This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa
File:                     5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa (raw, json)
Hash identifier:          TBrAPV4bOwpXI3ikK/+R0NLpPd2CyHMsQiSsoHb0Hng=
Subject key identifier:   E5:A4:AE:E6:B0:E0:A2:17:00:70:54:41:95:57:8B:E0:A4:1F:F8:17
Certificate issuer:       /CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Certificate serial:       019B78A268DECEE3942DAC64FADB390F78EE
Authority key identifier: E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa
Signing time:             Thu 01 Jan 2026 08:17:48 +0000
ROA not before:           Thu 01 Jan 2026 08:17:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     19905
IP address blocks:        185.98.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 17:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:68:de:ce:e3:94:2d:ac:64:fa:db:39:0f:78:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
        Validity
            Not Before: Jan  1 08:17:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e5a4aee6b0e0a2170070544195578be0a41ff817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:cd:d7:c2:94:28:bd:87:5e:d3:57:a6:df:f9:
                    11:8c:98:89:e9:9b:e0:4e:a9:25:be:2d:21:f4:e9:
                    86:92:50:40:23:ef:14:df:b1:bc:0d:48:90:79:5a:
                    a7:ce:81:02:c0:e1:5b:3f:d3:72:5d:cd:b3:3b:a0:
                    98:ad:a8:d1:3e:02:7a:be:64:81:95:bd:21:31:06:
                    53:c4:e3:c2:95:8f:2a:2d:aa:95:71:09:e4:7c:7d:
                    26:8d:dd:27:c9:9b:bf:31:8e:c6:4c:ca:21:21:b6:
                    46:d2:6a:f2:c7:33:ae:aa:37:01:99:02:af:83:4a:
                    2f:fe:ea:60:f2:b0:a6:a9:ad:6b:3e:89:ee:ed:f7:
                    45:68:17:26:04:84:0c:8c:0b:89:d6:c6:b1:79:7c:
                    bd:fd:69:1e:6b:c7:91:3a:a6:db:8e:6e:a5:ec:5d:
                    87:76:63:90:12:e5:a0:ed:be:1c:90:f6:66:d8:1a:
                    f8:fd:67:71:af:51:63:ca:78:5f:76:dd:b3:cc:23:
                    52:57:9e:32:5e:31:18:30:73:7a:37:2e:5a:14:b4:
                    5f:e2:9b:9c:ae:9e:aa:c5:da:a3:14:62:d9:22:7a:
                    a1:fb:83:ae:27:9e:59:bd:bc:ca:74:d9:1b:2f:9b:
                    b5:e3:65:b7:b8:bc:b5:21:2b:2b:32:5b:f3:d4:2a:
                    c5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:A4:AE:E6:B0:E0:A2:17:00:70:54:41:95:57:8B:E0:A4:1F:F8:17
            X509v3 Authority Key Identifier:
                keyid:E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.98.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:0c:ff:08:5f:b6:7f:a9:f9:2a:48:3d:a8:e0:3d:e6:c2:8c:
         e7:f2:90:98:70:4e:8e:81:84:3d:fb:6f:6c:2d:62:ec:53:1b:
         fe:2c:9a:db:ac:c3:a9:99:42:42:91:8b:9c:a8:2d:19:9f:b7:
         68:48:72:66:51:45:a4:06:26:0f:02:e1:23:3d:38:ac:6d:1e:
         49:67:eb:9d:73:10:cf:4f:88:dd:df:fb:de:99:0c:48:ea:00:
         4b:a5:86:56:93:c2:5a:73:82:b7:67:78:36:49:bc:05:7c:e6:
         60:1f:41:fd:03:23:6a:7d:fe:cf:fe:43:91:e9:cd:12:6a:e9:
         8f:21:1b:1a:12:a4:36:a8:40:c2:87:a0:10:d2:22:5a:f8:bf:
         04:b7:f7:31:51:6e:ef:c8:62:50:5d:4b:03:8c:a1:f6:09:82:
         c9:9e:ec:88:e8:02:c0:eb:01:a1:49:80:96:bd:94:ec:28:d3:
         c2:db:25:9f:cc:a7:09:52:86:df:d7:16:62:30:c1:db:85:2f:
         03:27:b1:d5:bc:1f:19:87:9c:e8:6e:13:94:7e:5c:d6:fa:f4:
         22:a3:65:a1:7c:49:e0:67:b7:b5:6d:9a:41:f1:fc:71:3d:88:
         fe:ca:f1:4f:e4:70:a6:a9:a3:79:c0:b7:1e:4f:a5:0a:2b:8b:
         9c:b9:d3:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4omjezuOULaxk+ts5D3juMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZGEyM2QzYjkzMGQ0YzFmM2FjNzMwNjVkNzFhNjA3YzM1
ZDI5MDAwHhcNMjYwMTAxMDgxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE0YWVlNmIwZTBhMjE3MDA3MDU0NDE5NTU3OGJlMGE0MWZmODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos3XwpQovYde01em3/kRjJiJ6Zvg
Tqklvi0h9OmGklBAI+8U37G8DUiQeVqnzoECwOFbP9NyXc2zO6CYrajRPgJ6vmSB
lb0hMQZTxOPClY8qLaqVcQnkfH0mjd0nyZu/MY7GTMohIbZG0mryxzOuqjcBmQKv
g0ov/upg8rCmqa1rPonu7fdFaBcmBIQMjAuJ1saxeXy9/Wkea8eROqbbjm6l7F2H
dmOQEuWg7b4ckPZm2Br4/Wdxr1Fjynhfdt2zzCNSV54yXjEYMHN6Ny5aFLRf4puc
rp6qxdqjFGLZInqh+4OuJ55ZvbzKdNkbL5u142W3uLy1ISsrMlvz1CrFBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWkruaw4KIXAHBUQZVXi+CkH/gXMB8GA1UdIwQY
MBaAFOLaI9O5MNTB86xzBl1xpgfDXSkAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzIt
ODI3YTBhYzA0YTlkLzEvNWFTdTVyRGdvaGNBY0ZSQmxWZUw0S1FmLUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzItODI3YTBhYzA0YTlk
LzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWK3MA0G
CSqGSIb3DQEBCwUAA4IBAQCfDP8IX7Z/qfkqSD2o4D3mwozn8pCYcE6OgYQ9+29s
LWLsUxv+LJrbrMOpmUJCkYucqC0Zn7doSHJmUUWkBiYPAuEjPTisbR5JZ+udcxDP
T4jd3/vemQxI6gBLpYZWk8Jac4K3Z3g2SbwFfOZgH0H9AyNqff7P/kOR6c0SaumP
IRsaEqQ2qEDCh6AQ0iJa+L8Et/cxUW7vyGJQXUsDjKH2CYLJnuyI6ALA6wGhSYCW
vZTsKNPC2yWfzKcJUobf1xZiMMHbhS8DJ7HVvB8Zh5zobhOUflzW+vQio2WhfEng
Z7e1bZpB8fxxPYj+yvFP5HCmqaN5wLceT6UKK4ucudN1
-----END CERTIFICATE-----