This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Pba2-SK4FbpdHORzLnrRGF7OhEI.roa
File:                     Pba2-SK4FbpdHORzLnrRGF7OhEI.roa (raw, json)
Hash identifier:          qTN10zRZB2abxga91n2kNnWLRXG9S/f+0+S+Pcs6ENE=
Subject key identifier:   3D:B6:B6:F9:22:B8:15:BA:5D:1C:E4:73:2E:7A:D1:18:5E:CE:84:42
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B358DF25C2DE1E21B79345CF269832F
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Pba2-SK4FbpdHORzLnrRGF7OhEI.roa
Signing time:             Thu 01 Jan 2026 20:17:45 +0000
ROA not before:           Thu 01 Jan 2026 20:17:45 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205001
IP address blocks:        80.96.41.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:8d:f2:5c:2d:e1:e2:1b:79:34:5c:f2:69:83:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:45 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3db6b6f922b815ba5d1ce4732e7ad1185ece8442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:46:b5:bf:dc:d8:1b:a8:d7:81:66:37:36:d7:
                    7a:d0:bb:56:2e:0b:1e:63:b0:10:94:7e:6c:ae:3d:
                    14:04:ce:04:08:04:27:a9:66:56:1a:fd:96:44:69:
                    b2:e6:9f:96:53:fd:57:03:b0:05:b2:ef:ed:b9:87:
                    cd:1b:f5:a4:4f:7e:c7:9b:d7:31:b0:c7:c2:12:d2:
                    dd:fa:06:65:db:0a:7a:c4:19:55:63:26:89:c3:cc:
                    56:3a:f7:14:fa:80:f0:ee:4b:4b:37:fc:9d:bc:23:
                    24:99:02:e5:04:1d:80:4c:f4:95:42:45:ab:3d:1f:
                    e6:bf:06:48:d4:fc:49:c3:f4:9d:d1:fb:43:57:55:
                    c4:71:b8:7d:10:c7:5d:e4:53:03:56:df:bc:70:8b:
                    c0:04:bc:aa:dc:a2:82:24:fa:f3:be:05:4b:05:1f:
                    b8:f5:ea:1c:b5:6b:d1:02:ed:73:63:88:9d:07:84:
                    5a:6c:85:b7:16:8b:ee:d3:dc:30:74:e7:5e:8b:d2:
                    02:2b:af:6e:2e:70:be:c6:c6:68:25:3d:4d:e6:2c:
                    60:80:a2:20:71:4e:9d:bb:94:5a:df:c7:7f:46:87:
                    c2:7a:ba:b5:f8:f0:d0:4a:3b:69:dd:f9:4c:db:f9:
                    9c:e9:02:12:5c:60:cd:d5:be:d1:a8:3b:58:b5:9f:
                    23:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:B6:B6:F9:22:B8:15:BA:5D:1C:E4:73:2E:7A:D1:18:5E:CE:84:42
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Pba2-SK4FbpdHORzLnrRGF7OhEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:81:70:d2:69:4c:b6:c9:37:ff:6a:ce:cb:3e:58:34:fa:07:
         4c:fa:9e:84:5c:52:59:f5:b7:d1:f1:e3:35:4f:cf:ab:24:f6:
         64:8d:5b:70:c6:28:38:25:7f:7d:66:10:af:ee:81:31:14:c5:
         05:99:02:c7:fa:e9:bb:f8:74:99:d8:47:ea:e1:9c:c3:b7:da:
         b8:22:ea:25:7e:c0:02:45:5a:77:88:be:34:d3:98:3a:1e:ed:
         ca:ee:9d:b9:15:34:2a:ba:db:29:b7:47:64:86:33:1d:66:c5:
         84:8a:d1:82:c2:f8:c9:e7:af:76:6d:74:07:9d:d4:3b:6f:0f:
         e8:2a:fa:f4:8f:74:cb:35:81:64:ef:6f:62:31:18:a9:e5:50:
         4d:ad:c2:24:ff:45:07:76:de:b3:4c:b8:0e:a8:8c:8a:2c:bf:
         f3:31:5c:a7:e7:97:45:96:5a:ad:6f:30:7c:a6:78:b0:11:66:
         17:fc:43:c2:84:cd:9f:52:49:6b:60:4c:a5:57:36:8b:64:8d:
         01:54:32:17:6c:2f:8b:6f:ca:f2:08:b3:e3:f5:29:85:8d:2a:
         39:32:48:05:32:e6:22:07:cc:10:1f:ec:16:21:42:ad:19:86:
         0b:1a:18:ac:d0:97:a6:6d:cd:12:04:eb:23:12:55:bc:c7:b5:
         82:1b:2e:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NY3yXC3h4ht5NFzyaYMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI2YjZmOTIyYjgxNWJhNWQxY2U0NzMyZTdhZDExODVlY2U4NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnka1v9zYG6jXgWY3Ntd60LtWLgse
Y7AQlH5srj0UBM4ECAQnqWZWGv2WRGmy5p+WU/1XA7AFsu/tuYfNG/WkT37Hm9cx
sMfCEtLd+gZl2wp6xBlVYyaJw8xWOvcU+oDw7ktLN/ydvCMkmQLlBB2ATPSVQkWr
PR/mvwZI1PxJw/Sd0ftDV1XEcbh9EMdd5FMDVt+8cIvABLyq3KKCJPrzvgVLBR+4
9eoctWvRAu1zY4idB4RabIW3Fovu09wwdOdei9ICK69uLnC+xsZoJT1N5ixggKIg
cU6du5Ra38d/RofCerq1+PDQSjtp3flM2/mc6QISXGDN1b7RqDtYtZ8j7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD22tvkiuBW6XRzkcy560RhezoRCMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUGJhMi1TSzRGYnBkSE9SekxuclJHRjdPaEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUGApMA0G
CSqGSIb3DQEBCwUAA4IBAQCsgXDSaUy2yTf/as7LPlg0+gdM+p6EXFJZ9bfR8eM1
T8+rJPZkjVtwxig4JX99ZhCv7oExFMUFmQLH+um7+HSZ2Efq4ZzDt9q4IuolfsAC
RVp3iL4005g6Hu3K7p25FTQqutspt0dkhjMdZsWEitGCwvjJ5692bXQHndQ7bw/o
Kvr0j3TLNYFk729iMRip5VBNrcIk/0UHdt6zTLgOqIyKLL/zMVyn55dFllqtbzB8
pniwEWYX/EPChM2fUklrYEylVzaLZI0BVDIXbC+Lb8ryCLPj9SmFjSo5MkgFMuYi
B8wQH+wWIUKtGYYLGhis0Jembc0SBOsjElW8x7WCGy68
-----END CERTIFICATE-----