This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/gU8hFrAdmGCPNYOjTnvshD8WKTw.roa
File:                     gU8hFrAdmGCPNYOjTnvshD8WKTw.roa (raw, json)
Hash identifier:          aIL6rAim8v0vCsXPaXDt9dqDXZOi08bdb924MpXBpn8=
Subject key identifier:   81:4F:21:16:B0:1D:98:60:8F:35:83:A3:4E:7B:EC:84:3F:16:29:3C
Certificate issuer:       /CN=7f6bd1a6b04625c571d830f878b1c0238247408c
Certificate serial:       019B7DC94EEB9050123399FF193111BF62AB
Authority key identifier: 7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/gU8hFrAdmGCPNYOjTnvshD8WKTw.roa
Signing time:             Fri 02 Jan 2026 08:18:23 +0000
ROA not before:           Fri 02 Jan 2026 08:18:23 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2856
IP address blocks:        86.54.81.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 Jan 2026 08:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:c9:4e:eb:90:50:12:33:99:ff:19:31:11:bf:62:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f6bd1a6b04625c571d830f878b1c0238247408c
        Validity
            Not Before: Jan  2 08:18:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=814f2116b01d98608f3583a34e7bec843f16293c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ed:74:cc:c3:97:9d:2d:88:00:ae:3a:f9:93:
                    06:88:2f:5f:d1:fd:7d:9e:25:50:93:f6:d1:51:ae:
                    d3:51:e3:16:0b:4d:12:cb:4d:46:6a:7a:a0:9a:34:
                    16:48:95:24:2f:cb:18:50:73:1d:de:c4:93:5a:da:
                    41:7f:2f:3e:2d:af:cf:bb:22:31:31:60:b0:43:39:
                    c3:5b:31:13:91:fa:7f:39:aa:0a:b3:6e:02:bc:73:
                    5c:1c:9d:df:50:dc:94:27:cf:7e:7f:fd:25:11:b2:
                    20:b2:6e:7e:73:9b:5d:78:76:cb:27:31:47:3b:c4:
                    47:2d:15:ad:9f:48:be:36:4e:3c:b6:0d:f6:6d:6a:
                    b3:95:b1:c6:55:33:11:40:85:7e:e6:93:b9:49:d6:
                    90:c1:36:b6:69:bc:77:69:c1:4e:58:c6:1f:ed:f7:
                    94:9f:3c:a9:76:9a:a2:67:65:e8:e3:dd:16:61:73:
                    ec:5c:55:f8:60:51:5e:3c:01:d5:2a:2f:24:a2:03:
                    6c:89:fe:60:73:04:2d:3e:66:5f:55:84:11:35:2b:
                    39:03:c7:2d:2d:65:fa:dd:2d:7c:9d:11:31:bc:3c:
                    37:a4:cb:08:ed:c5:eb:ed:0d:9d:ae:8d:35:8e:80:
                    43:03:a7:2c:7b:99:22:81:98:84:97:bb:a7:6d:06:
                    33:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:4F:21:16:B0:1D:98:60:8F:35:83:A3:4E:7B:EC:84:3F:16:29:3C
            X509v3 Authority Key Identifier:
                keyid:7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/gU8hFrAdmGCPNYOjTnvshD8WKTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.54.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:c0:7b:d9:1d:b6:32:e1:bd:da:b0:09:40:cd:0f:73:1d:3d:
         86:a5:3b:3a:b8:69:2f:c5:62:53:2c:3b:55:18:79:93:0e:93:
         c6:b8:71:1d:a9:b8:03:e8:b2:c0:93:89:20:cd:0c:aa:70:95:
         fe:28:b6:e8:f2:e1:4c:43:ba:1e:a7:61:f8:69:b4:96:ba:eb:
         93:c8:8e:5e:82:3f:f2:7d:2e:a3:7c:54:f9:50:f8:6e:95:82:
         db:7c:f5:2f:4b:8e:7d:3c:18:c0:1f:38:b9:c7:f5:99:22:10:
         48:15:6d:71:1b:7f:33:9f:62:36:9b:ae:a2:55:ad:26:48:46:
         15:44:bf:2a:44:36:ca:df:54:2f:a1:71:2c:f3:cc:34:b6:d1:
         72:1b:ad:73:75:84:7c:e5:7d:f5:e2:ce:6d:38:90:2a:6e:b6:
         c9:5f:aa:c3:c4:ef:28:1e:9f:66:28:78:07:48:d4:86:d7:be:
         90:ef:aa:79:4f:35:2f:2f:7b:ef:b8:cf:0c:fa:10:94:22:ff:
         f4:8a:de:9c:72:f9:f9:10:02:cf:6f:ff:e5:1a:1f:b1:4c:6e:
         ef:53:6c:93:70:d2:1a:55:28:6d:7b:c6:39:35:a4:dd:e5:4a:
         d5:bc:33:03:ed:5c:15:e3:c6:a6:2c:d1:0f:30:c0:1b:4f:d6:
         a0:de:66:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yU7rkFASM5n/GTERv2KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNmJkMWE2YjA0NjI1YzU3MWQ4MzBmODc4YjFjMDIzODI0
NzQwOGMwHhcNMjYwMTAyMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRmMjExNmIwMWQ5ODYwOGYzNTgzYTM0ZTdiZWM4NDNmMTYyOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO10zMOXnS2IAK46+ZMGiC9f0f19
niVQk/bRUa7TUeMWC00Sy01GanqgmjQWSJUkL8sYUHMd3sSTWtpBfy8+La/PuyIx
MWCwQznDWzETkfp/OaoKs24CvHNcHJ3fUNyUJ89+f/0lEbIgsm5+c5tdeHbLJzFH
O8RHLRWtn0i+Nk48tg32bWqzlbHGVTMRQIV+5pO5SdaQwTa2abx3acFOWMYf7feU
nzypdpqiZ2Xo490WYXPsXFX4YFFePAHVKi8kogNsif5gcwQtPmZfVYQRNSs5A8ct
LWX63S18nRExvDw3pMsI7cXr7Q2dro01joBDA6cse5kigZiEl7unbQYzEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFPIRawHZhgjzWDo0577IQ/Fik8MB8GA1UdIwQY
MBaAFH9r0aawRiXFcdgw+HixwCOCR0CMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEt
ODliNmMzMjMxNWMyLzEvZ1U4aEZyQWRtR0NQTllPalRudnNoRDhXS1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEtODliNmMzMjMxNWMy
LzEvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVjZRMA0G
CSqGSIb3DQEBCwUAA4IBAQBxwHvZHbYy4b3asAlAzQ9zHT2GpTs6uGkvxWJTLDtV
GHmTDpPGuHEdqbgD6LLAk4kgzQyqcJX+KLbo8uFMQ7oep2H4abSWuuuTyI5egj/y
fS6jfFT5UPhulYLbfPUvS459PBjAHzi5x/WZIhBIFW1xG38zn2I2m66iVa0mSEYV
RL8qRDbK31QvoXEs88w0ttFyG61zdYR85X314s5tOJAqbrbJX6rDxO8oHp9mKHgH
SNSG176Q76p5TzUvL3vvuM8M+hCUIv/0it6ccvn5EALPb//lGh+xTG7vU2yTcNIa
VShte8Y5NaTd5UrVvDMD7VwV48amLNEPMMAbT9ag3mYB
-----END CERTIFICATE-----
Generated at Thu Jan 8 17:33:03 2026 by rpki-client