This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/ab1j8vmXT-iepoMXRKGjy1AqKo4.roa
File:                     ab1j8vmXT-iepoMXRKGjy1AqKo4.roa (raw, json)
Hash identifier:          wT+zH55Scsxtj7EikVPJdyvlsIYfKiDk1ASmaNWU5OQ=
Subject key identifier:   69:BD:63:F2:F9:97:4F:E8:9E:A6:83:17:44:A1:A3:CB:50:2A:2A:8E
Certificate issuer:       /CN=27032f79023052100c4393c9e690f97d7896926f
Certificate serial:       019B76EB04C595A19BDAF92DC14ED002AFE3
Authority key identifier: 27:03:2F:79:02:30:52:10:0C:43:93:C9:E6:90:F9:7D:78:96:92:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/ab1j8vmXT-iepoMXRKGjy1AqKo4.roa
Signing time:             Thu 01 Jan 2026 00:17:52 +0000
ROA not before:           Thu 01 Jan 2026 00:17:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206161
IP address blocks:        2001:678:c88::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:04:c5:95:a1:9b:da:f9:2d:c1:4e:d0:02:af:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27032f79023052100c4393c9e690f97d7896926f
        Validity
            Not Before: Jan  1 00:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=69bd63f2f9974fe89ea6831744a1a3cb502a2a8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e0:6e:b3:77:74:ea:90:a3:20:2b:4d:58:3d:
                    42:1b:b8:ef:90:a0:ad:74:32:6d:11:a3:7b:76:1b:
                    90:23:25:51:a3:45:c0:0b:32:61:25:55:f1:a1:bc:
                    c0:4a:2c:79:2d:f2:c7:b9:66:97:a4:cd:ae:ae:1f:
                    2a:cb:c6:34:0c:1c:96:0e:99:df:b4:32:01:85:90:
                    0f:eb:44:0d:2f:83:0d:8e:bf:7d:fc:57:22:b7:d7:
                    3e:d5:7a:28:2f:ef:e5:dd:4e:9c:c8:33:18:31:f8:
                    ce:63:df:ee:dd:74:17:67:5e:cd:33:69:b9:e7:b3:
                    17:ea:7a:d0:9c:d9:d6:f2:69:2f:96:40:f5:3d:d1:
                    11:f7:f1:e7:a1:16:1b:de:ee:cf:90:8b:cd:6e:69:
                    95:65:04:d9:f3:b0:75:17:56:55:75:c1:8a:f4:a5:
                    30:7f:24:bd:49:51:26:35:30:d5:70:aa:46:56:b3:
                    63:ff:4a:c2:9d:76:56:46:70:2c:95:06:4e:3e:5d:
                    ae:76:01:17:c1:9d:33:00:8a:97:54:43:15:62:7d:
                    9a:6c:54:ef:91:d9:4e:b1:a5:9f:2a:ef:a8:fe:79:
                    ec:b7:12:8e:95:6d:e4:59:ed:b9:f2:49:a2:ca:fc:
                    f1:ae:f2:88:76:a5:2f:59:96:af:13:0e:28:ae:dc:
                    67:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BD:63:F2:F9:97:4F:E8:9E:A6:83:17:44:A1:A3:CB:50:2A:2A:8E
            X509v3 Authority Key Identifier:
                keyid:27:03:2F:79:02:30:52:10:0C:43:93:C9:E6:90:F9:7D:78:96:92:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/ab1j8vmXT-iepoMXRKGjy1AqKo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f4ff52-64ba-420b-bff4-f07dd2606267/1/JwMveQIwUhAMQ5PJ5pD5fXiWkm8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:c88::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:ac:9d:05:5a:5c:30:49:16:7f:4e:f0:90:1c:be:3f:78:f8:
         3e:65:03:02:07:2f:34:20:3a:b1:2c:28:f6:dd:38:21:c9:ee:
         8a:d5:d4:a7:52:e8:b2:ac:6b:17:83:7c:e7:ed:a7:63:12:df:
         2e:98:fb:33:0c:9d:55:42:e5:6e:54:80:08:0b:ae:60:13:84:
         bb:8a:d0:80:c7:6b:a4:4c:69:62:07:5a:5a:25:f0:ec:c4:54:
         d4:79:01:05:05:5e:62:63:12:da:1d:8a:f4:98:16:c5:e6:78:
         30:7c:78:c5:e7:ce:e1:67:87:6e:cd:a3:a5:0c:04:99:3d:8f:
         d0:78:11:84:02:d5:99:44:23:25:22:6a:4d:04:87:be:70:27:
         f6:09:38:c0:58:ae:15:7a:3d:5e:35:8a:77:5b:8a:06:e2:ff:
         1a:77:6a:22:e5:dd:52:04:40:df:bc:a0:12:7d:98:1f:4a:5a:
         a2:46:f7:9f:fe:e5:ae:cb:09:aa:a3:c2:1c:69:a6:f4:ba:4f:
         59:f9:08:29:ac:c0:57:55:95:4e:25:38:ab:38:f0:bc:6a:1e:
         74:e7:1d:83:ac:ab:70:66:71:3e:64:4d:2e:2a:f7:07:47:35:
         83:d0:61:41:d9:f6:16:6d:20:11:4c:f5:a4:0c:ae:7a:68:20:
         74:48:8d:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt26wTFlaGb2vktwU7QAq/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDMyZjc5MDIzMDUyMTAwYzQzOTNjOWU2OTBmOTdkNzg5
NjkyNmYwHhcNMjYwMTAxMDAxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJkNjNmMmY5OTc0ZmU4OWVhNjgzMTc0NGExYTNjYjUwMmEyYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OBus3d06pCjICtNWD1CG7jvkKCt
dDJtEaN7dhuQIyVRo0XACzJhJVXxobzASix5LfLHuWaXpM2urh8qy8Y0DByWDpnf
tDIBhZAP60QNL4MNjr99/Fcit9c+1XooL+/l3U6cyDMYMfjOY9/u3XQXZ17NM2m5
57MX6nrQnNnW8mkvlkD1PdER9/HnoRYb3u7PkIvNbmmVZQTZ87B1F1ZVdcGK9KUw
fyS9SVEmNTDVcKpGVrNj/0rCnXZWRnAslQZOPl2udgEXwZ0zAIqXVEMVYn2abFTv
kdlOsaWfKu+o/nnstxKOlW3kWe258kmiyvzxrvKIdqUvWZavEw4ortxnTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGm9Y/L5l0/onqaDF0Sho8tQKiqOMB8GA1UdIwQY
MBaAFCcDL3kCMFIQDEOTyeaQ+X14lpJvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndNdmVRSXdVaEFNUTVQSjVwRDVmWGlXa204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mNGZmNTItNjRiYS00MjBiLWJmZjQt
ZjA3ZGQyNjA2MjY3LzEvYWIxajh2bVhULWllcG9NWFJLR2p5MUFxS280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mNGZmNTItNjRiYS00MjBiLWJmZjQtZjA3ZGQyNjA2MjY3
LzEvSndNdmVRSXdVaEFNUTVQSjVwRDVmWGlXa204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAyI
MA0GCSqGSIb3DQEBCwUAA4IBAQAbrJ0FWlwwSRZ/TvCQHL4/ePg+ZQMCBy80IDqx
LCj23Tghye6K1dSnUuiyrGsXg3zn7adjEt8umPszDJ1VQuVuVIAIC65gE4S7itCA
x2ukTGliB1paJfDsxFTUeQEFBV5iYxLaHYr0mBbF5ngwfHjF587hZ4duzaOlDASZ
PY/QeBGEAtWZRCMlImpNBIe+cCf2CTjAWK4Vej1eNYp3W4oG4v8ad2oi5d1SBEDf
vKASfZgfSlqiRvef/uWuywmqo8Icaab0uk9Z+QgprMBXVZVOJTirOPC8ah505x2D
rKtwZnE+ZE0uKvcHRzWD0GFB2fYWbSARTPWkDK56aCB0SI1z
-----END CERTIFICATE-----