This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C1x4d3dcifQ23HiuCSIcjQHJnHQ.roa
File:                     C1x4d3dcifQ23HiuCSIcjQHJnHQ.roa (raw, json)
Hash identifier:          mUPHR5V4wLIT+X+sRD/D5Fz8CPmEIoGvnyAUGmZs8Uk=
Subject key identifier:   0B:5C:78:77:77:5C:89:F4:36:DC:78:AE:09:22:1C:8D:01:C9:9C:74
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B35819A605677DA59E2A3A8233300ED
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C1x4d3dcifQ23HiuCSIcjQHJnHQ.roa
Signing time:             Thu 01 Jan 2026 20:17:42 +0000
ROA not before:           Thu 01 Jan 2026 20:17:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60100
IP address blocks:        194.102.88.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:81:9a:60:56:77:da:59:e2:a3:a8:23:33:00:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0b5c7877775c89f436dc78ae09221c8d01c99c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:db:b5:84:ec:f8:f4:7e:88:80:a0:02:73:59:
                    cb:25:ff:9b:a3:fc:49:ee:14:6d:7b:5d:26:b7:d5:
                    ce:ff:c9:bd:78:ba:bd:a0:20:16:a9:06:6f:d4:79:
                    df:f0:31:ff:89:72:a6:df:62:1b:e3:82:b5:a2:d3:
                    89:ce:b6:07:ad:36:b1:2c:56:26:27:6b:18:6d:11:
                    4c:2b:e6:e0:b5:0b:c7:6e:6c:f9:7c:c4:78:42:c4:
                    c3:f4:83:67:0e:b2:6b:1b:1e:37:8e:73:12:35:e7:
                    21:63:1c:1d:35:66:61:ba:86:77:d2:9f:a0:c6:00:
                    bd:53:8c:08:9f:3e:06:e2:85:3f:3a:8b:c5:73:a9:
                    54:e2:b1:3e:f5:bd:ae:b8:0e:2d:12:43:26:00:4e:
                    01:94:be:44:fe:d1:f4:9d:fb:b9:86:59:46:1a:98:
                    b0:18:7c:5d:5d:c3:e5:27:0c:2c:14:e5:be:87:fb:
                    da:3c:e0:e3:0a:6b:cf:27:38:ea:7c:64:21:59:8a:
                    0e:e6:16:46:78:84:63:72:03:0b:1a:ba:58:0d:53:
                    ae:27:bb:76:b1:ef:cb:66:9a:16:51:ac:76:47:66:
                    04:f4:d2:46:56:51:52:65:e1:f2:4b:86:3c:78:6a:
                    f8:73:1f:b3:3f:84:b1:cd:68:2e:8a:15:69:1e:df:
                    44:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:5C:78:77:77:5C:89:F4:36:DC:78:AE:09:22:1C:8D:01:C9:9C:74
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C1x4d3dcifQ23HiuCSIcjQHJnHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:24:82:c0:5a:c4:38:1c:e3:03:fb:a7:b7:43:45:2a:9c:f0:
         a5:99:bb:dc:78:d6:7e:a1:59:0d:bf:49:cb:1d:11:61:eb:7e:
         4b:c0:fa:ad:e5:30:db:9d:a0:09:0f:d2:1c:34:f0:76:6f:2a:
         06:16:d3:7d:60:b5:ba:fe:17:99:da:ce:55:6d:3e:8f:95:a1:
         5d:b2:7b:45:02:9e:21:81:f9:1a:fc:2f:1e:dd:88:12:2b:ce:
         c5:61:b2:3e:8f:09:95:76:b4:c0:4b:22:a9:41:88:83:7d:8d:
         ff:6a:e8:cb:4b:a9:5f:73:ec:bb:af:3b:27:d9:44:88:9a:71:
         ba:58:87:b5:c0:7e:5a:d2:ca:6a:07:37:7d:ac:d3:21:d0:a6:
         19:7e:0b:4b:43:83:6d:e1:86:29:3f:ac:9a:12:10:f6:c0:54:
         98:f8:8d:64:7b:48:49:bf:29:23:a4:b5:63:86:85:28:e4:27:
         70:05:5e:34:e7:72:80:37:ec:c2:70:20:97:0a:49:13:f5:17:
         d2:0d:73:a9:6d:36:f2:17:f5:7a:7d:12:66:8c:a1:a2:87:67:
         ae:d3:3c:85:28:31:24:f6:ee:0f:14:2d:98:e0:0a:8f:3f:3e:
         52:a9:f0:5d:5c:26:d0:2e:db:59:cf:94:49:ee:9d:59:96:1c:
         66:7f:76:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NYGaYFZ32lnio6gjMwDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjVjNzg3Nzc3NWM4OWY0MzZkYzc4YWUwOTIyMWM4ZDAxYzk5Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNu1hOz49H6IgKACc1nLJf+bo/xJ
7hRte10mt9XO/8m9eLq9oCAWqQZv1Hnf8DH/iXKm32Ib44K1otOJzrYHrTaxLFYm
J2sYbRFMK+bgtQvHbmz5fMR4QsTD9INnDrJrGx43jnMSNechYxwdNWZhuoZ30p+g
xgC9U4wInz4G4oU/OovFc6lU4rE+9b2uuA4tEkMmAE4BlL5E/tH0nfu5hllGGpiw
GHxdXcPlJwwsFOW+h/vaPODjCmvPJzjqfGQhWYoO5hZGeIRjcgMLGrpYDVOuJ7t2
se/LZpoWUax2R2YE9NJGVlFSZeHyS4Y8eGr4cx+zP4SxzWguihVpHt9ElwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtceHd3XIn0Ntx4rgkiHI0ByZx0MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQzF4NGQzZGNpZlEyM0hpdUNTSWNqUUhKbkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmZYMA0G
CSqGSIb3DQEBCwUAA4IBAQAkJILAWsQ4HOMD+6e3Q0UqnPClmbvceNZ+oVkNv0nL
HRFh635LwPqt5TDbnaAJD9IcNPB2byoGFtN9YLW6/heZ2s5VbT6PlaFdsntFAp4h
gfka/C8e3YgSK87FYbI+jwmVdrTASyKpQYiDfY3/aujLS6lfc+y7rzsn2USImnG6
WIe1wH5a0spqBzd9rNMh0KYZfgtLQ4Nt4YYpP6yaEhD2wFSY+I1ke0hJvykjpLVj
hoUo5CdwBV4053KAN+zCcCCXCkkT9RfSDXOpbTbyF/V6fRJmjKGih2eu0zyFKDEk
9u4PFC2Y4AqPPz5SqfBdXCbQLttZz5RJ7p1Zlhxmf3Yu
-----END CERTIFICATE-----