This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/LVzm6PScS-DUr1dRA7Al1IZOWMU.roa
File:                     LVzm6PScS-DUr1dRA7Al1IZOWMU.roa (raw, json)
Hash identifier:          XX+xZLdfHxaIHsXWoOFRjP0yYXn9msAV6LYRZEB20lo=
Subject key identifier:   2D:5C:E6:E8:F4:9C:4B:E0:D4:AF:57:51:03:B0:25:D4:86:4E:58:C5
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       019B7C807009C469240E51636F2084AEC1B3
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/LVzm6PScS-DUr1dRA7Al1IZOWMU.roa
Signing time:             Fri 02 Jan 2026 02:19:10 +0000
ROA not before:           Fri 02 Jan 2026 02:19:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     61317
IP address blocks:        109.105.197.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 Jan 2026 02:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:70:09:c4:69:24:0e:51:63:6f:20:84:ae:c1:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 02:19:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2d5ce6e8f49c4be0d4af575103b025d4864e58c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:33:a9:34:44:93:a8:38:34:70:a6:0d:92:e6:
                    fb:3b:d6:6f:2a:20:1e:77:8c:55:17:bf:22:0c:d8:
                    5b:44:eb:32:df:35:57:c5:80:fa:ae:7e:38:bc:92:
                    1b:94:5a:35:91:ac:37:87:bc:51:17:41:74:6c:48:
                    fb:ff:62:40:b6:6e:6e:b8:5a:f1:4c:f0:f8:65:0b:
                    d6:c0:4d:2a:d4:c5:9b:c6:dd:8c:3b:f7:2e:b2:42:
                    3f:ae:c5:65:33:e3:a3:d0:7e:21:ee:7c:3b:16:4b:
                    05:a8:05:65:54:a6:66:5b:dc:78:7c:62:99:d4:1a:
                    2d:39:86:72:7a:16:2f:3e:f3:bb:bf:47:d1:db:dd:
                    8e:4b:a4:ea:c8:17:67:1a:3a:b8:a6:04:47:0e:27:
                    f3:c8:5f:4f:c4:bc:cb:6d:01:7b:80:d8:bd:07:87:
                    a8:b3:0d:68:a0:b7:ca:03:fa:8b:31:a3:93:ac:83:
                    7c:9d:8e:d3:e2:b4:54:90:66:ff:f6:31:7d:fe:22:
                    cf:27:41:d5:3e:51:d1:53:2a:f3:1f:17:8e:f8:cd:
                    38:c9:11:ea:e1:4f:8e:ff:cb:ab:60:87:1a:b5:78:
                    ca:49:34:83:37:b8:c7:fd:53:29:15:e0:86:b8:f7:
                    8d:03:c3:1c:b1:d2:41:d2:a5:79:9c:8f:8c:65:9f:
                    59:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:5C:E6:E8:F4:9C:4B:E0:D4:AF:57:51:03:B0:25:D4:86:4E:58:C5
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/LVzm6PScS-DUr1dRA7Al1IZOWMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:b4:5a:35:51:d1:a2:a5:5e:f0:5c:ce:52:09:c4:8d:7f:ae:
         82:7f:15:dd:73:d1:e8:18:60:0a:e9:50:57:fd:04:e3:35:92:
         17:43:5c:f4:af:6f:32:6e:e1:0c:bc:a3:ab:a4:1f:16:c2:1a:
         b8:74:de:c2:45:92:00:98:45:5a:73:3f:9b:f0:6c:1a:13:64:
         ff:1c:6d:bd:75:1c:72:5e:9c:bc:e1:f5:19:be:02:7e:3d:52:
         1a:43:04:71:3e:3d:83:c2:ae:64:e2:ad:5b:fa:de:2b:e3:89:
         f2:0e:40:47:fa:0c:9e:f7:e5:78:3d:67:95:64:f2:25:e9:91:
         11:b8:95:8f:2d:ea:1a:24:fb:d5:4a:a6:8e:87:b5:87:e0:fc:
         be:c2:b1:71:6c:63:b5:12:d7:7b:0c:ca:52:9c:b7:c0:12:0c:
         ae:34:5a:7c:d2:dd:79:8e:8d:43:5d:52:be:77:e7:ed:48:e4:
         d6:d6:f9:02:67:b5:ec:21:9a:1e:f9:1f:22:de:93:43:dd:97:
         b0:2b:e9:ee:9d:19:3f:9e:b0:fe:8e:27:5d:5f:9a:00:f5:22:
         16:9e:96:03:3d:84:c0:e5:da:ab:9f:dd:9f:56:3b:a7:5f:2e:
         b5:7b:08:1d:71:a5:59:e2:b0:32:78:40:2b:8b:8a:09:f8:c9:
         60:6d:9b:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gHAJxGkkDlFjbyCErsGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjYwMTAyMDIxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDVjZTZlOGY0OWM0YmUwZDRhZjU3NTEwM2IwMjVkNDg2NGU1OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jOpNESTqDg0cKYNkub7O9ZvKiAe
d4xVF78iDNhbROsy3zVXxYD6rn44vJIblFo1kaw3h7xRF0F0bEj7/2JAtm5uuFrx
TPD4ZQvWwE0q1MWbxt2MO/cuskI/rsVlM+Oj0H4h7nw7FksFqAVlVKZmW9x4fGKZ
1BotOYZyehYvPvO7v0fR292OS6TqyBdnGjq4pgRHDifzyF9PxLzLbQF7gNi9B4eo
sw1ooLfKA/qLMaOTrIN8nY7T4rRUkGb/9jF9/iLPJ0HVPlHRUyrzHxeO+M04yRHq
4U+O/8urYIcatXjKSTSDN7jH/VMpFeCGuPeNA8McsdJB0qV5nI+MZZ9ZIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC1c5uj0nEvg1K9XUQOwJdSGTljFMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvTFZ6bTZQU2NTLURVcjFkUkE3QWwxSVpPV01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnFMA0G
CSqGSIb3DQEBCwUAA4IBAQCJtFo1UdGipV7wXM5SCcSNf66CfxXdc9HoGGAK6VBX
/QTjNZIXQ1z0r28ybuEMvKOrpB8Wwhq4dN7CRZIAmEVacz+b8GwaE2T/HG29dRxy
Xpy84fUZvgJ+PVIaQwRxPj2Dwq5k4q1b+t4r44nyDkBH+gye9+V4PWeVZPIl6ZER
uJWPLeoaJPvVSqaOh7WH4Py+wrFxbGO1Etd7DMpSnLfAEgyuNFp80t15jo1DXVK+
d+ftSOTW1vkCZ7XsIZoe+R8i3pND3ZewK+nunRk/nrD+jiddX5oA9SIWnpYDPYTA
5dqrn92fVjunXy61ewgdcaVZ4rAyeEAri4oJ+MlgbZvM
-----END CERTIFICATE-----