This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/7ZWwgnvwU4U_1-WB90W9zaIeApk.roa
File:                     7ZWwgnvwU4U_1-WB90W9zaIeApk.roa (raw, json)
Hash identifier:          pXdrhZt6u9TZRpK/zMCuOmrnZo7nb4SnqRLes1rkitE=
Subject key identifier:   ED:95:B0:82:7B:F0:53:85:3F:D7:E5:81:F7:45:BD:CD:A2:1E:02:99
Certificate issuer:       /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial:       019B77596076F8ACE75988A8B6B4CC814082
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/7ZWwgnvwU4U_1-WB90W9zaIeApk.roa
Signing time:             Thu 01 Jan 2026 02:18:24 +0000
ROA not before:           Thu 01 Jan 2026 02:18:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     7018
IP address blocks:        2a0e:48c4::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:60:76:f8:ac:e7:59:88:a8:b6:b4:cc:81:40:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
        Validity
            Not Before: Jan  1 02:18:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ed95b0827bf053853fd7e581f745bdcda21e0299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5e:4b:29:22:1a:31:cf:7e:87:3b:77:9b:df:
                    4e:f5:ad:eb:08:2c:00:2f:bd:66:65:96:4a:ad:e3:
                    6f:6f:98:af:c8:ff:a4:77:5e:7e:a4:d9:ad:67:53:
                    8c:c9:fb:36:98:fb:01:b2:a0:0d:41:5f:9f:68:6c:
                    05:43:93:28:48:44:f8:80:d7:50:3b:4f:17:04:37:
                    53:4c:81:56:2f:a7:da:35:75:27:c5:6d:51:71:08:
                    bb:dc:3c:c2:98:00:6a:52:3f:39:00:74:43:31:8a:
                    99:1b:f9:a9:9c:2a:a6:3e:05:8b:53:0d:45:9b:c5:
                    fc:8e:e4:ec:16:6b:30:33:fe:32:6a:2e:29:1d:fb:
                    a4:bb:36:60:65:a6:30:91:d6:83:ff:97:2f:2e:73:
                    89:54:de:46:30:d7:17:03:37:96:17:72:ea:25:c7:
                    e2:99:e9:17:34:96:f7:e4:09:96:55:a7:4a:bb:09:
                    67:8d:0c:55:c8:16:ef:df:9e:ad:a5:97:ef:eb:01:
                    7c:fd:88:ba:23:f1:1a:ee:32:60:20:a0:08:40:69:
                    99:8d:47:ed:10:ed:f8:e9:c3:0f:cb:e7:cd:c8:09:
                    15:c2:fa:70:08:87:ef:5d:6e:d2:34:39:c3:35:b7:
                    d4:4e:24:70:fa:f1:1e:27:9f:14:8b:57:55:c5:22:
                    15:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:95:B0:82:7B:F0:53:85:3F:D7:E5:81:F7:45:BD:CD:A2:1E:02:99
            X509v3 Authority Key Identifier:
                keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/7ZWwgnvwU4U_1-WB90W9zaIeApk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:48c4::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:ce:ab:11:3d:27:f9:e5:db:e0:4c:27:69:41:0c:ad:a2:c1:
         12:44:20:79:85:ff:36:91:ca:d0:33:17:77:73:08:dc:5e:45:
         5a:c3:2c:d2:21:f2:3a:2b:c7:83:2a:1b:73:c8:7f:7d:64:5b:
         ce:82:52:e4:9e:0a:8e:89:3f:9b:74:ec:b8:49:be:24:e2:33:
         8d:e2:3e:84:11:b0:78:48:61:23:b4:67:be:63:ae:18:cb:de:
         22:df:42:14:4e:2c:84:54:a4:9f:37:f3:85:b1:2e:6a:62:54:
         19:85:fd:6b:5f:16:24:33:73:b2:8c:10:73:d9:0a:ca:b5:fd:
         74:c0:2e:32:7d:e4:fc:05:ed:e9:a8:10:bb:bd:f1:70:cb:bf:
         bc:cf:b6:10:51:ed:ec:91:36:50:4e:e2:96:c6:90:a6:c3:9f:
         86:d8:7a:de:e3:22:94:dc:aa:01:70:c3:ba:10:fe:f6:fa:58:
         51:d3:e1:27:d7:d6:34:b8:37:a0:7b:70:05:84:20:e2:9a:04:
         a3:b7:6b:f3:98:f9:5d:19:c7:80:32:66:d3:0b:12:98:bc:d4:
         aa:ec:c2:0c:16:e5:2f:8f:7c:4b:c3:b8:32:30:67:de:3d:a8:
         f0:01:b7:63:85:a5:9e:0d:11:7e:a8:02:1c:b9:d9:18:02:a5:
         4c:8b:63:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt3WWB2+KznWYiotrTMgUCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjYwMTAxMDIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDk1YjA4MjdiZjA1Mzg1M2ZkN2U1ODFmNzQ1YmRjZGEyMWUwMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl5LKSIaMc9+hzt3m99O9a3rCCwA
L71mZZZKreNvb5ivyP+kd15+pNmtZ1OMyfs2mPsBsqANQV+faGwFQ5MoSET4gNdQ
O08XBDdTTIFWL6faNXUnxW1RcQi73DzCmABqUj85AHRDMYqZG/mpnCqmPgWLUw1F
m8X8juTsFmswM/4yai4pHfukuzZgZaYwkdaD/5cvLnOJVN5GMNcXAzeWF3LqJcfi
mekXNJb35AmWVadKuwlnjQxVyBbv356tpZfv6wF8/Yi6I/Ea7jJgIKAIQGmZjUft
EO346cMPy+fNyAkVwvpwCIfvXW7SNDnDNbfUTiRw+vEeJ58Ui1dVxSIVuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO2VsIJ78FOFP9flgfdFvc2iHgKZMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvN1pXd2dudndVNFVfMS1XQjkwVzl6YUllQXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5IxDAN
BgkqhkiG9w0BAQsFAAOCAQEAOs6rET0n+eXb4EwnaUEMraLBEkQgeYX/NpHK0DMX
d3MI3F5FWsMs0iHyOivHgyobc8h/fWRbzoJS5J4Kjok/m3TsuEm+JOIzjeI+hBGw
eEhhI7RnvmOuGMveIt9CFE4shFSknzfzhbEuamJUGYX9a18WJDNzsowQc9kKyrX9
dMAuMn3k/AXt6agQu73xcMu/vM+2EFHt7JE2UE7ilsaQpsOfhth63uMilNyqAXDD
uhD+9vpYUdPhJ9fWNLg3oHtwBYQg4poEo7dr85j5XRnHgDJm0wsSmLzUquzCDBbl
L498S8O4MjBn3j2o8AG3Y4Wlng0RfqgCHLnZGAKlTItj9w==
-----END CERTIFICATE-----