a:eb:12:ed:4c:c5:ac:52:32:29:4d:ae:e3:
         f4:e9:12:f0:1b:f6:f1:3b:d7:99:cb:d3:9f:87:1a:a5:9c:48:
         02:f5:52:0c:cb:78:d9:90:34:f1:e5:2a:c8:90:15:5e:22:2a:
         01:81:7d:14:6f:51:a8:9d:42:29:6b:2d:54:31:1c:80:62:dc:
         6d:35:aa:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57SekCRYC7BwkSyEtOWDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2UyYmYwMDAxY2Q0MzBlOTI3N2ZiMDBlZDFhYmU1MWMw
YjVjN2MwHhcNMjYwMTAxMTQxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDBhN2FjODljMGZiYTE1MmY3N2Q4YjcyYjM5N2YyNDRjYzAyNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUmitn+VSWJ8LwBbzzl/lnGZp4U5
O7kLP0kChsH9npau37RBTaI7oOhp8ZWlwI6yBPNBRdKWIyd/LWYJOl8r6EOMfVph
f3rmD8YD886aaWxzox00A68FMAHd9TNq4rtpL9cJLMWUVJawhECvbHsvb+FvT3bn
TI3vxCAI+8ELpz296k2IT6hE4RsJFAUXbalFXbLVxwPN4cWG2TW7HCwcv9kkHJWz
k4QJWEbRMDxx+hlXRIUM4uaD0wvsvi/CTGSQW1xrVG0eCwYlvjiFo9G6c537Ltrk
B6mOI8NS0CWjJnOzRZmClEjCNCGwfrSvYyxucKFHzHa2Txkn0iU0DUTpRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAKesicD7oVL3fYtys5fyRMwCVYMB8GA1UdIwQY
MBaAFNTOK/AAHNQw6Sd/sA7Rq+UcC1x8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEt
MWY1NDMxZTJhNWFmLzEvUUFwNnlKd1B1aFV2ZDlpM0t6bF9KRXpBSlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEtMWY1NDMxZTJhNWFm
LzEvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW51MA0G
CSqGSIb3DQEBCwUAA4IBAQB7tRiKx/827ZlUqIPJChTO+bBmCQRgQqs2rxsE8TBR
MrdwAodykb2bnm4h5JPOEr8jM2IlbF3rBJ9LbzzhMrsZLpImDx931cMyi/WTH3M9
1ErXpNpcK8uzATnhEwo3Ih8lzzBTkCBNDJt1vqYGwmYdhSAPl1sdZHXnnUXfd8HR
r8WLkhTrVCj+4AJUGzQ6T5AkPtzFW9kZPBq02k0Ii8tO3LoQdBlDpIgKI+DKtb9b
ujuGCFcg0safQ0rrEu1MxaxSMilNruP06RLwG/bxO9eZy9OfhxqlnEgC9VIMy3jZ
kDTx5SrIkBVeIioBgX0Ub1GonUIpay1UMRyAYtxtNarz
-----END CERTIFICATE-----