This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/DJFcihK3KyDMA5inHd8qVc8pMd8.roa
File:                     DJFcihK3KyDMA5inHd8qVc8pMd8.roa (raw, json)
Hash identifier:          7aHvIhUD1Pwu4HtX5DwhI19v0UPceOldhZKd58QrEWA=
Subject key identifier:   0C:91:5C:8A:12:B7:2B:20:CC:03:98:A7:1D:DF:2A:55:CF:29:31:DF
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       019B7D5D2236120522C7B916EDD0B8F8B8CE
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/DJFcihK3KyDMA5inHd8qVc8pMd8.roa
Signing time:             Fri 02 Jan 2026 06:20:14 +0000
ROA not before:           Fri 02 Jan 2026 06:20:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203163
IP address blocks:        78.40.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5d:22:36:12:05:22:c7:b9:16:ed:d0:b8:f8:b8:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Jan  2 06:20:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0c915c8a12b72b20cc0398a71ddf2a55cf2931df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9f:dd:6b:9f:90:cc:d0:83:3d:ad:04:47:c2:
                    b6:9e:3b:4a:6e:be:82:da:0d:6d:d1:49:4c:6f:6d:
                    c8:58:0b:70:b5:10:37:27:fb:5e:a2:26:0d:98:aa:
                    70:cb:03:88:fb:3f:ca:fa:93:f6:0b:c3:ad:12:66:
                    bd:ac:3d:45:57:60:5e:1c:7e:7d:52:d6:bd:0b:51:
                    d1:f0:f5:bb:7f:84:62:b1:70:79:8f:9f:28:dc:40:
                    f4:56:ee:84:b0:4b:a8:df:20:4e:c8:e8:10:7c:d2:
                    39:8e:06:98:7e:f8:6d:e3:be:28:55:e1:9c:71:7b:
                    40:e5:e3:9a:94:17:be:ba:1a:00:ad:10:bb:4c:93:
                    90:10:8f:c2:9e:32:6b:2b:9a:d0:a4:cc:70:28:7b:
                    20:0f:06:1a:7c:80:35:d0:26:04:6a:e0:0d:63:67:
                    72:8a:e6:ed:88:99:a9:56:21:6a:4b:1b:21:69:d9:
                    71:58:2b:7f:8b:3c:53:93:f0:1b:e8:6a:27:36:26:
                    84:c6:9c:fa:27:59:9b:47:bb:da:6d:7e:42:14:a2:
                    a4:5d:4d:9b:0e:79:9e:3c:cb:e8:69:81:52:d0:da:
                    c2:31:aa:7e:7e:65:49:0e:05:68:d2:eb:bf:c8:82:
                    9e:bf:a7:0f:8f:c9:0d:52:a9:91:14:9e:ad:7e:a8:
                    54:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:91:5C:8A:12:B7:2B:20:CC:03:98:A7:1D:DF:2A:55:CF:29:31:DF
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/DJFcihK3KyDMA5inHd8qVc8pMd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.40.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:32:98:51:15:7e:0e:f0:ab:8d:f4:08:72:2c:09:d6:9e:e6:
         63:8d:11:3a:ac:42:26:a4:e0:41:58:78:5e:a8:e9:3d:b2:b9:
         ab:80:81:ef:25:9f:ff:c0:1f:52:40:78:00:ee:89:d1:6f:f4:
         53:2f:00:e8:71:1c:c0:09:53:af:80:6e:b3:ac:7c:13:59:64:
         1c:6e:19:15:6e:1e:c3:ef:4b:d5:57:c4:1d:ff:78:12:40:2b:
         4c:9a:89:29:c1:b7:b7:78:fe:f5:76:8b:56:bd:e4:c2:2e:85:
         47:00:f5:40:af:af:4c:11:96:09:54:d4:d7:e4:19:cd:b1:50:
         b4:fe:9f:95:f2:38:f7:25:d4:28:e0:43:90:84:b8:b3:af:54:
         c6:c1:03:80:81:ce:21:f7:25:33:ed:cb:7f:90:97:2b:9d:4f:
         b1:4b:8d:69:60:ec:c2:df:bc:2e:ec:e4:cc:31:00:02:06:5f:
         2e:ed:76:bd:e3:67:31:80:88:36:ac:61:e5:96:06:9c:76:a5:
         57:1f:7c:8a:7e:2a:f2:3f:b9:19:d4:36:4e:0c:44:02:2d:63:
         59:78:86:55:01:f3:0e:54:29:99:b4:86:0c:24:5d:0f:c4:17:
         af:e0:b3:55:61:96:6c:f7:c4:53:9e:19:0d:4d:80:35:59:a2:
         42:d0:61:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9XSI2EgUix7kW7dC4+LjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwMTAyMDYyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzkxNWM4YTEyYjcyYjIwY2MwMzk4YTcxZGRmMmE1NWNmMjkzMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ/da5+QzNCDPa0ER8K2njtKbr6C
2g1t0UlMb23IWAtwtRA3J/teoiYNmKpwywOI+z/K+pP2C8OtEma9rD1FV2BeHH59
Uta9C1HR8PW7f4RisXB5j58o3ED0Vu6EsEuo3yBOyOgQfNI5jgaYfvht474oVeGc
cXtA5eOalBe+uhoArRC7TJOQEI/CnjJrK5rQpMxwKHsgDwYafIA10CYEauANY2dy
iubtiJmpViFqSxshadlxWCt/izxTk/Ab6GonNiaExpz6J1mbR7vabX5CFKKkXU2b
DnmePMvoaYFS0NrCMap+fmVJDgVo0uu/yIKev6cPj8kNUqmRFJ6tfqhU7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyRXIoStysgzAOYpx3fKlXPKTHfMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvREpGY2loSzNLeURNQTVpbkhkOHFWYzhwTWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATih2MA0G
CSqGSIb3DQEBCwUAA4IBAQCdMphRFX4O8KuN9AhyLAnWnuZjjRE6rEImpOBBWHhe
qOk9srmrgIHvJZ//wB9SQHgA7onRb/RTLwDocRzACVOvgG6zrHwTWWQcbhkVbh7D
70vVV8Qd/3gSQCtMmokpwbe3eP71dotWveTCLoVHAPVAr69MEZYJVNTX5BnNsVC0
/p+V8jj3JdQo4EOQhLizr1TGwQOAgc4h9yUz7ct/kJcrnU+xS41pYOzC37wu7OTM
MQACBl8u7Xa942cxgIg2rGHllgacdqVXH3yKfiryP7kZ1DZODEQCLWNZeIZVAfMO
VCmZtIYMJF0PxBev4LNVYZZs98RTnhkNTYA1WaJC0GFw
-----END CERTIFICATE-----