This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/LIiML1O5GYrYT2OXv04_3crEOSo.roa
File:                     LIiML1O5GYrYT2OXv04_3crEOSo.roa (raw, json)
Hash identifier:          GEv40+sowJMzMWvtaNBUTp1Lf4CV4ySJkJ0S9aCKf/Y=
Subject key identifier:   2C:88:8C:2F:53:B9:19:8A:D8:4F:63:97:BF:4E:3F:DD:CA:C4:39:2A
Certificate issuer:       /CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Certificate serial:       019B7EA4B072D8A4FDDFC37F17CE6E811A1B
Authority key identifier: 21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/LIiML1O5GYrYT2OXv04_3crEOSo.roa
Signing time:             Fri 02 Jan 2026 12:18:00 +0000
ROA not before:           Fri 02 Jan 2026 12:18:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15404
IP address blocks:        193.178.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 06:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a4:b0:72:d8:a4:fd:df:c3:7f:17:ce:6e:81:1a:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2101f439debaff5880395d78f0bbfad8ca7608bf
        Validity
            Not Before: Jan  2 12:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2c888c2f53b9198ad84f6397bf4e3fddcac4392a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:2d:e1:8e:27:7f:35:c2:4b:ca:4a:ab:0a:4d:
                    b3:c7:dc:7f:bd:73:16:d1:31:1d:7d:a6:7f:eb:2c:
                    c8:98:91:91:6b:eb:63:76:82:01:e9:12:50:0b:da:
                    50:95:77:3e:d2:1b:5d:a9:e8:94:01:87:cc:52:be:
                    58:13:de:a8:e7:9c:14:17:13:cc:be:2e:77:9f:cc:
                    bb:35:7a:87:f7:1b:57:56:06:40:2c:6e:07:15:5c:
                    c0:12:f7:f9:ea:68:fc:00:f2:40:8e:b4:35:25:c8:
                    86:62:73:0b:c1:c4:93:ef:97:bc:0d:e5:fd:d2:c0:
                    e6:b2:08:e2:22:7c:f7:e5:62:9b:40:f1:99:bf:c5:
                    6c:04:b3:2a:de:ec:5a:2d:ec:5c:2f:74:89:ea:29:
                    bf:98:9e:3c:c9:4c:7f:f4:9b:c7:e9:56:6a:c4:bb:
                    7a:c4:53:45:64:42:b7:0c:71:2e:f0:c0:41:b1:7a:
                    53:c4:d7:7f:99:b4:fb:d9:22:dc:8c:35:ba:08:3e:
                    34:3e:28:f4:9d:a8:2b:c4:cb:63:28:71:b1:2e:84:
                    3b:d8:6f:ed:d7:3a:cd:6e:31:dd:73:db:9a:7b:45:
                    17:32:0e:bc:10:94:6a:69:a7:c3:ef:49:07:39:81:
                    96:bb:2c:ea:0f:24:0f:28:80:ce:bc:c1:9e:b1:61:
                    6f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:88:8C:2F:53:B9:19:8A:D8:4F:63:97:BF:4E:3F:DD:CA:C4:39:2A
            X509v3 Authority Key Identifier:
                keyid:21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/LIiML1O5GYrYT2OXv04_3crEOSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:63:c8:b3:2e:c1:50:3b:bd:44:ef:94:24:76:2a:e0:66:1a:
         86:a0:25:05:b4:03:cd:85:c5:c6:02:a8:ef:18:27:97:54:d1:
         18:b1:4f:88:82:be:58:49:1d:9c:f1:97:dc:d7:0f:a1:13:f4:
         f8:4b:78:53:ba:25:c7:18:14:35:a0:c8:81:56:61:16:00:26:
         65:b2:39:ef:ea:97:94:48:58:70:e2:53:b5:bd:1c:f6:44:ce:
         a4:89:84:8c:fc:50:b4:d7:89:6f:03:93:d3:f5:f9:fa:70:20:
         3a:a2:48:cc:dc:21:7c:da:8c:d8:88:7c:d2:72:dc:4d:0e:4f:
         57:0d:7c:31:3d:43:04:d5:c4:80:57:0c:11:17:bc:46:fe:22:
         e1:86:0e:63:60:2a:e8:ca:bf:d1:ff:53:2b:d8:f0:20:6c:00:
         ce:25:70:57:b1:26:bd:38:fb:ef:71:1e:b3:a3:f1:37:ef:73:
         5f:a9:96:8d:99:3c:53:84:9d:b4:3f:0d:86:33:08:0f:3a:dd:
         28:24:a4:69:40:59:32:40:6f:b8:38:bb:78:ac:f3:00:04:d7:
         5f:68:fb:e0:69:f7:f4:d4:83:d7:39:58:21:34:88:a8:dd:e6:
         c9:17:30:6b:7f:16:9e:09:4c:b3:31:2f:20:b2:05:1a:39:b3:
         68:47:5e:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pLBy2KT938N/F85ugRobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFmNDM5ZGViYWZmNTg4MDM5NWQ3OGYwYmJmYWQ4Y2E3
NjA4YmYwHhcNMjYwMTAyMTIxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg4OGMyZjUzYjkxOThhZDg0ZjYzOTdiZjRlM2ZkZGNhYzQzOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y3hjid/NcJLykqrCk2zx9x/vXMW
0TEdfaZ/6yzImJGRa+tjdoIB6RJQC9pQlXc+0htdqeiUAYfMUr5YE96o55wUFxPM
vi53n8y7NXqH9xtXVgZALG4HFVzAEvf56mj8APJAjrQ1JciGYnMLwcST75e8DeX9
0sDmsgjiInz35WKbQPGZv8VsBLMq3uxaLexcL3SJ6im/mJ48yUx/9JvH6VZqxLt6
xFNFZEK3DHEu8MBBsXpTxNd/mbT72SLcjDW6CD40Pij0nagrxMtjKHGxLoQ72G/t
1zrNbjHdc9uae0UXMg68EJRqaafD70kHOYGWuyzqDyQPKIDOvMGesWFvBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyIjC9TuRmK2E9jl79OP93KxDkqMB8GA1UdIwQY
MBaAFCEB9Dneuv9YgDldePC7+tjKdgi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgt
ZTNkZWZiN2UyNTE4LzEvTElpTUwxTzVHWXJZVDJPWHYwNF8zY3JFT1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgtZTNkZWZiN2UyNTE4
LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbKMMA0G
CSqGSIb3DQEBCwUAA4IBAQBUY8izLsFQO71E75QkdirgZhqGoCUFtAPNhcXGAqjv
GCeXVNEYsU+Igr5YSR2c8Zfc1w+hE/T4S3hTuiXHGBQ1oMiBVmEWACZlsjnv6peU
SFhw4lO1vRz2RM6kiYSM/FC014lvA5PT9fn6cCA6okjM3CF82ozYiHzSctxNDk9X
DXwxPUME1cSAVwwRF7xG/iLhhg5jYCroyr/R/1Mr2PAgbADOJXBXsSa9OPvvcR6z
o/E373NfqZaNmTxThJ20Pw2GMwgPOt0oJKRpQFkyQG+4OLt4rPMABNdfaPvgaff0
1IPXOVghNIio3ebJFzBrfxaeCUyzMS8gsgUaObNoR171
-----END CERTIFICATE-----