This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sdboL9s2CoNL7v7DnLR9WPePEv4.roa
File:                     sdboL9s2CoNL7v7DnLR9WPePEv4.roa (raw, json)
Hash identifier:          ct3NDc6ScYAUMjLb9WeU7u1GtC6R52vhJ2qr75TB/po=
Subject key identifier:   B1:D6:E8:2F:DB:36:0A:83:4B:EE:FE:C3:9C:B4:7D:58:F7:8F:12:FE
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       019B797F523009D55154B6ABE8DECC18979A
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sdboL9s2CoNL7v7DnLR9WPePEv4.roa
Signing time:             Thu 01 Jan 2026 12:19:05 +0000
ROA not before:           Thu 01 Jan 2026 12:19:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215749
IP address blocks:        213.238.170.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7f:52:30:09:d5:51:54:b6:ab:e8:de:cc:18:97:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Jan  1 12:19:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b1d6e82fdb360a834beefec39cb47d58f78f12fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ff:33:d7:f7:78:aa:90:20:0b:a7:fc:87:07:
                    37:a1:c6:84:bf:e0:5e:53:aa:ce:7d:79:35:5f:01:
                    d2:e9:37:bc:9e:d8:d8:75:0d:df:c9:fd:3f:0b:5b:
                    32:0c:f9:37:23:a3:a0:0b:fd:c5:50:a5:a6:9a:4b:
                    4f:f1:13:1a:2b:fe:95:c8:47:fb:a5:ee:8d:f1:ae:
                    c8:e6:71:09:2e:1d:64:6d:e4:bc:3f:32:b7:97:e5:
                    17:5a:2c:4a:e6:0b:e4:f7:b8:72:b0:4e:f8:15:5e:
                    9f:3f:b1:84:3d:e4:73:c0:7d:9a:fa:4c:c8:f3:a5:
                    6c:89:55:24:55:7b:55:a1:44:4d:49:17:35:b9:bc:
                    22:6a:82:9a:34:81:42:4d:dc:82:12:49:bd:96:0d:
                    7a:3f:05:cc:0a:22:78:ac:7c:14:4c:0b:06:86:c9:
                    87:f3:6c:76:8a:63:c6:4e:bb:11:ac:e4:41:9b:4c:
                    c9:c3:a7:52:aa:63:1b:78:dc:a0:ae:d8:e9:4a:8b:
                    7d:96:09:5a:1f:9b:76:72:52:6d:84:ad:53:fc:e4:
                    dd:f5:15:a4:cd:10:b0:3d:e8:42:c3:d6:6d:a4:f0:
                    c3:73:d9:1e:96:14:94:de:eb:1e:85:7a:1e:47:ea:
                    d7:28:75:dd:2f:e1:f7:56:76:ff:ef:0a:51:9a:e0:
                    d9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D6:E8:2F:DB:36:0A:83:4B:EE:FE:C3:9C:B4:7D:58:F7:8F:12:FE
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sdboL9s2CoNL7v7DnLR9WPePEv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:93:b4:3c:6b:0c:ab:3c:3a:08:c4:90:a7:a6:d0:c7:00:2c:
         bc:9c:16:93:4e:87:8d:29:dc:09:f9:11:cf:04:ca:26:f3:2f:
         92:f2:c7:c3:ee:1c:e1:30:17:0f:4a:1d:f4:76:0e:3b:17:37:
         56:a8:52:1b:05:92:27:dd:05:6e:7f:ff:9e:c5:46:8b:e4:22:
         2b:cd:e2:2d:f0:b1:b0:ae:53:6b:78:91:8a:bc:3c:91:bc:af:
         7c:0e:8a:9a:4e:1d:91:84:2b:0b:4b:09:0f:4b:37:34:16:2c:
         a0:b8:2d:d3:67:c1:b1:01:57:68:ca:43:f9:77:b0:dc:93:3f:
         c7:67:b7:96:a5:69:01:94:7f:54:57:69:18:f9:67:ca:b4:31:
         55:ce:ea:7b:4d:98:70:54:0f:48:4b:63:7a:3e:69:36:a1:85:
         26:56:58:7f:9c:8a:c4:b4:d9:d8:6e:f4:7a:44:55:2e:a9:92:
         82:b7:16:5f:39:76:bd:6f:4d:ed:22:9b:3d:28:8f:e9:8c:78:
         68:2a:df:60:9b:70:8f:15:7f:28:55:9d:2f:48:a8:70:bf:3c:
         55:4d:2b:a1:82:dc:d6:5c:15:7b:11:b1:be:5c:98:9c:83:7b:
         25:f1:33:3e:76:ed:1b:1c:f8:4d:c5:0b:d3:c3:09:7b:7c:f6:
         79:52:82:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5f1IwCdVRVLar6N7MGJeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjYwMTAxMTIxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ2ZTgyZmRiMzYwYTgzNGJlZWZlYzM5Y2I0N2Q1OGY3OGYxMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv8z1/d4qpAgC6f8hwc3ocaEv+Be
U6rOfXk1XwHS6Te8ntjYdQ3fyf0/C1syDPk3I6OgC/3FUKWmmktP8RMaK/6VyEf7
pe6N8a7I5nEJLh1kbeS8PzK3l+UXWixK5gvk97hysE74FV6fP7GEPeRzwH2a+kzI
86VsiVUkVXtVoURNSRc1ubwiaoKaNIFCTdyCEkm9lg16PwXMCiJ4rHwUTAsGhsmH
82x2imPGTrsRrORBm0zJw6dSqmMbeNygrtjpSot9lglaH5t2clJthK1T/OTd9RWk
zRCwPehCw9ZtpPDDc9kelhSU3usehXoeR+rXKHXdL+H3Vnb/7wpRmuDZ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHW6C/bNgqDS+7+w5y0fVj3jxL+MB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvc2Rib0w5czJDb05MN3Y3RG5MUjlXUGVQRXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1e6qMA0G
CSqGSIb3DQEBCwUAA4IBAQBsk7Q8awyrPDoIxJCnptDHACy8nBaTToeNKdwJ+RHP
BMom8y+S8sfD7hzhMBcPSh30dg47FzdWqFIbBZIn3QVuf/+exUaL5CIrzeIt8LGw
rlNreJGKvDyRvK98DoqaTh2RhCsLSwkPSzc0FiyguC3TZ8GxAVdoykP5d7Dckz/H
Z7eWpWkBlH9UV2kY+WfKtDFVzup7TZhwVA9IS2N6Pmk2oYUmVlh/nIrEtNnYbvR6
RFUuqZKCtxZfOXa9b03tIps9KI/pjHhoKt9gm3CPFX8oVZ0vSKhwvzxVTSuhgtzW
XBV7EbG+XJicg3sl8TM+du0bHPhNxQvTwwl7fPZ5UoIX
-----END CERTIFICATE-----