This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/lPNiIoO-88xgrf-h9aWewkSLHYA.roa
File:                     lPNiIoO-88xgrf-h9aWewkSLHYA.roa (raw, json)
Hash identifier:          KjhtgxSjZ4mC2ErfPJ5twpfop8Y+K4GDpR14iBVhcMI=
Subject key identifier:   94:F3:62:22:83:BE:F3:CC:60:AD:FF:A1:F5:A5:9E:C2:44:8B:1D:80
Certificate issuer:       /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial:       019B7BA408F39A3A4D7E7DF9D18D5A27ED53
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/lPNiIoO-88xgrf-h9aWewkSLHYA.roa
Signing time:             Thu 01 Jan 2026 22:18:26 +0000
ROA not before:           Thu 01 Jan 2026 22:18:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60132
IP address blocks:        185.56.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:08:f3:9a:3a:4d:7e:7d:f9:d1:8d:5a:27:ed:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
        Validity
            Not Before: Jan  1 22:18:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=94f3622283bef3cc60adffa1f5a59ec2448b1d80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8b:5c:97:bc:cf:48:f4:1c:4e:91:fd:4a:84:
                    f6:0b:d5:fb:ad:89:17:65:4c:ea:4a:8c:43:14:76:
                    7c:af:f3:8c:c3:fc:8f:75:ed:12:94:1e:77:e5:a8:
                    13:0d:5c:cc:69:18:7d:1b:f4:78:e8:a0:ac:24:8a:
                    14:63:e7:ff:e1:76:aa:60:79:7e:79:61:b7:60:d9:
                    d5:e3:b0:cf:81:51:f6:51:88:35:7b:90:b4:3e:1c:
                    09:5f:34:97:22:49:ab:3e:09:3c:b0:8f:33:3f:03:
                    25:a8:5f:6b:94:10:de:17:27:3f:45:36:c2:20:c4:
                    61:96:42:43:d0:3c:49:b6:16:3c:8f:b4:7b:35:3b:
                    47:db:10:f3:da:56:37:1c:9f:a9:5b:64:b4:52:87:
                    56:ed:a1:f0:9c:e0:bf:19:35:6f:4f:a5:f9:f4:a8:
                    25:3c:30:52:7f:2f:96:17:44:a7:4a:46:7a:3e:1a:
                    36:f2:13:c9:5c:59:98:bd:e6:61:14:15:0a:f0:42:
                    52:0d:81:14:74:65:df:97:bb:91:fa:6a:24:66:7d:
                    1b:29:48:f6:81:62:f5:e8:f0:0f:c7:f3:6a:8d:42:
                    7a:70:0a:c7:b2:08:01:d4:6e:3a:26:89:6a:72:88:
                    a1:32:82:b0:6c:af:6c:96:19:b4:2c:99:52:64:8e:
                    b4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:F3:62:22:83:BE:F3:CC:60:AD:FF:A1:F5:A5:9E:C2:44:8B:1D:80
            X509v3 Authority Key Identifier:
                keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/lPNiIoO-88xgrf-h9aWewkSLHYA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.56.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:5b:85:f2:a1:dd:67:80:49:cb:bf:6a:c4:21:a5:47:7e:9d:
         94:24:e4:d3:3a:1e:16:43:8c:78:9f:f1:44:f4:73:cc:a9:18:
         8c:58:f4:d5:5d:ab:27:e0:79:dc:6f:76:35:43:03:34:d8:91:
         0a:72:a5:5f:80:6f:64:ff:bd:99:33:2e:12:64:86:7c:11:fa:
         45:3f:c0:ac:bc:ea:8f:76:3b:d3:94:62:cf:b7:61:a8:df:5a:
         1c:44:ee:d6:27:b9:50:41:aa:e4:f5:61:45:2f:69:8d:f2:18:
         32:ae:0f:ab:0d:3f:29:b3:55:3c:23:d7:28:c8:56:59:9b:d1:
         03:41:bc:b7:be:48:a5:a2:3b:a5:5d:ab:b3:f8:2f:e2:13:24:
         f8:58:4e:33:31:fa:d1:aa:eb:84:fc:e6:1d:e9:f0:36:db:ae:
         18:0a:f1:4b:0b:5a:31:53:af:91:ad:fd:00:c3:4c:d0:36:96:
         5f:b5:74:be:4e:3f:ef:9b:70:6c:10:c4:a2:af:cb:72:13:e4:
         5d:9f:33:73:68:2e:7e:a0:e3:a7:bd:0d:dd:45:b4:26:de:a1:
         08:6c:9f:77:2e:42:52:8d:e0:75:4d:39:0f:a7:22:97:a6:97:
         6d:e2:12:60:38:77:52:43:81:51:92:c0:61:e3:5b:26:72:23:
         a0:ec:02:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pAjzmjpNfn350Y1aJ+1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjYwMTAxMjIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYzNjIyMjgzYmVmM2NjNjBhZGZmYTFmNWE1OWVjMjQ0OGIxZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtItcl7zPSPQcTpH9SoT2C9X7rYkX
ZUzqSoxDFHZ8r/OMw/yPde0SlB535agTDVzMaRh9G/R46KCsJIoUY+f/4XaqYHl+
eWG3YNnV47DPgVH2UYg1e5C0PhwJXzSXIkmrPgk8sI8zPwMlqF9rlBDeFyc/RTbC
IMRhlkJD0DxJthY8j7R7NTtH2xDz2lY3HJ+pW2S0UodW7aHwnOC/GTVvT6X59Kgl
PDBSfy+WF0SnSkZ6Pho28hPJXFmYveZhFBUK8EJSDYEUdGXfl7uR+mokZn0bKUj2
gWL16PAPx/NqjUJ6cArHsggB1G46JolqcoihMoKwbK9slhm0LJlSZI60TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTzYiKDvvPMYK3/ofWlnsJEix2AMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvbFBOaUlvTy04OHhncmYtaDlhV2V3a1NMSFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTiZMA0G
CSqGSIb3DQEBCwUAA4IBAQBLW4Xyod1ngEnLv2rEIaVHfp2UJOTTOh4WQ4x4n/FE
9HPMqRiMWPTVXasn4Hncb3Y1QwM02JEKcqVfgG9k/72ZMy4SZIZ8EfpFP8CsvOqP
djvTlGLPt2Go31ocRO7WJ7lQQark9WFFL2mN8hgyrg+rDT8ps1U8I9coyFZZm9ED
Qby3vkilojulXauz+C/iEyT4WE4zMfrRquuE/OYd6fA2264YCvFLC1oxU6+Rrf0A
w0zQNpZftXS+Tj/vm3BsEMSir8tyE+RdnzNzaC5+oOOnvQ3dRbQm3qEIbJ93LkJS
jeB1TTkPpyKXppdt4hJgOHdSQ4FRksBh41smciOg7AJt
-----END CERTIFICATE-----