This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sUBo3xS4-7zJfFSUwBd9ZNwLanA.roa
File:                     sUBo3xS4-7zJfFSUwBd9ZNwLanA.roa (raw, json)
Hash identifier:          gXuVjhXUo8PTlb1IaJweEiB3+QHVS+7yaQSnMjwBJME=
Subject key identifier:   B1:40:68:DF:14:B8:FB:BC:C9:7C:54:94:C0:17:7D:64:DC:0B:6A:70
Certificate issuer:       /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial:       019AEA22061BCA72CEDABF703E2C0EDF23F2
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sUBo3xS4-7zJfFSUwBd9ZNwLanA.roa
Signing time:             Thu 04 Dec 2025 16:11:29 +0000
ROA not before:           Thu 04 Dec 2025 16:11:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     6079
IP address blocks:        80.174.224.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Dec 2025 02:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:ea:22:06:1b:ca:72:ce:da:bf:70:3e:2c:0e:df:23:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
        Validity
            Not Before: Dec  4 16:11:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b14068df14b8fbbcc97c5494c0177d64dc0b6a70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:78:80:a9:30:06:a8:26:b4:ba:b4:32:bc:8b:
                    06:11:07:1f:09:14:d9:e6:53:03:be:41:8d:7d:22:
                    37:b2:dd:61:07:20:d3:78:1f:42:87:24:91:fa:43:
                    77:5a:2c:89:27:0b:7e:6a:df:f4:f1:f6:9d:3a:ec:
                    aa:4c:1c:47:e9:26:58:62:f1:89:b2:e3:c7:cd:9c:
                    fb:8f:ba:2c:a6:bd:4a:1c:47:8a:9d:8b:30:b6:4d:
                    a2:10:8f:a1:d5:ea:45:ff:ef:58:be:e2:54:4f:a3:
                    04:2c:40:74:d3:6f:f4:c9:cf:4e:9e:b3:3e:a8:96:
                    62:b0:61:21:66:87:5b:7f:41:88:76:16:10:98:f2:
                    59:75:67:0d:2e:e5:01:76:2b:1a:f1:62:b5:25:eb:
                    86:4d:51:5d:f9:fe:50:cf:9a:20:c8:d5:8a:40:a0:
                    1a:24:5b:6d:06:76:69:69:00:90:91:af:21:93:0d:
                    5b:21:b8:d6:f9:00:7e:df:5b:29:30:48:e8:d3:64:
                    65:eb:f8:66:c5:35:00:1a:27:ab:95:9f:0b:8a:49:
                    a4:22:16:7b:3e:d4:d2:d3:82:02:81:5b:35:cf:75:
                    ec:77:7d:b9:95:c4:7d:0d:b7:4d:93:50:90:b1:a6:
                    17:0d:e4:82:2a:40:54:db:3e:eb:32:57:d9:4f:2a:
                    c8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:40:68:DF:14:B8:FB:BC:C9:7C:54:94:C0:17:7D:64:DC:0B:6A:70
            X509v3 Authority Key Identifier:
                keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sUBo3xS4-7zJfFSUwBd9ZNwLanA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.174.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         08:74:ef:a2:9c:f2:af:23:58:ed:92:49:ca:31:9e:15:69:0b:
         9a:ce:0f:12:a1:b1:e5:97:56:6a:77:de:14:23:91:01:2a:fa:
         1f:a9:10:14:d1:63:77:f5:35:9b:6e:20:e7:5a:99:55:eb:97:
         04:33:6b:e2:43:97:44:1e:90:0f:0f:a6:06:c4:23:e7:44:9c:
         83:81:5f:93:2d:ec:20:07:69:13:9a:83:07:f9:0e:1b:12:96:
         77:fd:a9:d8:af:c8:12:a4:a0:78:44:eb:02:90:ab:bc:a1:ca:
         98:99:8f:50:79:e5:5e:b3:1e:f1:7e:19:ff:d3:a2:2f:32:7d:
         be:82:86:34:07:31:5c:2a:59:6f:a7:76:1e:f4:e7:c5:99:b6:
         97:32:8c:1b:8c:36:96:e8:72:fd:4b:1a:67:7c:39:76:04:be:
         ee:af:cf:ad:e9:b0:26:70:5b:a0:bf:d0:0c:4d:3e:96:f3:8c:
         77:9b:9b:2f:ec:e0:fa:43:c1:b9:0c:f8:03:ce:c7:55:c9:76:
         8a:bf:f6:37:1a:90:d5:86:57:96:de:95:d9:40:47:15:0a:0e:
         c3:72:ae:77:32:f0:9e:4e:d2:b4:6c:e5:d5:a5:66:f1:6b:25:
         3c:29:03:d2:0f:fb:24:b1:e5:a3:96:a3:5a:31:3d:83:2f:6e:
         f8:4a:de:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZrqIgYbynLO2r9wPiwO3yPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjUxMjA0MTYxMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQwNjhkZjE0YjhmYmJjYzk3YzU0OTRjMDE3N2Q2NGRjMGI2YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HiAqTAGqCa0urQyvIsGEQcfCRTZ
5lMDvkGNfSI3st1hByDTeB9ChySR+kN3WiyJJwt+at/08fadOuyqTBxH6SZYYvGJ
suPHzZz7j7ospr1KHEeKnYswtk2iEI+h1epF/+9YvuJUT6MELEB002/0yc9OnrM+
qJZisGEhZodbf0GIdhYQmPJZdWcNLuUBdisa8WK1JeuGTVFd+f5Qz5ogyNWKQKAa
JFttBnZpaQCQka8hkw1bIbjW+QB+31spMEjo02Rl6/hmxTUAGierlZ8LikmkIhZ7
PtTS04ICgVs1z3Xsd325lcR9DbdNk1CQsaYXDeSCKkBU2z7rMlfZTyrINQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFAaN8UuPu8yXxUlMAXfWTcC2pwMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvc1VCbzN4UzQtN3pKZkZTVXdCZDlaTndMYW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUK7gMA0G
CSqGSIb3DQEBCwUAA4IBAQAIdO+inPKvI1jtkknKMZ4VaQuazg8SobHll1Zqd94U
I5EBKvofqRAU0WN39TWbbiDnWplV65cEM2viQ5dEHpAPD6YGxCPnRJyDgV+TLewg
B2kTmoMH+Q4bEpZ3/anYr8gSpKB4ROsCkKu8ocqYmY9QeeVesx7xfhn/06IvMn2+
goY0BzFcKllvp3Ye9OfFmbaXMowbjDaW6HL9SxpnfDl2BL7ur8+t6bAmcFugv9AM
TT6W84x3m5sv7OD6Q8G5DPgDzsdVyXaKv/Y3GpDVhleW3pXZQEcVCg7Dcq53MvCe
TtK0bOXVpWbxayU8KQPSD/skseWjlqNaMT2DL274St4c
-----END CERTIFICATE-----