This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/d9bvwpSegOlJkOr63WykDOJSBIo.roa
File:                     d9bvwpSegOlJkOr63WykDOJSBIo.roa (raw, json)
Hash identifier:          iGpA04j+GS5y1dGItZ0tN4sOo2pw4vBSVnnMbucRt04=
Subject key identifier:   77:D6:EF:C2:94:9E:80:E9:49:90:EA:FA:DD:6C:A4:0C:E2:52:04:8A
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       019B7F8545A8F0B10610CEBE0192F1F2DC2A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/d9bvwpSegOlJkOr63WykDOJSBIo.roa
Signing time:             Fri 02 Jan 2026 16:23:19 +0000
ROA not before:           Fri 02 Jan 2026 16:23:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206127
IP address blocks:        45.150.168.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 09:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:45:a8:f0:b1:06:10:ce:be:01:92:f1:f2:dc:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 16:23:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=77d6efc2949e80e94990eafadd6ca40ce252048a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6a:72:1c:31:77:9e:a1:dc:eb:97:dd:b3:30:
                    87:93:e3:2b:2b:e2:6e:64:f0:7b:89:7b:c8:58:f9:
                    01:3b:12:71:c2:04:3c:93:e0:e9:70:0c:02:86:5d:
                    7d:68:51:a3:d9:5c:28:c6:d7:d2:4b:ca:23:82:8c:
                    53:86:88:00:8f:18:2a:02:36:ae:35:bc:4d:5d:b1:
                    d7:1a:29:5c:7d:58:c4:da:fe:3f:f5:f0:d5:f6:67:
                    f3:b6:f9:cf:6d:5c:54:11:86:5f:37:1a:b8:65:9b:
                    26:c2:c4:ba:7b:b5:a4:f6:f0:5f:5e:1f:e0:2e:8f:
                    f4:52:49:f8:32:3e:85:ac:8e:27:29:b8:0f:9f:98:
                    e5:19:1d:ee:a1:91:e8:5c:b4:b5:66:f8:40:b6:0a:
                    df:81:f0:91:52:18:f7:80:c2:6d:71:34:4c:7e:6e:
                    ad:59:b9:de:5f:3a:29:5a:aa:47:ce:37:fa:a8:56:
                    e3:e0:cf:47:39:0b:60:28:ae:bf:1d:4b:ea:9f:f9:
                    35:e7:8f:b8:d6:09:f6:b6:b5:63:d1:da:0f:22:b0:
                    17:11:17:95:2e:da:17:19:8b:e2:23:5e:44:5b:94:
                    03:04:b8:56:38:d3:fb:9e:36:10:6d:48:0b:c5:4d:
                    42:f5:1c:f5:74:e1:1c:46:0d:cb:ce:cc:46:6e:42:
                    78:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D6:EF:C2:94:9E:80:E9:49:90:EA:FA:DD:6C:A4:0C:E2:52:04:8A
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/d9bvwpSegOlJkOr63WykDOJSBIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:b3:aa:5e:c1:70:83:0e:f0:6d:b5:97:1a:c4:7f:47:bb:28:
         68:1f:91:0f:7d:91:47:c4:2f:42:a9:97:4b:63:bf:84:35:86:
         ae:c5:e1:8b:98:0b:b4:86:c7:4a:71:bc:a7:57:54:f8:b1:66:
         a3:7d:40:0f:80:91:a7:44:3d:2a:f6:d1:19:f1:6b:ee:d8:94:
         d2:0a:f5:4d:13:2d:5e:c6:ea:04:90:1e:36:bd:cd:5f:28:7b:
         6c:e8:ec:0e:fe:ff:8a:bc:5f:9e:20:bf:58:f5:09:bb:60:39:
         72:44:2b:57:03:f5:61:6d:db:7f:95:ae:11:ac:0f:dd:84:d7:
         73:b7:a8:fb:5f:f2:91:3b:c4:f3:bc:da:64:7d:f1:3b:f4:35:
         0e:c5:86:ed:61:fb:71:4a:2d:db:e8:98:44:bd:90:0e:13:63:
         f8:aa:ba:a6:b4:af:be:93:d6:5d:18:07:ab:0f:db:ff:83:4b:
         bb:57:26:a2:df:95:25:00:c5:0a:98:f5:15:6b:a4:d9:0c:93:
         bc:cf:4b:36:d7:db:37:99:e8:41:de:0b:04:d3:2d:8e:89:eb:
         b6:b4:3b:2a:1b:e9:05:2d:92:22:13:a3:cb:2b:d8:ae:52:7b:
         f3:5f:f4:e4:a5:90:b6:52:d3:0f:ff:44:35:c6:e9:cf:9c:c7:
         07:c2:1d:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hUWo8LEGEM6+AZLx8twqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwMTAyMTYyMzE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Q2ZWZjMjk0OWU4MGU5NDk5MGVhZmFkZDZjYTQwY2UyNTIwNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAompyHDF3nqHc65fdszCHk+MrK+Ju
ZPB7iXvIWPkBOxJxwgQ8k+DpcAwChl19aFGj2VwoxtfSS8ojgoxThogAjxgqAjau
NbxNXbHXGilcfVjE2v4/9fDV9mfztvnPbVxUEYZfNxq4ZZsmwsS6e7Wk9vBfXh/g
Lo/0Ukn4Mj6FrI4nKbgPn5jlGR3uoZHoXLS1ZvhAtgrfgfCRUhj3gMJtcTRMfm6t
WbneXzopWqpHzjf6qFbj4M9HOQtgKK6/HUvqn/k154+41gn2trVj0doPIrAXEReV
LtoXGYviI15EW5QDBLhWONP7njYQbUgLxU1C9Rz1dOEcRg3LzsxGbkJ4iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfW78KUnoDpSZDq+t1spAziUgSKMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZDlidndwU2VnT2xKa09yNjNXeWtET0pTQklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZaoMA0G
CSqGSIb3DQEBCwUAA4IBAQAFs6pewXCDDvBttZcaxH9HuyhoH5EPfZFHxC9CqZdL
Y7+ENYauxeGLmAu0hsdKcbynV1T4sWajfUAPgJGnRD0q9tEZ8Wvu2JTSCvVNEy1e
xuoEkB42vc1fKHts6OwO/v+KvF+eIL9Y9Qm7YDlyRCtXA/Vhbdt/la4RrA/dhNdz
t6j7X/KRO8TzvNpkffE79DUOxYbtYftxSi3b6JhEvZAOE2P4qrqmtK++k9ZdGAer
D9v/g0u7Vyai35UlAMUKmPUVa6TZDJO8z0s219s3mehB3gsE0y2Oieu2tDsqG+kF
LZIiE6PLK9iuUnvzX/TkpZC2UtMP/0Q1xunPnMcHwh19
-----END CERTIFICATE-----