This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tpMdbG4l94exa_Ys-bhzsY2w8ek.roa
File:                     tpMdbG4l94exa_Ys-bhzsY2w8ek.roa (raw, json)
Hash identifier:          Hje2rJAa6L3WDB80pALnJNo8whGtdmJKBXTwtRQ2eCg=
Subject key identifier:   B6:93:1D:6C:6E:25:F7:87:B1:6B:F6:2C:F9:B8:73:B1:8D:B0:F1:E9
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       019B7F8551F1DFAA34AC0668009B6A294397
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tpMdbG4l94exa_Ys-bhzsY2w8ek.roa
Signing time:             Fri 02 Jan 2026 16:23:22 +0000
ROA not before:           Fri 02 Jan 2026 16:23:22 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     398436
IP address blocks:        91.242.108.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:51:f1:df:aa:34:ac:06:68:00:9b:6a:29:43:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 16:23:22 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b6931d6c6e25f787b16bf62cf9b873b18db0f1e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ea:ea:73:44:d4:7e:34:36:14:c6:b7:32:f1:
                    af:b7:bd:f3:54:83:a6:bc:27:85:48:1b:39:32:ab:
                    a8:f3:c5:7d:23:ed:cd:9f:a5:08:fb:b1:01:59:b2:
                    7c:48:42:92:d3:f2:89:8f:f9:56:65:19:bb:0a:b0:
                    73:98:ee:ea:1f:8e:20:35:d7:4e:6a:26:90:4e:0f:
                    b1:16:e9:08:e2:c0:cb:51:7f:3d:29:bf:2f:39:e1:
                    e3:cf:de:00:0d:3e:68:db:d5:36:65:8d:6a:02:37:
                    56:94:c7:4b:81:c0:91:b6:e7:93:7f:9f:98:4f:a5:
                    1c:38:45:2a:a7:bf:e7:cb:77:53:bf:80:0b:9b:7c:
                    8b:de:5f:98:42:65:43:43:e6:16:c5:e6:76:cd:fa:
                    d9:f1:9b:97:11:f3:ec:09:df:32:30:f2:50:3a:69:
                    81:45:95:6a:4b:c4:6b:ad:3e:1d:74:96:e7:76:5f:
                    76:7d:7e:03:67:31:20:ad:aa:e7:f0:0f:63:8e:6c:
                    3d:9b:19:30:f2:d1:7d:93:51:4d:43:52:11:d4:7c:
                    43:9a:2f:76:a6:04:73:2f:fb:aa:02:97:37:1a:88:
                    d0:ca:d7:4b:ce:dc:d3:62:3c:31:de:db:cc:25:93:
                    5f:c0:a2:61:39:e7:a0:6b:7d:39:93:48:21:35:ca:
                    e2:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:93:1D:6C:6E:25:F7:87:B1:6B:F6:2C:F9:B8:73:B1:8D:B0:F1:E9
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tpMdbG4l94exa_Ys-bhzsY2w8ek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:66:d2:a0:ce:85:68:e3:af:80:41:9e:4f:7a:da:0b:52:fd:
         a3:69:71:58:1f:d4:bf:b5:5c:56:8f:73:50:86:79:b9:2f:10:
         dc:4a:d0:3c:ac:7f:79:31:e4:90:32:d0:73:c9:93:32:36:10:
         43:4c:33:7f:10:2d:79:5b:a2:de:36:65:e1:db:7f:77:44:8b:
         fa:fa:f1:d7:91:d7:44:d7:96:a5:e1:f2:e3:08:1a:ef:28:f6:
         b8:1f:f7:f7:63:38:12:46:3a:28:49:93:c2:e8:69:ef:c4:c5:
         da:0b:99:37:3b:c3:db:bd:db:36:53:0a:38:25:19:aa:a3:07:
         70:8a:e6:f9:2f:c4:c7:03:6d:c8:23:c7:26:b6:ad:8c:90:ac:
         32:ca:99:58:e5:79:32:02:a5:da:69:57:3e:4f:39:cf:0f:2c:
         a8:8c:f7:26:07:41:5b:50:2d:c8:53:68:58:bc:2b:6b:03:dc:
         7b:52:b0:51:40:1f:72:3c:3e:13:fe:8a:2c:cb:70:6d:b4:d0:
         58:b0:a0:a7:64:ca:06:3d:ac:4e:52:a0:e7:f7:7a:97:8e:c7:
         ec:76:4b:35:b0:15:99:25:e5:a9:38:84:80:23:26:88:98:3a:
         1e:32:c3:25:02:06:34:ed:42:e8:a9:f2:e2:7f:42:02:bc:62:
         f5:e6:52:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hVHx36o0rAZoAJtqKUOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwMTAyMTYyMzIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkzMWQ2YzZlMjVmNzg3YjE2YmY2MmNmOWI4NzNiMThkYjBmMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+rqc0TUfjQ2FMa3MvGvt73zVIOm
vCeFSBs5Mquo88V9I+3Nn6UI+7EBWbJ8SEKS0/KJj/lWZRm7CrBzmO7qH44gNddO
aiaQTg+xFukI4sDLUX89Kb8vOeHjz94ADT5o29U2ZY1qAjdWlMdLgcCRtueTf5+Y
T6UcOEUqp7/ny3dTv4ALm3yL3l+YQmVDQ+YWxeZ2zfrZ8ZuXEfPsCd8yMPJQOmmB
RZVqS8RrrT4ddJbndl92fX4DZzEgrarn8A9jjmw9mxkw8tF9k1FNQ1IR1HxDmi92
pgRzL/uqApc3GojQytdLztzTYjwx3tvMJZNfwKJhOeega305k0ghNcrilQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaTHWxuJfeHsWv2LPm4c7GNsPHpMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdHBNZGJHNGw5NGV4YV9Zcy1iaHpzWTJ3OGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/JsMA0G
CSqGSIb3DQEBCwUAA4IBAQARZtKgzoVo46+AQZ5PetoLUv2jaXFYH9S/tVxWj3NQ
hnm5LxDcStA8rH95MeSQMtBzyZMyNhBDTDN/EC15W6LeNmXh2393RIv6+vHXkddE
15al4fLjCBrvKPa4H/f3YzgSRjooSZPC6GnvxMXaC5k3O8Pbvds2Uwo4JRmqowdw
iub5L8THA23II8cmtq2MkKwyyplY5XkyAqXaaVc+TznPDyyojPcmB0FbUC3IU2hY
vCtrA9x7UrBRQB9yPD4T/oosy3BttNBYsKCnZMoGPaxOUqDn93qXjsfsdks1sBWZ
JeWpOISAIyaImDoeMsMlAgY07ULoqfLif0ICvGL15lIp
-----END CERTIFICATE-----