This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/StMUvEenw_x5lHCzPw_YMF_URiY.roa
File:                     StMUvEenw_x5lHCzPw_YMF_URiY.roa (raw, json)
Hash identifier:          ENHv8rZKdjNZdtVZ7QRD0qvto/6QSsxusDFFUShLO+E=
Subject key identifier:   4A:D3:14:BC:47:A7:C3:FC:79:94:70:B3:3F:0F:D8:30:5F:D4:46:26
Certificate issuer:       /CN=d0937eb6a89984e8c00b53b1681de09005adc99d
Certificate serial:       019B797E777D5C06B50B4A685AF7AA02B3DC
Authority key identifier: D0:93:7E:B6:A8:99:84:E8:C0:0B:53:B1:68:1D:E0:90:05:AD:C9:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/StMUvEenw_x5lHCzPw_YMF_URiY.roa
Signing time:             Thu 01 Jan 2026 12:18:09 +0000
ROA not before:           Thu 01 Jan 2026 12:18:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     198629
IP address blocks:        194.150.178.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:77:7d:5c:06:b5:0b:4a:68:5a:f7:aa:02:b3:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0937eb6a89984e8c00b53b1681de09005adc99d
        Validity
            Not Before: Jan  1 12:18:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4ad314bc47a7c3fc799470b33f0fd8305fd44626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5a:7e:f6:4b:16:57:a8:4b:70:7e:b1:06:38:
                    82:99:4b:85:72:54:48:71:7b:e2:c8:c9:f2:0c:7d:
                    fc:66:8f:d7:e9:08:9b:11:d3:aa:4d:5e:80:83:2a:
                    c0:cc:e7:2d:af:d3:6e:3b:31:a8:d2:78:2d:20:28:
                    c0:75:8a:c8:10:01:7c:c4:16:bb:20:97:ee:c9:2c:
                    af:f4:14:61:f0:dc:65:cb:e7:75:1e:8f:a5:83:eb:
                    97:ad:e2:a1:2d:1b:8a:68:83:a9:1f:da:42:73:6f:
                    2b:2b:91:72:7d:6b:59:7d:1d:a1:f3:0c:3d:71:83:
                    06:51:23:54:5a:7b:21:b8:f3:7c:43:c3:38:ff:b2:
                    9f:77:59:2f:33:8a:da:ff:56:7d:d1:ff:f3:fb:65:
                    7e:28:93:b1:fe:8e:65:3a:ab:6e:ca:69:5c:53:09:
                    61:b9:84:9b:69:84:fc:80:47:0f:84:df:7d:e7:71:
                    4a:97:1f:9b:27:03:8f:06:22:7b:60:b5:93:73:ff:
                    bd:4f:f3:80:4a:85:5a:3f:a2:eb:f6:09:e8:22:49:
                    87:8f:23:36:b9:6a:91:4a:fd:e7:2a:5c:26:ed:18:
                    b9:6e:0c:cc:78:d2:4d:44:94:49:09:60:7c:30:7d:
                    31:cf:9f:4c:c8:6b:10:cc:78:b4:46:d0:f9:0f:e2:
                    66:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D3:14:BC:47:A7:C3:FC:79:94:70:B3:3F:0F:D8:30:5F:D4:46:26
            X509v3 Authority Key Identifier:
                keyid:D0:93:7E:B6:A8:99:84:E8:C0:0B:53:B1:68:1D:E0:90:05:AD:C9:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/StMUvEenw_x5lHCzPw_YMF_URiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/2cc094-2081-4ff6-a9de-d621a891fb80/1/0JN-tqiZhOjAC1OxaB3gkAWtyZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.150.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:86:d8:09:93:78:35:38:bb:f2:fe:6b:30:c7:78:3e:8c:ea:
         25:d8:3e:bc:a3:9f:bb:97:0e:64:dd:35:31:2f:d5:b4:c2:df:
         cf:4d:09:f8:cf:f3:00:52:16:1c:c4:8a:92:81:94:25:4b:1f:
         61:3a:f2:ca:a7:60:a4:ce:b8:a6:80:08:3c:9d:6b:3a:e0:53:
         f6:59:2b:7f:27:ad:dd:c9:61:36:35:0b:ba:d0:71:9d:7f:1f:
         8a:e1:3f:a1:be:21:ce:bc:03:39:03:5f:7f:20:2f:9b:4d:95:
         71:c1:3f:ae:7c:26:82:9e:b5:14:ae:cb:9c:13:32:0a:31:21:
         73:9b:b3:12:e2:e2:e1:71:39:fe:e5:20:91:f6:7b:12:00:80:
         f5:9f:4c:60:38:17:a0:14:7b:52:f9:58:a7:4f:b5:c3:24:2a:
         49:45:54:f7:89:7f:00:39:3d:e3:ba:46:7f:be:91:08:1c:55:
         03:cb:1e:49:70:cc:3f:69:10:7c:9b:40:f4:19:bb:39:b4:4d:
         22:24:45:67:c9:d5:39:8d:17:1d:e8:e4:10:88:dd:c2:94:09:
         c7:85:62:cc:56:da:f8:e8:d1:c5:b8:dc:49:df:3e:a3:cd:fe:
         b3:4e:6a:aa:d4:39:01:db:60:f5:3c:9b:a7:2e:c8:2d:1d:0d:
         d4:04:b5:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fnd9XAa1C0poWveqArPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOTM3ZWI2YTg5OTg0ZThjMDBiNTNiMTY4MWRlMDkwMDVh
ZGM5OWQwHhcNMjYwMTAxMTIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQzMTRiYzQ3YTdjM2ZjNzk5NDcwYjMzZjBmZDgzMDVmZDQ0NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVp+9ksWV6hLcH6xBjiCmUuFclRI
cXviyMnyDH38Zo/X6QibEdOqTV6AgyrAzOctr9NuOzGo0ngtICjAdYrIEAF8xBa7
IJfuySyv9BRh8Nxly+d1Ho+lg+uXreKhLRuKaIOpH9pCc28rK5FyfWtZfR2h8ww9
cYMGUSNUWnshuPN8Q8M4/7Kfd1kvM4ra/1Z90f/z+2V+KJOx/o5lOqtuymlcUwlh
uYSbaYT8gEcPhN9953FKlx+bJwOPBiJ7YLWTc/+9T/OASoVaP6Lr9gnoIkmHjyM2
uWqRSv3nKlwm7Ri5bgzMeNJNRJRJCWB8MH0xz59MyGsQzHi0RtD5D+Jm3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErTFLxHp8P8eZRwsz8P2DBf1EYmMB8GA1UdIwQY
MBaAFNCTfraomYTowAtTsWgd4JAFrcmdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpOLXRxaVpoT2pBQzFPeGFCM2drQVd0eVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yY2MwOTQtMjA4MS00ZmY2LWE5ZGUt
ZDYyMWE4OTFmYjgwLzEvU3RNVXZFZW53X3g1bEhDelB3X1lNRl9VUmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yY2MwOTQtMjA4MS00ZmY2LWE5ZGUtZDYyMWE4OTFmYjgw
LzEvMEpOLXRxaVpoT2pBQzFPeGFCM2drQVd0eVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpayMA0G
CSqGSIb3DQEBCwUAA4IBAQC6htgJk3g1OLvy/mswx3g+jOol2D68o5+7lw5k3TUx
L9W0wt/PTQn4z/MAUhYcxIqSgZQlSx9hOvLKp2CkzrimgAg8nWs64FP2WSt/J63d
yWE2NQu60HGdfx+K4T+hviHOvAM5A19/IC+bTZVxwT+ufCaCnrUUrsucEzIKMSFz
m7MS4uLhcTn+5SCR9nsSAID1n0xgOBegFHtS+VinT7XDJCpJRVT3iX8AOT3jukZ/
vpEIHFUDyx5JcMw/aRB8m0D0Gbs5tE0iJEVnydU5jRcd6OQQiN3ClAnHhWLMVtr4
6NHFuNxJ3z6jzf6zTmqq1DkB22D1PJunLsgtHQ3UBLVA
-----END CERTIFICATE-----