This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/2N5o9UYogWs_19ZQbhZoze49YGE.roa
File:                     2N5o9UYogWs_19ZQbhZoze49YGE.roa (raw, json)
Hash identifier:          maz0dBQdHpyXY30YzYRYq/maF3IjD7DTaz5b38XSA0U=
Subject key identifier:   D8:DE:68:F5:46:28:81:6B:3F:D7:D6:50:6E:16:68:CD:EE:3D:60:61
Certificate issuer:       /CN=435e41960d590e99804e90b9af0365584c712c72
Certificate serial:       019B7C803B90213FE6C462F96E9D44EDF646
Authority key identifier: 43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/2N5o9UYogWs_19ZQbhZoze49YGE.roa
Signing time:             Fri 02 Jan 2026 02:18:57 +0000
ROA not before:           Fri 02 Jan 2026 02:18:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204686
IP address blocks:        185.196.150.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:3b:90:21:3f:e6:c4:62:f9:6e:9d:44:ed:f6:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=435e41960d590e99804e90b9af0365584c712c72
        Validity
            Not Before: Jan  2 02:18:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d8de68f54628816b3fd7d6506e1668cdee3d6061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c0:5a:af:1e:c5:e8:b3:2a:a4:5a:09:a6:99:
                    b5:fd:0b:e5:1e:d0:d5:3a:6a:4c:ac:62:c3:17:6d:
                    72:d5:95:21:6e:b9:c0:0c:53:96:e7:6b:e9:b9:40:
                    06:ba:c0:39:a4:ee:20:56:5f:9c:c3:0f:dc:13:d4:
                    0f:43:f1:9a:aa:41:f9:55:0d:eb:90:f1:4f:ac:40:
                    61:17:e5:fb:97:cf:3b:1c:a8:71:10:5a:35:e7:de:
                    51:71:a7:a0:59:cd:d9:18:11:b9:7c:2d:ab:39:40:
                    db:03:d6:e5:f4:fe:01:cd:96:b8:bd:fb:db:66:9c:
                    c3:e6:c7:07:51:f0:7e:33:da:6b:9a:bc:3a:25:b7:
                    cc:21:14:01:1e:9d:c3:56:df:71:4e:2b:9f:e6:f8:
                    cc:22:67:a7:03:9d:36:cb:ca:6e:50:ad:0d:b9:ea:
                    22:5b:53:ab:26:e5:19:0c:44:fc:03:83:06:f6:f8:
                    60:16:31:92:83:46:c8:8c:90:d1:a5:05:fd:c1:32:
                    cf:27:3c:26:d2:08:f9:9c:66:91:53:cf:49:6c:ec:
                    e1:ad:f5:c1:13:d5:f3:74:c1:d9:8d:1c:00:8c:42:
                    f5:68:33:85:03:66:ba:c0:79:a2:2b:a7:88:14:47:
                    6d:2e:62:24:d5:18:1b:04:de:c6:68:e9:fa:df:0e:
                    24:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:DE:68:F5:46:28:81:6B:3F:D7:D6:50:6E:16:68:CD:EE:3D:60:61
            X509v3 Authority Key Identifier:
                keyid:43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/2N5o9UYogWs_19ZQbhZoze49YGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:a4:c4:2c:3e:ae:e2:08:00:5b:d3:b9:a4:5f:b6:9c:1e:dd:
         dc:df:3a:65:0a:88:fa:cf:d1:bb:49:2f:7d:8e:66:08:79:f5:
         01:c7:66:96:d7:5a:58:85:dc:b9:1a:45:d9:a1:3c:c1:24:55:
         47:3f:3f:1c:73:13:1f:b7:64:65:22:c9:b6:19:ca:36:33:ef:
         96:f5:f2:6a:73:b9:7b:37:67:03:b7:9f:9e:1e:fe:12:b5:ea:
         c4:a6:6d:52:82:56:c4:72:5c:df:d6:2f:03:5a:34:08:c1:88:
         32:96:63:ae:a4:e3:64:44:d7:f7:3f:17:c8:e5:23:0d:c8:ec:
         e6:13:36:6e:d0:54:94:9d:db:19:2d:d6:dd:3e:f3:d3:67:d2:
         d0:9e:4e:c6:a9:48:f9:83:ae:40:d2:01:e2:a6:64:ae:a4:8c:
         bb:18:e2:25:40:c8:b5:c9:9d:13:64:42:5b:4b:04:d6:92:78:
         73:77:52:e9:2b:44:75:7e:27:83:3b:9f:4a:2d:d7:df:96:23:
         52:11:47:d5:f4:ae:1c:35:82:76:34:eb:3c:aa:68:ca:69:41:
         88:17:f4:18:9b:f0:0c:67:94:bc:5e:34:4b:94:11:6f:21:97:
         5c:6b:79:73:12:35:91:51:3b:3e:ee:2e:02:ec:52:91:e0:dc:
         da:12:eb:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gDuQIT/mxGL5bp1E7fZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNWU0MTk2MGQ1OTBlOTk4MDRlOTBiOWFmMDM2NTU4NGM3
MTJjNzIwHhcNMjYwMTAyMDIxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRlNjhmNTQ2Mjg4MTZiM2ZkN2Q2NTA2ZTE2NjhjZGVlM2Q2MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsBarx7F6LMqpFoJppm1/QvlHtDV
OmpMrGLDF21y1ZUhbrnADFOW52vpuUAGusA5pO4gVl+cww/cE9QPQ/GaqkH5VQ3r
kPFPrEBhF+X7l887HKhxEFo1595RcaegWc3ZGBG5fC2rOUDbA9bl9P4BzZa4vfvb
ZpzD5scHUfB+M9prmrw6JbfMIRQBHp3DVt9xTiuf5vjMImenA502y8puUK0Nueoi
W1OrJuUZDET8A4MG9vhgFjGSg0bIjJDRpQX9wTLPJzwm0gj5nGaRU89JbOzhrfXB
E9XzdMHZjRwAjEL1aDOFA2a6wHmiK6eIFEdtLmIk1RgbBN7GaOn63w4kJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjeaPVGKIFrP9fWUG4WaM3uPWBhMB8GA1UdIwQY
MBaAFENeQZYNWQ6ZgE6Qua8DZVhMcSxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAt
MDFiYjVmZDUzNGY1LzEvMk41bzlVWW9nV3NfMTlaUWJoWm96ZTQ5WUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAtMDFiYjVmZDUzNGY1
LzEvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucSWMA0G
CSqGSIb3DQEBCwUAA4IBAQB6pMQsPq7iCABb07mkX7acHt3c3zplCoj6z9G7SS99
jmYIefUBx2aW11pYhdy5GkXZoTzBJFVHPz8ccxMft2RlIsm2Gco2M++W9fJqc7l7
N2cDt5+eHv4SterEpm1SglbEclzf1i8DWjQIwYgylmOupONkRNf3PxfI5SMNyOzm
EzZu0FSUndsZLdbdPvPTZ9LQnk7GqUj5g65A0gHipmSupIy7GOIlQMi1yZ0TZEJb
SwTWknhzd1LpK0R1fieDO59KLdffliNSEUfV9K4cNYJ2NOs8qmjKaUGIF/QYm/AM
Z5S8XjRLlBFvIZdca3lzEjWRUTs+7i4C7FKR4NzaEusL
-----END CERTIFICATE-----