This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/uxvdRH3Lx7ZudvJAlNDH4WnIMb8.roa
File:                     uxvdRH3Lx7ZudvJAlNDH4WnIMb8.roa (raw, json)
Hash identifier:          7H1SzU9/jyjG63PZcxwjrSZgzIIH3ECkB+OiPPAHQwE=
Subject key identifier:   BB:1B:DD:44:7D:CB:C7:B6:6E:76:F2:40:94:D0:C7:E1:69:C8:31:BF
Certificate issuer:       /CN=1527455ea7fce17cfd0431985258d13e06bfa735
Certificate serial:       019B76EB1C836702C995E447AEA05A4235E2
Authority key identifier: 15:27:45:5E:A7:FC:E1:7C:FD:04:31:98:52:58:D1:3E:06:BF:A7:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSdFXqf84Xz9BDGYUljRPga_pzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/uxvdRH3Lx7ZudvJAlNDH4WnIMb8.roa
Signing time:             Thu 01 Jan 2026 00:17:58 +0000
ROA not before:           Thu 01 Jan 2026 00:17:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        185.95.174.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/FSdFXqf84Xz9BDGYUljRPga_pzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/FSdFXqf84Xz9BDGYUljRPga_pzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FSdFXqf84Xz9BDGYUljRPga_pzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:1c:83:67:02:c9:95:e4:47:ae:a0:5a:42:35:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1527455ea7fce17cfd0431985258d13e06bfa735
        Validity
            Not Before: Jan  1 00:17:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bb1bdd447dcbc7b66e76f24094d0c7e169c831bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d8:97:a7:f7:40:47:0c:80:00:59:6d:38:8f:
                    e2:1a:e6:86:65:2f:7a:70:fe:ac:6c:7e:21:1f:f0:
                    f1:68:96:ec:b1:14:23:d9:d3:36:da:44:c7:4d:9d:
                    80:cb:4f:b8:02:da:4e:7e:67:8a:67:b8:98:f4:a7:
                    c1:45:f3:54:30:74:27:cb:38:55:0b:85:1f:c6:d8:
                    3f:e1:cf:59:47:6b:b7:2a:20:71:56:bd:5e:f4:ce:
                    d5:45:80:1a:84:af:53:f1:57:c3:19:5f:43:85:b7:
                    85:9f:1c:11:e3:0b:3f:fd:7e:d8:05:e9:02:87:00:
                    c6:c3:7b:a7:69:e1:e7:8b:1e:12:f0:ff:5e:2a:92:
                    05:a4:44:3c:8e:9a:ca:d9:f2:db:43:4c:b8:1b:04:
                    ca:3c:c8:ae:c3:dd:ec:4c:d4:11:16:73:a8:8b:51:
                    a0:a0:59:b9:35:9c:fb:3b:af:69:56:8d:99:c3:f0:
                    29:ee:56:c0:fb:04:9f:df:18:ef:2b:0d:ba:7b:66:
                    ae:0e:fa:52:d1:f1:7a:fd:dc:3c:d1:63:86:7b:08:
                    3d:80:d7:44:ce:9e:3f:17:45:7d:00:a9:62:8f:5e:
                    ff:e7:22:b9:44:30:68:11:52:3b:77:1a:23:72:17:
                    78:48:71:e4:34:11:57:d4:6c:43:99:89:4c:eb:19:
                    b8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:1B:DD:44:7D:CB:C7:B6:6E:76:F2:40:94:D0:C7:E1:69:C8:31:BF
            X509v3 Authority Key Identifier:
                keyid:15:27:45:5E:A7:FC:E1:7C:FD:04:31:98:52:58:D1:3E:06:BF:A7:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSdFXqf84Xz9BDGYUljRPga_pzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/uxvdRH3Lx7ZudvJAlNDH4WnIMb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/FSdFXqf84Xz9BDGYUljRPga_pzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:67:96:10:ef:b3:b5:29:71:ec:0f:fc:58:08:f1:9f:e4:7b:
         ff:44:ae:1f:64:8a:24:5c:0a:35:41:64:a1:d1:d3:7b:a3:6f:
         e1:61:a3:51:ee:d6:cb:67:19:c3:da:ae:60:b7:66:95:61:ac:
         d2:c1:93:bc:11:10:dc:e7:6e:39:42:c6:9f:6a:f6:48:c9:f7:
         df:a1:c5:a9:65:3b:b0:07:7d:ed:26:01:dc:d6:94:06:59:90:
         48:69:e4:bd:cc:fd:16:21:75:d8:5a:c3:b5:72:1b:de:97:d9:
         70:64:6b:da:fa:56:f2:fd:ae:bf:33:cc:37:47:1c:9d:cf:8c:
         81:ab:0b:45:f9:96:99:77:dd:15:d2:13:52:78:6c:57:4a:88:
         48:d6:16:60:cc:1d:b8:e7:18:84:81:18:3e:f4:75:95:78:83:
         7a:7e:22:f0:96:ab:b2:3e:f4:52:ad:f9:db:a7:ac:15:ef:19:
         8b:31:70:c8:c7:f8:d7:53:57:ea:ae:da:ee:f4:9e:71:b3:aa:
         7c:13:3d:55:e7:11:62:28:60:34:04:c7:bd:ff:fe:79:b3:de:
         1d:5c:12:0c:98:5b:7b:e4:4d:51:f3:18:c3:0f:1d:7b:f6:f4:
         60:47:db:13:37:4d:ef:dd:18:87:29:76:72:d0:48:42:2a:6a:
         0c:57:a1:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26xyDZwLJleRHrqBaQjXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Mjc0NTVlYTdmY2UxN2NmZDA0MzE5ODUyNThkMTNlMDZi
ZmE3MzUwHhcNMjYwMTAxMDAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFiZGQ0NDdkY2JjN2I2NmU3NmYyNDA5NGQwYzdlMTY5YzgzMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNiXp/dARwyAAFltOI/iGuaGZS96
cP6sbH4hH/DxaJbssRQj2dM22kTHTZ2Ay0+4AtpOfmeKZ7iY9KfBRfNUMHQnyzhV
C4Ufxtg/4c9ZR2u3KiBxVr1e9M7VRYAahK9T8VfDGV9DhbeFnxwR4ws//X7YBekC
hwDGw3unaeHnix4S8P9eKpIFpEQ8jprK2fLbQ0y4GwTKPMiuw93sTNQRFnOoi1Gg
oFm5NZz7O69pVo2Zw/Ap7lbA+wSf3xjvKw26e2auDvpS0fF6/dw80WOGewg9gNdE
zp4/F0V9AKlij17/5yK5RDBoEVI7dxojchd4SHHkNBFX1GxDmYlM6xm4ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLsb3UR9y8e2bnbyQJTQx+FpyDG/MB8GA1UdIwQY
MBaAFBUnRV6n/OF8/QQxmFJY0T4Gv6c1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNkRlhxZjg0WHo5QkRHWVVsalJQZ2FfcHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yNGM0ZjYtMjFlZS00YjZiLWE5NDUt
OThmOGNjZDVkYjhkLzEvdXh2ZFJIM0x4N1p1ZHZKQWxOREg0V25JTWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yNGM0ZjYtMjFlZS00YjZiLWE5NDUtOThmOGNjZDVkYjhk
LzEvRlNkRlhxZjg0WHo5QkRHWVVsalJQZ2FfcHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV+uMA0G
CSqGSIb3DQEBCwUAA4IBAQBIZ5YQ77O1KXHsD/xYCPGf5Hv/RK4fZIokXAo1QWSh
0dN7o2/hYaNR7tbLZxnD2q5gt2aVYazSwZO8ERDc5245QsafavZIyfffocWpZTuw
B33tJgHc1pQGWZBIaeS9zP0WIXXYWsO1chvel9lwZGva+lby/a6/M8w3Rxydz4yB
qwtF+ZaZd90V0hNSeGxXSohI1hZgzB245xiEgRg+9HWVeIN6fiLwlquyPvRSrfnb
p6wV7xmLMXDIx/jXU1fqrtru9J5xs6p8Ez1V5xFiKGA0BMe9//55s94dXBIMmFt7
5E1R8xjDDx179vRgR9sTN03v3RiHKXZy0EhCKmoMV6G0
-----END CERTIFICATE-----