This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/Ala0VEiwCJ-XgbkKMuOQm4WQGUM.roa
File:                     Ala0VEiwCJ-XgbkKMuOQm4WQGUM.roa (raw, json)
Hash identifier:          kHPaxmGFnvypL4VtsE3od5qxMzTcY3hqjMVSes+1x+o=
Subject key identifier:   02:56:B4:54:48:B0:08:9F:97:81:B9:0A:32:E3:90:9B:85:90:19:43
Certificate issuer:       /CN=79a9f6a381ce4a5a3eccb2493a684609c988a0fc
Certificate serial:       019B76EB3CE49C1C2E51509F86D71A35C4DB
Authority key identifier: 79:A9:F6:A3:81:CE:4A:5A:3E:CC:B2:49:3A:68:46:09:C9:88:A0:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ean2o4HOSlo-zLJJOmhGCcmIoPw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/Ala0VEiwCJ-XgbkKMuOQm4WQGUM.roa
Signing time:             Thu 01 Jan 2026 00:18:06 +0000
ROA not before:           Thu 01 Jan 2026 00:18:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15576
IP address blocks:        185.218.240.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/ean2o4HOSlo-zLJJOmhGCcmIoPw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/ean2o4HOSlo-zLJJOmhGCcmIoPw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ean2o4HOSlo-zLJJOmhGCcmIoPw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 12:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:3c:e4:9c:1c:2e:51:50:9f:86:d7:1a:35:c4:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79a9f6a381ce4a5a3eccb2493a684609c988a0fc
        Validity
            Not Before: Jan  1 00:18:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0256b45448b0089f9781b90a32e3909b85901943
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c0:26:56:d9:00:23:26:d3:fe:38:9b:87:6c:
                    69:f2:0b:e5:2c:59:74:70:68:38:6a:20:3c:ff:50:
                    90:aa:93:ad:0f:67:66:18:c7:09:b2:cd:ab:39:8e:
                    a2:e2:94:3f:c7:67:be:3d:87:25:39:3b:d3:b5:b3:
                    59:ec:c4:a1:9e:a8:f4:19:90:6f:96:5e:d1:9c:4c:
                    5c:3c:4f:71:68:29:48:48:2a:a9:c4:02:99:59:8a:
                    46:9b:02:2b:3a:4b:5c:45:b9:7b:a8:be:fc:54:1b:
                    88:50:13:fe:28:6a:db:88:b9:5f:e7:8e:04:50:bf:
                    35:54:2f:b0:77:49:bd:c4:25:95:e0:09:5b:60:fa:
                    3e:94:44:6a:ef:29:a9:7f:fb:4a:1f:c0:bb:ba:0d:
                    c8:82:ca:f9:a9:e5:01:70:9a:0c:5c:95:e5:c4:3f:
                    76:ee:56:12:92:17:c0:30:80:b6:2e:b1:eb:2e:4d:
                    d0:8d:b9:25:c7:88:74:44:95:7b:ab:d8:53:49:73:
                    3b:61:ad:4a:95:5b:4f:b2:57:9f:1c:f8:96:a3:6c:
                    52:62:49:fe:4c:cb:69:d3:88:7e:7e:25:cb:27:cb:
                    3a:61:d2:99:52:1c:78:99:1f:70:eb:af:48:80:4b:
                    0d:41:75:c0:c7:ad:3d:4f:8f:7d:84:c5:2d:5d:8f:
                    83:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:56:B4:54:48:B0:08:9F:97:81:B9:0A:32:E3:90:9B:85:90:19:43
            X509v3 Authority Key Identifier:
                keyid:79:A9:F6:A3:81:CE:4A:5A:3E:CC:B2:49:3A:68:46:09:C9:88:A0:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ean2o4HOSlo-zLJJOmhGCcmIoPw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/Ala0VEiwCJ-XgbkKMuOQm4WQGUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/911b83-0c27-4040-970e-ecaf553c31d7/1/ean2o4HOSlo-zLJJOmhGCcmIoPw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.218.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:1b:75:2f:3f:ff:fe:11:b1:fc:bb:0f:14:1e:f3:64:3c:22:
         bd:cc:fe:fe:4e:72:7c:40:35:a9:e2:d8:42:ed:86:31:a7:50:
         7f:46:c1:ab:6a:95:24:a7:57:bb:3e:2e:8e:24:25:e3:35:fe:
         d1:9a:23:41:7a:5a:f2:48:cb:1f:e9:54:cd:ed:9f:9a:91:42:
         e5:8f:d7:6b:d7:ad:3f:d8:94:ec:9f:a8:11:06:e2:2f:eb:38:
         0f:18:2d:d7:a8:0a:b2:7f:e4:ab:41:5d:62:0c:12:a2:fa:8f:
         2f:d6:00:7f:c1:86:74:97:3f:e2:81:f3:d1:06:59:a3:7c:87:
         7f:b7:16:d4:18:be:d4:98:da:a2:bc:26:5b:f0:6b:25:ce:78:
         be:a3:04:7a:ac:69:2d:f8:bc:84:c4:3f:fe:81:19:49:be:c8:
         63:4e:15:44:b5:e5:f3:e1:a6:08:20:20:64:b8:ab:bb:fa:10:
         fb:3b:a8:cb:4e:60:3a:ad:dd:29:4b:a8:2c:92:d4:6d:18:45:
         13:4d:d1:c8:ab:20:98:3e:aa:68:17:46:4b:98:db:ca:ed:ca:
         24:68:67:7a:4b:e4:26:fd:f2:1b:aa:45:a0:81:06:98:1e:7e:
         6b:45:cf:60:4d:a8:f8:86:5b:d0:ef:0a:f5:9a:47:f3:75:8c:
         45:5f:6b:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26zzknBwuUVCfhtcaNcTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTlmNmEzODFjZTRhNWEzZWNjYjI0OTNhNjg0NjA5Yzk4
OGEwZmMwHhcNMjYwMTAxMDAxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU2YjQ1NDQ4YjAwODlmOTc4MWI5MGEzMmUzOTA5Yjg1OTAxOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sAmVtkAIybT/jibh2xp8gvlLFl0
cGg4aiA8/1CQqpOtD2dmGMcJss2rOY6i4pQ/x2e+PYclOTvTtbNZ7MShnqj0GZBv
ll7RnExcPE9xaClISCqpxAKZWYpGmwIrOktcRbl7qL78VBuIUBP+KGrbiLlf544E
UL81VC+wd0m9xCWV4AlbYPo+lERq7ympf/tKH8C7ug3Igsr5qeUBcJoMXJXlxD92
7lYSkhfAMIC2LrHrLk3Qjbklx4h0RJV7q9hTSXM7Ya1KlVtPslefHPiWo2xSYkn+
TMtp04h+fiXLJ8s6YdKZUhx4mR9w669IgEsNQXXAx609T499hMUtXY+DvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJWtFRIsAifl4G5CjLjkJuFkBlDMB8GA1UdIwQY
MBaAFHmp9qOBzkpaPsyySTpoRgnJiKD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFuMm80SE9TbG8tekxKSk9taEdDY21Jb1B3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85MTFiODMtMGMyNy00MDQwLTk3MGUt
ZWNhZjU1M2MzMWQ3LzEvQWxhMFZFaXdDSi1YZ2JrS011T1FtNFdRR1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85MTFiODMtMGMyNy00MDQwLTk3MGUtZWNhZjU1M2MzMWQ3
LzEvZWFuMm80SE9TbG8tekxKSk9taEdDY21Jb1B3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAmG3UvP//+EbH8uw8UHvNkPCK9zP7+TnJ8QDWp4thC
7YYxp1B/RsGrapUkp1e7Pi6OJCXjNf7RmiNBelrySMsf6VTN7Z+akULlj9dr160/
2JTsn6gRBuIv6zgPGC3XqAqyf+SrQV1iDBKi+o8v1gB/wYZ0lz/igfPRBlmjfId/
txbUGL7UmNqivCZb8Gslzni+owR6rGkt+LyExD/+gRlJvshjThVEteXz4aYIICBk
uKu7+hD7O6jLTmA6rd0pS6gsktRtGEUTTdHIqyCYPqpoF0ZLmNvK7cokaGd6S+Qm
/fIbqkWggQaYHn5rRc9gTaj4hlvQ7wr1mkfzdYxFX2v6
-----END CERTIFICATE-----