This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/2pYvuOlm5MRdBUw8x5tLbdqZXpc.roa
File:                     2pYvuOlm5MRdBUw8x5tLbdqZXpc.roa (raw, json)
Hash identifier:          NAVOxCaqh4HjZblyl1Cz4XGohu72FpPNFdbVsVI0edE=
Subject key identifier:   DA:96:2F:B8:E9:66:E4:C4:5D:05:4C:3C:C7:9B:4B:6D:DA:99:5E:97
Certificate issuer:       /CN=9e56b51edf39ebf0662b2c834d65d1bd1de82522
Certificate serial:       019C04E9B291A8412EEA57F30F13B8D89D59
Authority key identifier: 9E:56:B5:1E:DF:39:EB:F0:66:2B:2C:83:4D:65:D1:BD:1D:E8:25:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nla1Ht856_BmKyyDTWXRvR3oJSI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/2pYvuOlm5MRdBUw8x5tLbdqZXpc.roa
Signing time:             Wed 28 Jan 2026 14:02:30 +0000
ROA not before:           Wed 28 Jan 2026 14:02:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     58232
IP address blocks:        195.18.10.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/nla1Ht856_BmKyyDTWXRvR3oJSI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/nla1Ht856_BmKyyDTWXRvR3oJSI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nla1Ht856_BmKyyDTWXRvR3oJSI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Feb 2026 09:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:04:e9:b2:91:a8:41:2e:ea:57:f3:0f:13:b8:d8:9d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e56b51edf39ebf0662b2c834d65d1bd1de82522
        Validity
            Not Before: Jan 28 14:02:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=da962fb8e966e4c45d054c3cc79b4b6dda995e97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ed:97:6d:f4:d1:44:bc:e2:b9:1a:a7:e2:5b:
                    db:53:0b:5c:d9:9d:f2:2a:8f:40:c5:26:40:fe:16:
                    5a:d5:5c:f4:85:dc:59:cc:79:7d:9a:c7:4b:86:b2:
                    4e:c4:f4:02:5f:e3:4d:90:9b:de:e0:84:68:8a:5e:
                    d1:f9:15:8c:a4:54:83:4c:c3:e9:7f:68:bd:2a:b4:
                    63:f5:18:a9:2b:b4:ad:8e:f6:40:a6:cc:0c:ab:6c:
                    be:df:0e:36:24:59:3b:3b:1b:fd:20:e5:47:cd:8e:
                    23:a9:94:77:6f:53:31:86:5f:08:0f:36:61:57:66:
                    bb:28:14:60:a0:78:f1:77:98:86:55:00:49:2e:c2:
                    bd:1f:e0:54:8e:b1:6a:a3:43:6b:f1:02:3d:13:e5:
                    a1:38:5c:a0:4b:23:f0:db:9f:c6:19:83:31:b2:c0:
                    61:4b:7c:a5:43:4c:c8:85:2b:18:da:6a:39:17:4f:
                    53:78:ae:27:3b:2c:82:17:77:a1:88:95:ab:ca:7b:
                    1e:18:d3:11:0d:32:11:06:50:92:7e:69:8d:11:d7:
                    e7:66:a1:2b:72:af:67:9f:0a:7d:40:53:d1:6f:b0:
                    e3:1b:80:62:ac:3d:f3:fe:91:a3:b8:51:5a:20:50:
                    a1:6d:b7:f4:8a:23:9e:72:ed:16:f3:a5:ce:0e:b6:
                    0c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:96:2F:B8:E9:66:E4:C4:5D:05:4C:3C:C7:9B:4B:6D:DA:99:5E:97
            X509v3 Authority Key Identifier:
                keyid:9E:56:B5:1E:DF:39:EB:F0:66:2B:2C:83:4D:65:D1:BD:1D:E8:25:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nla1Ht856_BmKyyDTWXRvR3oJSI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/2pYvuOlm5MRdBUw8x5tLbdqZXpc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e63f2e-97b0-4de8-87ed-563a14e86d60/1/nla1Ht856_BmKyyDTWXRvR3oJSI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.18.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:26:9e:3e:bf:ce:fb:77:73:bd:d6:fd:23:a7:46:11:97:44:
         ec:11:a7:d0:cd:e4:c2:df:71:a2:1d:88:d2:83:e0:7c:ef:63:
         b0:90:43:ca:27:66:09:65:ff:6d:a6:82:8f:40:48:c6:4c:85:
         2c:a8:6d:49:a2:ed:90:67:37:0e:03:1f:84:b3:a8:cd:57:26:
         ce:28:59:d2:97:92:32:3e:ec:53:19:be:5c:81:d1:6e:ee:75:
         55:e7:c0:da:e6:ae:f4:79:e1:74:49:3a:a1:e6:8e:80:26:3d:
         a1:5b:ea:19:67:4a:e0:51:ae:ec:d8:a8:78:e9:83:e9:e2:93:
         1d:67:a9:ef:48:44:1e:bf:91:1e:80:8a:fc:92:0e:67:2b:07:
         dd:2e:d6:14:8e:c8:31:f1:ed:59:d4:1a:0a:c6:f3:41:e7:2f:
         ed:fb:b7:e5:66:eb:70:fd:e7:4d:bc:ec:1d:4c:bd:54:70:8c:
         6c:68:2d:77:48:d8:44:a7:7d:47:72:4e:a8:df:84:ee:77:82:
         ed:5e:83:d4:d3:34:c0:3b:15:42:d3:2f:1f:0f:01:c6:1e:cb:
         5b:df:b3:0e:01:ac:fd:15:c8:ff:47:04:d6:c7:29:f6:61:03:
         f0:ca:10:fb:a7:1c:bf:21:b1:a0:06:61:4f:54:e8:23:5b:8d:
         35:ff:24:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwE6bKRqEEu6lfzDxO42J1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTZiNTFlZGYzOWViZjA2NjJiMmM4MzRkNjVkMWJkMWRl
ODI1MjIwHhcNMjYwMTI4MTQwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTk2MmZiOGU5NjZlNGM0NWQwNTRjM2NjNzliNGI2ZGRhOTk1ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu2XbfTRRLziuRqn4lvbUwtc2Z3y
Ko9AxSZA/hZa1Vz0hdxZzHl9msdLhrJOxPQCX+NNkJve4IRoil7R+RWMpFSDTMPp
f2i9KrRj9RipK7StjvZApswMq2y+3w42JFk7Oxv9IOVHzY4jqZR3b1Mxhl8IDzZh
V2a7KBRgoHjxd5iGVQBJLsK9H+BUjrFqo0Nr8QI9E+WhOFygSyPw25/GGYMxssBh
S3ylQ0zIhSsY2mo5F09TeK4nOyyCF3ehiJWrynseGNMRDTIRBlCSfmmNEdfnZqEr
cq9nnwp9QFPRb7DjG4BirD3z/pGjuFFaIFChbbf0iiOecu0W86XODrYMEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqWL7jpZuTEXQVMPMebS23amV6XMB8GA1UdIwQY
MBaAFJ5WtR7fOevwZissg01l0b0d6CUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxhMUh0ODU2X0JtS3l5RFRXWFJ2UjNvSlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNjNmMmUtOTdiMC00ZGU4LTg3ZWQt
NTYzYTE0ZTg2ZDYwLzEvMnBZdnVPbG01TVJkQlV3OHg1dExiZHFaWHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNjNmMmUtOTdiMC00ZGU4LTg3ZWQtNTYzYTE0ZTg2ZDYw
LzEvbmxhMUh0ODU2X0JtS3l5RFRXWFJ2UjNvSlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxIKMA0G
CSqGSIb3DQEBCwUAA4IBAQBjJp4+v877d3O91v0jp0YRl0TsEafQzeTC33GiHYjS
g+B872OwkEPKJ2YJZf9tpoKPQEjGTIUsqG1Jou2QZzcOAx+Es6jNVybOKFnSl5Iy
PuxTGb5cgdFu7nVV58Da5q70eeF0STqh5o6AJj2hW+oZZ0rgUa7s2Kh46YPp4pMd
Z6nvSEQev5EegIr8kg5nKwfdLtYUjsgx8e1Z1BoKxvNB5y/t+7flZutw/edNvOwd
TL1UcIxsaC13SNhEp31Hck6o34Tud4LtXoPU0zTAOxVC0y8fDwHGHstb37MOAaz9
Fcj/RwTWxyn2YQPwyhD7pxy/IbGgBmFPVOgjW401/yTv
-----END CERTIFICATE-----