This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/vHb2PXbLOQDiEgmgNVeM25O_uYw.roa
File:                     vHb2PXbLOQDiEgmgNVeM25O_uYw.roa (raw, json)
Hash identifier:          A0zzK6+DweI9ov6X0YBv5MoDDd8w4Zw2H0qKl9mjATM=
Subject key identifier:   BC:76:F6:3D:76:CB:39:00:E2:12:09:A0:35:57:8C:DB:93:BF:B9:8C
Certificate issuer:       /CN=ea4e028658912e69697c18553b9529f3d1ce405d
Certificate serial:       019B7910197C98E07C142D8A07AC419AAD77
Authority key identifier: EA:4E:02:86:58:91:2E:69:69:7C:18:55:3B:95:29:F3:D1:CE:40:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6k4ChliRLmlpfBhVO5Up89HOQF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/vHb2PXbLOQDiEgmgNVeM25O_uYw.roa
Signing time:             Thu 01 Jan 2026 10:17:36 +0000
ROA not before:           Thu 01 Jan 2026 10:17:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     50673
IP address blocks:        194.104.236.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/6k4ChliRLmlpfBhVO5Up89HOQF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/6k4ChliRLmlpfBhVO5Up89HOQF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6k4ChliRLmlpfBhVO5Up89HOQF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:19:7c:98:e0:7c:14:2d:8a:07:ac:41:9a:ad:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea4e028658912e69697c18553b9529f3d1ce405d
        Validity
            Not Before: Jan  1 10:17:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bc76f63d76cb3900e21209a035578cdb93bfb98c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f5:13:77:56:34:e6:37:75:dd:c8:14:b7:b6:
                    c4:5d:af:00:de:e2:21:e9:72:b1:5d:79:88:86:ce:
                    85:bc:a8:f6:d7:b2:ca:74:05:f5:89:74:b5:93:a8:
                    68:4e:66:ba:e0:e6:28:03:19:53:91:db:9a:99:25:
                    17:ef:b2:6a:4b:b6:20:5d:39:39:c5:d7:32:dc:25:
                    bf:43:d0:a0:94:bf:78:7e:04:48:9b:43:d4:8e:72:
                    79:a0:4e:d5:fd:54:5e:b3:66:eb:fd:cc:76:0b:24:
                    ab:08:a0:b2:19:8d:2d:06:8c:95:a1:46:e9:80:e0:
                    47:8d:23:b6:d9:2d:b5:0e:92:d5:44:f2:78:08:12:
                    13:9c:f5:7a:e7:44:c0:3e:aa:2a:3c:78:83:bf:57:
                    35:e8:d6:b3:b9:0c:bc:29:ab:4c:1f:69:b8:dc:41:
                    c8:c5:39:99:55:d0:05:3f:16:3d:22:1f:7f:07:ff:
                    fa:9e:ae:6c:a2:7e:a2:d0:82:8f:73:20:8c:57:8a:
                    a4:7c:d7:f1:ff:76:eb:60:68:75:1f:a4:d8:1c:06:
                    c2:bc:9b:80:cc:69:e9:66:4a:4c:52:f2:dd:8a:eb:
                    8b:b7:36:21:10:52:cb:94:98:63:61:d8:54:fb:9b:
                    15:d9:05:e9:ea:22:2c:8c:1a:d8:ad:a6:72:7c:a7:
                    90:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:76:F6:3D:76:CB:39:00:E2:12:09:A0:35:57:8C:DB:93:BF:B9:8C
            X509v3 Authority Key Identifier:
                keyid:EA:4E:02:86:58:91:2E:69:69:7C:18:55:3B:95:29:F3:D1:CE:40:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6k4ChliRLmlpfBhVO5Up89HOQF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/vHb2PXbLOQDiEgmgNVeM25O_uYw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/145631-b63e-4809-b4ab-bcef9e322f2a/1/6k4ChliRLmlpfBhVO5Up89HOQF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:78:49:70:c9:82:06:da:40:05:ac:6c:44:3f:47:ea:73:4f:
         7b:7f:48:2f:c6:f5:af:0b:37:13:3f:41:3b:3c:09:74:e8:2e:
         e6:08:e6:99:49:48:19:da:7b:ea:6d:b6:e6:51:b2:b7:ca:04:
         5d:e2:42:65:3a:b7:d3:99:2f:c8:23:c2:2f:ba:f1:bc:c6:6e:
         4f:dd:71:dc:df:83:7b:91:03:41:87:51:dc:d9:aa:53:e5:5d:
         a4:a6:c0:58:4b:fd:79:10:23:26:50:cc:a5:b7:68:f4:4c:fe:
         fc:54:ae:0c:0d:f6:e2:b0:5e:e9:f0:7b:53:f1:06:73:8a:78:
         41:c5:d2:5c:91:7f:f3:dd:4a:8f:31:c6:ba:74:58:31:05:73:
         48:41:6a:7e:50:ce:ff:2a:ef:0d:a8:af:38:22:2e:41:77:de:
         d7:cc:c9:5c:be:9d:dc:cd:1f:40:dd:c3:c5:45:82:5f:f9:2f:
         9a:fc:ee:96:66:6e:1d:cf:05:88:69:25:1e:aa:90:80:d5:f1:
         8e:ce:f0:15:c3:5b:b9:cd:23:d6:8f:a6:69:87:82:69:50:f6:
         36:2c:95:1a:5e:b2:4a:a2:23:cc:3c:4f:ec:24:10:3e:b2:49:
         6d:36:9c:d0:17:9e:ff:0d:71:04:2a:7a:db:06:27:79:3d:4d:
         db:f6:c6:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EBl8mOB8FC2KB6xBmq13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNGUwMjg2NTg5MTJlNjk2OTdjMTg1NTNiOTUyOWYzZDFj
ZTQwNWQwHhcNMjYwMTAxMTAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc2ZjYzZDc2Y2IzOTAwZTIxMjA5YTAzNTU3OGNkYjkzYmZiOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvUTd1Y05jd13cgUt7bEXa8A3uIh
6XKxXXmIhs6FvKj217LKdAX1iXS1k6hoTma64OYoAxlTkduamSUX77JqS7YgXTk5
xdcy3CW/Q9CglL94fgRIm0PUjnJ5oE7V/VRes2br/cx2CySrCKCyGY0tBoyVoUbp
gOBHjSO22S21DpLVRPJ4CBITnPV650TAPqoqPHiDv1c16NazuQy8KatMH2m43EHI
xTmZVdAFPxY9Ih9/B//6nq5son6i0IKPcyCMV4qkfNfx/3brYGh1H6TYHAbCvJuA
zGnpZkpMUvLdiuuLtzYhEFLLlJhjYdhU+5sV2QXp6iIsjBrYraZyfKeQ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLx29j12yzkA4hIJoDVXjNuTv7mMMB8GA1UdIwQY
MBaAFOpOAoZYkS5paXwYVTuVKfPRzkBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNms0Q2hsaVJMbWxwZkJoVk81VXA4OUhPUUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xNDU2MzEtYjYzZS00ODA5LWI0YWIt
YmNlZjllMzIyZjJhLzEvdkhiMlBYYkxPUURpRWdtZ05WZU0yNU9fdVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xNDU2MzEtYjYzZS00ODA5LWI0YWItYmNlZjllMzIyZjJh
LzEvNms0Q2hsaVJMbWxwZkJoVk81VXA4OUhPUUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmjsMA0G
CSqGSIb3DQEBCwUAA4IBAQCeeElwyYIG2kAFrGxEP0fqc097f0gvxvWvCzcTP0E7
PAl06C7mCOaZSUgZ2nvqbbbmUbK3ygRd4kJlOrfTmS/II8IvuvG8xm5P3XHc34N7
kQNBh1Hc2apT5V2kpsBYS/15ECMmUMylt2j0TP78VK4MDfbisF7p8HtT8QZzinhB
xdJckX/z3UqPMca6dFgxBXNIQWp+UM7/Ku8NqK84Ii5Bd97XzMlcvp3czR9A3cPF
RYJf+S+a/O6WZm4dzwWIaSUeqpCA1fGOzvAVw1u5zSPWj6Zph4JpUPY2LJUaXrJK
oiPMPE/sJBA+skltNpzQF57/DXEEKnrbBid5PU3b9sZB
-----END CERTIFICATE-----