This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BmvNrtWKTx7ZVhk_Nne3RATfl5Q.roa
File:                     BmvNrtWKTx7ZVhk_Nne3RATfl5Q.roa (raw, json)
Hash identifier:          ER+7s1oAaS0srp+26LtqrsLAahccu+BTT6LhU0kASBU=
Subject key identifier:   06:6B:CD:AE:D5:8A:4F:1E:D9:56:19:3F:36:77:B7:44:04:DF:97:94
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       019B7F15F8F6A1ADF0DA46EE65083110DD6B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BmvNrtWKTx7ZVhk_Nne3RATfl5Q.roa
Signing time:             Fri 02 Jan 2026 14:21:44 +0000
ROA not before:           Fri 02 Jan 2026 14:21:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215531
IP address blocks:        77.83.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 Jan 2026 14:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:f8:f6:a1:ad:f0:da:46:ee:65:08:31:10:dd:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  2 14:21:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=066bcdaed58a4f1ed956193f3677b74404df9794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:79:d7:1b:96:ab:2f:f6:f3:52:c0:2a:14:ca:
                    23:b9:dc:df:2d:2e:f0:89:1f:64:b1:70:28:45:9b:
                    67:d5:36:3b:e1:8a:e1:90:ae:32:bd:a8:e1:b0:fe:
                    0e:33:d6:f6:42:bb:62:97:67:e5:fe:40:01:8b:3f:
                    4a:75:fb:db:3f:c2:6a:6e:ef:f2:40:70:fb:cc:ca:
                    11:56:75:f7:b4:fb:3c:fa:02:74:35:b9:90:92:10:
                    43:cb:0c:eb:74:23:28:e8:11:0b:40:a1:85:18:eb:
                    d0:5e:06:e9:32:5f:ee:75:8f:a0:2c:66:17:fe:ea:
                    1e:1d:f3:fd:e3:73:f5:c8:76:a8:1b:01:42:58:e5:
                    5a:a4:0e:b6:06:e2:d6:b3:2f:17:da:91:61:32:16:
                    95:9f:66:32:1b:52:a4:4f:5d:cd:32:3d:49:7b:36:
                    d7:2f:6f:be:36:cb:ee:b5:58:d2:b4:4b:5f:91:be:
                    9e:e1:93:32:d0:08:be:72:4e:3b:07:e3:76:a9:58:
                    68:75:b3:04:04:77:5f:87:ad:a4:b7:1f:e8:cb:46:
                    ac:35:10:81:14:a5:78:1e:86:55:6f:9c:01:a3:b7:
                    b3:a5:60:b8:3f:eb:d0:77:0b:99:4a:a0:bb:17:95:
                    e5:d7:c5:d6:f6:63:13:7e:d7:ff:27:7e:37:52:db:
                    c0:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:6B:CD:AE:D5:8A:4F:1E:D9:56:19:3F:36:77:B7:44:04:DF:97:94
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BmvNrtWKTx7ZVhk_Nne3RATfl5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:70:ca:79:a2:4f:7f:df:3c:bc:9f:12:8b:cd:c5:5e:c8:4c:
         53:72:84:4f:94:4a:e5:61:de:f5:1e:be:ee:ec:03:da:c5:01:
         66:c2:94:f7:30:f5:da:e3:25:2e:1a:ff:ae:e0:26:08:90:83:
         56:ab:ba:e1:50:4c:fc:4e:6e:7e:5e:cf:c5:02:8e:dd:62:50:
         a8:da:ae:f7:6f:b9:29:9c:07:ed:9a:5b:fa:c9:13:f0:2c:92:
         dc:80:0c:da:fa:40:ee:e7:7c:6f:34:ff:22:92:e9:2a:c8:51:
         09:41:55:4f:ce:6d:8b:03:61:14:6c:37:f7:f1:42:3f:4b:dd:
         1d:cf:eb:52:2b:a4:2f:0b:c2:f9:e8:b6:ca:39:af:31:1a:24:
         38:ee:58:c5:56:54:d9:13:20:48:9a:68:fe:c4:8e:a0:cb:63:
         b4:a5:e6:55:a1:3d:3b:d3:e5:3f:35:81:28:60:88:50:30:29:
         be:93:3b:92:57:a4:7b:04:ec:6a:69:66:66:48:e7:ed:65:25:
         6f:f2:35:6e:bf:01:95:7a:fa:8f:13:39:52:5d:06:60:8b:5a:
         4c:7b:3c:3f:0b:72:bf:d0:8d:5e:6c:b1:7f:14:09:f4:3f:aa:
         bf:19:81:3a:9c:b7:b9:1e:aa:27:18:db:66:8a:6f:5c:ea:30:
         da:8c:00:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/Ffj2oa3w2kbuZQgxEN1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwMTAyMTQyMTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZiY2RhZWQ1OGE0ZjFlZDk1NjE5M2YzNjc3Yjc0NDA0ZGY5Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXnXG5arL/bzUsAqFMojudzfLS7w
iR9ksXAoRZtn1TY74YrhkK4yvajhsP4OM9b2Qrtil2fl/kABiz9KdfvbP8Jqbu/y
QHD7zMoRVnX3tPs8+gJ0NbmQkhBDywzrdCMo6BELQKGFGOvQXgbpMl/udY+gLGYX
/uoeHfP943P1yHaoGwFCWOVapA62BuLWsy8X2pFhMhaVn2YyG1KkT13NMj1JezbX
L2++NsvutVjStEtfkb6e4ZMy0Ai+ck47B+N2qVhodbMEBHdfh62ktx/oy0asNRCB
FKV4HoZVb5wBo7ezpWC4P+vQdwuZSqC7F5Xl18XW9mMTftf/J343UtvAgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZrza7Vik8e2VYZPzZ3t0QE35eUMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQm12TnJ0V0tUeDdaVmhrX05uZTNSQVRmbDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVMlMA0G
CSqGSIb3DQEBCwUAA4IBAQAlcMp5ok9/3zy8nxKLzcVeyExTcoRPlErlYd71Hr7u
7APaxQFmwpT3MPXa4yUuGv+u4CYIkINWq7rhUEz8Tm5+Xs/FAo7dYlCo2q73b7kp
nAftmlv6yRPwLJLcgAza+kDu53xvNP8ikukqyFEJQVVPzm2LA2EUbDf38UI/S90d
z+tSK6QvC8L56LbKOa8xGiQ47ljFVlTZEyBImmj+xI6gy2O0peZVoT070+U/NYEo
YIhQMCm+kzuSV6R7BOxqaWZmSOftZSVv8jVuvwGVevqPEzlSXQZgi1pMezw/C3K/
0I1ebLF/FAn0P6q/GYE6nLe5HqonGNtmim9c6jDajADS
-----END CERTIFICATE-----