This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1EIOosMYuD73h9CRUOVLrDf2lBk.roa
File:                     1EIOosMYuD73h9CRUOVLrDf2lBk.roa (raw, json)
Hash identifier:          BJYCiLgwQZEOXx4/ggwCHkEwe20mmZnB00Jyo+D3/6k=
Subject key identifier:   D4:42:0E:A2:C3:18:B8:3E:F7:87:D0:91:50:E5:4B:AC:37:F6:94:19
Certificate issuer:       /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial:       019B7E37F7FCD8F060704845CD50CF4FBC5F
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1EIOosMYuD73h9CRUOVLrDf2lBk.roa
Signing time:             Fri 02 Jan 2026 10:19:15 +0000
ROA not before:           Fri 02 Jan 2026 10:19:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     28714
IP address blocks:        129.233.217.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 05:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:37:f7:fc:d8:f0:60:70:48:45:cd:50:cf:4f:bc:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
        Validity
            Not Before: Jan  2 10:19:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d4420ea2c318b83ef787d09150e54bac37f69419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ac:13:92:19:82:5f:dc:82:8e:e6:2a:00:dd:
                    9e:5e:ae:8a:68:58:c1:25:87:0e:bb:ca:58:de:b5:
                    20:f3:24:af:73:31:0c:61:88:ca:8b:28:fe:74:99:
                    b9:8b:54:fc:f9:df:94:ac:e9:38:f0:75:6d:9f:7e:
                    46:da:ea:23:42:3e:84:ed:05:6d:f8:86:b8:32:7c:
                    e5:18:7a:b3:41:52:a2:89:9b:7a:81:98:48:0d:60:
                    73:2e:bf:a6:32:da:7e:d7:cf:54:23:4c:75:d6:a8:
                    2a:af:e9:a9:d0:c9:db:bd:ae:ea:6c:b5:18:94:99:
                    c6:d1:44:25:d9:d3:c4:1b:4b:48:0f:52:a2:81:2b:
                    02:21:14:39:d4:65:cb:1a:67:ab:12:2a:1e:9a:20:
                    a7:7d:ba:58:ae:f2:cb:c4:a6:28:0a:a8:a9:39:9c:
                    fe:98:fb:a7:84:5d:d1:e8:61:e7:76:e7:86:36:2d:
                    21:ea:51:99:6b:18:5b:49:08:53:e0:ff:3e:ed:04:
                    ef:17:da:ab:ee:09:3d:73:24:ba:7d:c2:10:0e:e9:
                    3a:c1:ed:eb:ae:af:05:a7:46:fb:22:f4:b9:51:54:
                    36:71:a3:be:b7:9d:68:8e:5d:94:fc:b3:dc:a7:72:
                    9b:89:54:3c:11:6b:52:e1:8f:6d:ef:3f:f8:7c:a1:
                    e5:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:42:0E:A2:C3:18:B8:3E:F7:87:D0:91:50:E5:4B:AC:37:F6:94:19
            X509v3 Authority Key Identifier:
                keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1EIOosMYuD73h9CRUOVLrDf2lBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.233.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:2a:62:0d:a7:35:d0:2a:5e:90:a3:da:2d:73:8b:14:7d:cb:
         94:05:fc:0d:7c:31:ce:46:26:d1:80:4c:55:85:a1:07:a9:62:
         5c:31:cf:18:65:4a:35:42:39:31:f7:16:3f:00:77:3a:df:85:
         9d:95:ec:c3:f5:e9:b8:51:b5:1f:f0:37:71:94:3e:d2:cb:75:
         f7:10:3f:15:d5:79:da:c2:b4:b7:ee:2c:28:69:3c:fa:c7:86:
         7a:1b:a9:9c:51:b9:b4:0c:b0:68:38:ff:70:96:99:57:56:81:
         7b:13:8f:51:74:18:0d:e8:23:93:b8:c8:70:42:92:24:11:51:
         44:da:ee:6a:40:22:54:00:be:ed:51:fc:75:9b:39:35:95:21:
         ef:4c:49:d5:24:37:16:2a:38:96:fb:f3:ae:9e:77:5b:31:1e:
         e7:df:2d:c8:aa:1f:47:af:5a:28:c9:59:4e:c8:6b:d9:a9:56:
         08:b6:1a:52:0a:a4:53:b8:5d:d6:d4:ca:a3:a5:01:08:b4:95:
         31:dd:79:7f:e9:be:90:a5:85:2c:17:ba:2f:86:da:d0:09:bd:
         c8:2a:9c:5f:de:40:6d:5e:49:4e:5c:ae:7b:34:93:78:50:09:
         e1:b7:cf:83:6a:47:c8:aa:b8:5d:d3:95:25:dd:9a:64:5e:5c:
         0f:c0:4a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+N/f82PBgcEhFzVDPT7xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjYwMTAyMTAxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQyMGVhMmMzMThiODNlZjc4N2QwOTE1MGU1NGJhYzM3ZjY5NDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqawTkhmCX9yCjuYqAN2eXq6KaFjB
JYcOu8pY3rUg8ySvczEMYYjKiyj+dJm5i1T8+d+UrOk48HVtn35G2uojQj6E7QVt
+Ia4MnzlGHqzQVKiiZt6gZhIDWBzLr+mMtp+189UI0x11qgqr+mp0Mnbva7qbLUY
lJnG0UQl2dPEG0tID1KigSsCIRQ51GXLGmerEioemiCnfbpYrvLLxKYoCqipOZz+
mPunhF3R6GHndueGNi0h6lGZaxhbSQhT4P8+7QTvF9qr7gk9cyS6fcIQDuk6we3r
rq8Fp0b7IvS5UVQ2caO+t51ojl2U/LPcp3KbiVQ8EWtS4Y9t7z/4fKHlmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRCDqLDGLg+94fQkVDlS6w39pQZMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvMUVJT29zTVl1RDczaDlDUlVPVkxyRGYybEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgenZMA0G
CSqGSIb3DQEBCwUAA4IBAQA3KmINpzXQKl6Qo9otc4sUfcuUBfwNfDHORibRgExV
haEHqWJcMc8YZUo1Qjkx9xY/AHc634WdlezD9em4UbUf8DdxlD7Sy3X3ED8V1Xna
wrS37iwoaTz6x4Z6G6mcUbm0DLBoOP9wlplXVoF7E49RdBgN6COTuMhwQpIkEVFE
2u5qQCJUAL7tUfx1mzk1lSHvTEnVJDcWKjiW+/OunndbMR7n3y3Iqh9Hr1ooyVlO
yGvZqVYIthpSCqRTuF3W1MqjpQEItJUx3Xl/6b6QpYUsF7ovhtrQCb3IKpxf3kBt
XklOXK57NJN4UAnht8+DakfIqrhd05Ul3ZpkXlwPwEoX
-----END CERTIFICATE-----