This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/XJcb1-hBobILMv_Vof-Zxf0RkUg.roa
File:                     XJcb1-hBobILMv_Vof-Zxf0RkUg.roa (raw, json)
Hash identifier:          VueF5+Q5F3brFftwGGvgxAFwrBBqXIBGanige3SzY7M=
Subject key identifier:   5C:97:1B:D7:E8:41:A1:B2:0B:32:FF:D5:A1:FF:99:C5:FD:11:91:48
Certificate issuer:       /CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Certificate serial:       019B7EA58E0353A48F98C984D95AA0F2CBC9
Authority key identifier: 1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/XJcb1-hBobILMv_Vof-Zxf0RkUg.roa
Signing time:             Fri 02 Jan 2026 12:18:57 +0000
ROA not before:           Fri 02 Jan 2026 12:18:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15626
IP address blocks:        130.0.232.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a5:8e:03:53:a4:8f:98:c9:84:d9:5a:a0:f2:cb:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
        Validity
            Not Before: Jan  2 12:18:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5c971bd7e841a1b20b32ffd5a1ff99c5fd119148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:64:8e:b6:47:e2:0c:19:30:0b:d0:c2:bc:1d:
                    54:1e:2a:d7:56:0b:28:ec:f7:2e:9b:a2:78:25:20:
                    31:1e:75:d9:cb:c5:dc:79:86:67:07:eb:78:76:65:
                    8f:ea:04:34:a1:83:2b:13:cd:42:69:d7:c1:41:18:
                    df:a4:0f:8b:bd:c3:23:4e:8c:f8:84:97:68:39:6c:
                    14:1f:b8:37:4d:59:b8:9c:c8:db:59:50:d1:0b:22:
                    29:22:b2:09:cb:5c:ac:c3:f4:d3:a2:86:9f:bc:8d:
                    1f:03:67:b8:04:89:41:18:f9:5a:55:0a:e6:05:c7:
                    bf:92:91:b8:f3:28:38:bb:e2:60:50:05:46:01:8a:
                    ce:19:f4:fc:f3:67:7c:c3:bd:17:da:40:20:1c:a7:
                    9a:68:fd:e8:47:58:a7:17:54:8b:e1:e2:df:4f:af:
                    e8:f3:63:4a:79:67:dd:db:c3:8e:6c:84:ac:52:a6:
                    54:6c:f3:fc:bc:4b:c3:71:8a:5c:09:f6:78:78:4b:
                    ec:fd:01:40:a3:51:78:3d:9e:00:e6:c3:5d:15:31:
                    9e:8d:0f:d2:f9:28:10:bf:0a:72:3c:cb:15:a7:9b:
                    7c:c0:bd:2a:32:3a:5d:ce:d4:60:a3:b8:ef:33:40:
                    a6:7f:c8:2d:28:d4:34:f8:c9:13:6f:29:3f:5c:6b:
                    0f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:97:1B:D7:E8:41:A1:B2:0B:32:FF:D5:A1:FF:99:C5:FD:11:91:48
            X509v3 Authority Key Identifier:
                keyid:1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/XJcb1-hBobILMv_Vof-Zxf0RkUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.0.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         30:36:18:14:41:c7:d2:1d:62:e8:df:6e:38:35:01:c2:37:08:
         95:5f:85:e6:53:9b:06:9f:07:c9:3e:e2:54:2d:a6:e2:9d:80:
         ec:2c:5c:3f:4d:ad:9c:fd:01:02:fc:2a:8f:ca:6f:d4:17:74:
         f5:2e:94:b0:bc:95:14:44:d9:8e:b5:45:c4:ae:95:14:29:ec:
         73:51:0a:7d:7b:da:f7:49:8e:42:df:cd:c9:46:6f:57:13:58:
         da:55:97:1a:05:e5:a7:97:c0:08:b1:1f:90:5d:42:6c:32:a2:
         bb:53:bd:f9:7b:8a:99:0e:7c:1b:ec:ff:9f:cd:76:64:45:d7:
         f5:20:1f:e6:b9:2d:45:2c:2d:ee:c6:18:c9:31:d2:2e:e5:4d:
         fd:c7:a5:5e:4d:a1:b6:bb:82:4e:16:9a:cc:d9:df:66:35:15:
         7e:e5:a7:45:35:bd:1b:06:52:e0:6e:60:0c:02:ce:80:86:2a:
         a2:57:01:4e:77:bb:ad:18:0d:19:d2:a8:7f:aa:82:6c:5b:9b:
         66:b9:cd:71:1f:47:49:ad:96:6f:83:be:4e:a5:7d:7d:d8:db:
         18:23:21:67:cc:81:04:a9:1c:62:a3:b6:4d:64:9c:ff:0b:f7:
         d4:b5:3f:cb:7d:35:03:1a:e4:22:00:80:f4:b7:86:4d:b8:5c:
         36:8e:7c:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pY4DU6SPmMmE2Vqg8svJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRjMjI1OTVmYzFmNTg4ZmJjNGRkZTA3YzFjMzk0OTk4
ZjMzYTcwHhcNMjYwMTAyMTIxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk3MWJkN2U4NDFhMWIyMGIzMmZmZDVhMWZmOTljNWZkMTE5MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomSOtkfiDBkwC9DCvB1UHirXVgso
7Pcum6J4JSAxHnXZy8XceYZnB+t4dmWP6gQ0oYMrE81CadfBQRjfpA+LvcMjToz4
hJdoOWwUH7g3TVm4nMjbWVDRCyIpIrIJy1ysw/TTooafvI0fA2e4BIlBGPlaVQrm
Bce/kpG48yg4u+JgUAVGAYrOGfT882d8w70X2kAgHKeaaP3oR1inF1SL4eLfT6/o
82NKeWfd28OObISsUqZUbPP8vEvDcYpcCfZ4eEvs/QFAo1F4PZ4A5sNdFTGejQ/S
+SgQvwpyPMsVp5t8wL0qMjpdztRgo7jvM0Cmf8gtKNQ0+MkTbyk/XGsPXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyXG9foQaGyCzL/1aH/mcX9EZFIMB8GA1UdIwQY
MBaAFBpNwiWV/B9Yj7xN3gfBw5SZjzOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYt
MmI3OGIxOWI1YTg3LzEvWEpjYjEtaEJvYklMTXZfVm9mLVp4ZjBSa1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYtMmI3OGIxOWI1YTg3
LzEvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDggDoMA0G
CSqGSIb3DQEBCwUAA4IBAQAwNhgUQcfSHWLo3244NQHCNwiVX4XmU5sGnwfJPuJU
LabinYDsLFw/Ta2c/QEC/CqPym/UF3T1LpSwvJUURNmOtUXErpUUKexzUQp9e9r3
SY5C383JRm9XE1jaVZcaBeWnl8AIsR+QXUJsMqK7U735e4qZDnwb7P+fzXZkRdf1
IB/muS1FLC3uxhjJMdIu5U39x6VeTaG2u4JOFprM2d9mNRV+5adFNb0bBlLgbmAM
As6AhiqiVwFOd7utGA0Z0qh/qoJsW5tmuc1xH0dJrZZvg75OpX192NsYIyFnzIEE
qRxio7ZNZJz/C/fUtT/LfTUDGuQiAID0t4ZNuFw2jnyo
-----END CERTIFICATE-----