This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/bmMSflL-eMQuMBI3gu6949ZANPM.roa
File:                     bmMSflL-eMQuMBI3gu6949ZANPM.roa (raw, json)
Hash identifier:          IDrbZuLc/19ByTc6qymrXkkUxTTGRdkMTB5oi5VuL5U=
Subject key identifier:   6E:63:12:7E:52:FE:78:C4:2E:30:12:37:82:EE:BD:E3:D6:40:34:F3
Certificate issuer:       /CN=bd1911343226229d203ea326a9d69d4fc346c575
Certificate serial:       019B7AC7F1A796F9B494DF4057B6ED1BE359
Authority key identifier: BD:19:11:34:32:26:22:9D:20:3E:A3:26:A9:D6:9D:4F:C3:46:C5:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vRkRNDImIp0gPqMmqdadT8NGxXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/bmMSflL-eMQuMBI3gu6949ZANPM.roa
Signing time:             Thu 01 Jan 2026 18:18:02 +0000
ROA not before:           Thu 01 Jan 2026 18:18:02 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     51184
IP address blocks:        91.216.8.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/vRkRNDImIp0gPqMmqdadT8NGxXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/vRkRNDImIp0gPqMmqdadT8NGxXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vRkRNDImIp0gPqMmqdadT8NGxXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 18:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:f1:a7:96:f9:b4:94:df:40:57:b6:ed:1b:e3:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd1911343226229d203ea326a9d69d4fc346c575
        Validity
            Not Before: Jan  1 18:18:02 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6e63127e52fe78c42e30123782eebde3d64034f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b0:0e:fd:e8:59:f5:6e:52:0a:fa:ad:f2:11:
                    63:a2:9e:f3:00:17:ba:9d:9d:e0:c4:bb:91:67:b9:
                    b2:c8:e2:90:ea:22:aa:e0:b4:41:62:05:ad:71:5a:
                    16:24:cc:ea:8f:1e:35:22:44:0a:9a:12:f8:4c:dd:
                    ef:16:21:0c:b9:48:fb:09:c0:7d:54:db:66:8f:5f:
                    97:ba:5d:b8:a3:89:79:d0:9e:b4:01:a0:f1:cb:bd:
                    a1:41:9f:be:24:94:75:ed:1a:dc:d0:31:1b:6e:4c:
                    7a:2b:60:a9:1b:09:71:c0:db:c4:51:85:c4:d6:bb:
                    33:7d:db:ee:39:69:67:ff:61:de:cf:8b:39:25:96:
                    43:23:a7:6a:ab:5c:f1:82:6f:1e:ab:31:33:ca:f2:
                    ea:bc:6b:66:d0:27:6f:dc:ad:f6:15:0a:9a:f1:32:
                    69:5e:4c:63:17:d2:22:12:29:c2:e8:34:85:e3:7d:
                    f2:4d:4e:81:a6:85:a8:8a:ca:60:1c:bf:fd:9f:d3:
                    d4:5c:f7:5b:41:8a:03:76:5d:bb:e7:89:80:ca:81:
                    3b:8d:cb:48:80:fa:32:92:71:82:87:4d:3d:2e:36:
                    4c:75:90:15:48:0a:ae:33:b7:76:9b:e2:f9:b1:ab:
                    a3:bb:51:12:d8:d1:a1:3b:1f:b1:64:80:a9:56:48:
                    25:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:63:12:7E:52:FE:78:C4:2E:30:12:37:82:EE:BD:E3:D6:40:34:F3
            X509v3 Authority Key Identifier:
                keyid:BD:19:11:34:32:26:22:9D:20:3E:A3:26:A9:D6:9D:4F:C3:46:C5:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRkRNDImIp0gPqMmqdadT8NGxXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/bmMSflL-eMQuMBI3gu6949ZANPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9e7d10-243f-47b5-afc4-356ee9776153/1/vRkRNDImIp0gPqMmqdadT8NGxXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:28:7f:53:af:06:ee:4b:24:b2:3d:d2:97:bd:38:e4:07:94:
         d4:ef:10:55:e8:07:cd:a5:cc:74:b1:23:0f:2f:86:2f:c4:47:
         6e:35:e1:c0:7a:46:7d:46:c0:f2:02:b4:81:c3:2d:bd:c5:60:
         67:99:17:c4:8e:4b:f2:76:cc:30:c2:83:34:26:72:ca:26:3c:
         ce:70:e7:cd:1b:0e:db:0c:05:e0:42:f0:2e:94:dd:96:a0:d8:
         2c:6f:17:79:6a:c8:79:4b:90:3b:f8:92:d0:5c:07:dd:bc:14:
         5b:ea:f8:d5:ec:d7:65:a3:6a:d3:6a:51:68:38:48:c6:00:9f:
         3f:f4:99:ea:23:2a:2e:63:58:f5:d3:34:00:e3:0e:28:6f:1d:
         ea:cf:01:2b:91:0a:d0:cb:88:cf:a9:bd:0c:9d:79:f7:f4:09:
         74:ee:5d:73:de:15:3c:66:72:01:7e:bd:b4:5b:cb:37:6c:22:
         22:7b:75:18:d3:05:93:02:33:a4:38:ab:cb:51:9b:ac:8f:70:
         10:c9:dd:30:54:07:4b:98:a7:7f:68:7d:31:48:ad:11:5b:1d:
         88:dd:c3:14:f1:ab:df:c3:35:d0:40:5f:41:a5:93:d3:62:5e:
         83:af:16:d9:ca:bc:d4:d6:1c:5f:a3:ba:6a:21:6a:8e:47:74:
         2f:23:a1:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x/Gnlvm0lN9AV7btG+NZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTkxMTM0MzIyNjIyOWQyMDNlYTMyNmE5ZDY5ZDRmYzM0
NmM1NzUwHhcNMjYwMTAxMTgxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTYzMTI3ZTUyZmU3OGM0MmUzMDEyMzc4MmVlYmRlM2Q2NDAzNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbAO/ehZ9W5SCvqt8hFjop7zABe6
nZ3gxLuRZ7myyOKQ6iKq4LRBYgWtcVoWJMzqjx41IkQKmhL4TN3vFiEMuUj7CcB9
VNtmj1+Xul24o4l50J60AaDxy72hQZ++JJR17Rrc0DEbbkx6K2CpGwlxwNvEUYXE
1rszfdvuOWln/2Hez4s5JZZDI6dqq1zxgm8eqzEzyvLqvGtm0Cdv3K32FQqa8TJp
XkxjF9IiEinC6DSF433yTU6BpoWoispgHL/9n9PUXPdbQYoDdl2754mAyoE7jctI
gPoyknGCh009LjZMdZAVSAquM7d2m+L5sauju1ES2NGhOx+xZICpVkglhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5jEn5S/njELjASN4LuvePWQDTzMB8GA1UdIwQY
MBaAFL0ZETQyJiKdID6jJqnWnU/DRsV1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJrUk5ESW1JcDBnUHFNbXFkYWRUOE5HeFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85ZTdkMTAtMjQzZi00N2I1LWFmYzQt
MzU2ZWU5Nzc2MTUzLzEvYm1NU2ZsTC1lTVF1TUJJM2d1Njk0OVpBTlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85ZTdkMTAtMjQzZi00N2I1LWFmYzQtMzU2ZWU5Nzc2MTUz
LzEvdlJrUk5ESW1JcDBnUHFNbXFkYWRUOE5HeFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gIMA0G
CSqGSIb3DQEBCwUAA4IBAQC6KH9TrwbuSySyPdKXvTjkB5TU7xBV6AfNpcx0sSMP
L4YvxEduNeHAekZ9RsDyArSBwy29xWBnmRfEjkvydswwwoM0JnLKJjzOcOfNGw7b
DAXgQvAulN2WoNgsbxd5ash5S5A7+JLQXAfdvBRb6vjV7Ndlo2rTalFoOEjGAJ8/
9JnqIyouY1j10zQA4w4obx3qzwErkQrQy4jPqb0MnXn39Al07l1z3hU8ZnIBfr20
W8s3bCIie3UY0wWTAjOkOKvLUZusj3AQyd0wVAdLmKd/aH0xSK0RWx2I3cMU8avf
wzXQQF9BpZPTYl6DrxbZyrzU1hxfo7pqIWqOR3QvI6FU
-----END CERTIFICATE-----