This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/iwqxgJYL8mBv3G61SG6QzZnZo_k.roa
File:                     iwqxgJYL8mBv3G61SG6QzZnZo_k.roa (raw, json)
Hash identifier:          3GX+FmWsXoIqZRfY2WtjR43yzm9CJ2GngD6fPIfSxPg=
Subject key identifier:   8B:0A:B1:80:96:0B:F2:60:6F:DC:6E:B5:48:6E:90:CD:99:D9:A3:F9
Certificate issuer:       /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial:       019B7C1282D6C2DE012D8BEFD868EA42321B
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/iwqxgJYL8mBv3G61SG6QzZnZo_k.roa
Signing time:             Fri 02 Jan 2026 00:19:06 +0000
ROA not before:           Fri 02 Jan 2026 00:19:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8711
IP address blocks:        80.66.67.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 06:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:82:d6:c2:de:01:2d:8b:ef:d8:68:ea:42:32:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
        Validity
            Not Before: Jan  2 00:19:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8b0ab180960bf2606fdc6eb5486e90cd99d9a3f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:91:91:71:ed:60:a1:b1:ff:60:d1:15:42:75:
                    11:07:f3:62:bb:3f:16:7d:04:54:34:e1:c8:fb:12:
                    a3:28:ba:a0:bb:f4:58:dc:7f:49:a5:95:1c:74:25:
                    04:c9:af:fb:3a:44:0e:c4:47:41:02:e2:03:81:6d:
                    52:45:59:69:a3:2b:27:af:bb:94:c6:35:d1:50:0a:
                    a5:7a:e2:a2:0d:75:2e:75:3c:b8:06:b6:df:63:4d:
                    7c:bb:52:ef:af:6d:39:c9:1b:0c:b8:83:96:f9:06:
                    0a:96:c4:74:d2:87:87:1a:13:e0:ce:f8:9b:01:78:
                    46:52:44:d3:10:23:3d:9d:df:3f:92:43:06:1c:87:
                    35:ff:6b:ee:17:21:8a:fe:0d:07:2d:f2:1e:ba:ab:
                    19:a4:09:7c:78:fe:22:3d:a5:cc:f7:e9:bb:fa:ba:
                    8a:13:af:27:2b:66:03:92:8a:b0:2e:16:8d:56:a2:
                    9b:da:2b:56:ad:99:d7:ae:04:dc:de:ce:e0:3b:0b:
                    fa:fa:67:14:7d:73:a2:3e:73:20:1c:85:11:79:cd:
                    2e:06:7f:9c:27:70:6c:ac:5e:24:cf:57:87:c1:ec:
                    65:ea:cc:f1:f3:42:f5:a3:09:56:df:b6:ca:b1:38:
                    a8:72:2b:dc:42:b4:f1:94:fe:00:e3:1b:2e:df:b8:
                    08:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:0A:B1:80:96:0B:F2:60:6F:DC:6E:B5:48:6E:90:CD:99:D9:A3:F9
            X509v3 Authority Key Identifier:
                keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/iwqxgJYL8mBv3G61SG6QzZnZo_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:24:79:1f:31:ef:50:0c:82:38:c4:3b:b1:c1:7c:ae:d0:f9:
         24:b0:27:74:f8:a7:2d:42:5c:93:c0:58:2d:7d:68:99:fe:bc:
         c2:57:fc:49:4d:10:34:a0:ec:6c:b0:34:98:c5:f1:5e:1c:11:
         0b:4b:70:89:29:06:a6:8c:9a:a5:74:3b:a1:6e:a5:44:bd:c7:
         e1:8c:41:02:30:4e:89:14:c1:57:f4:07:19:fc:a6:c1:55:ae:
         c3:66:68:73:47:22:3d:6d:15:21:a6:f2:3d:53:41:32:b8:4b:
         cb:2a:a1:da:6f:0c:ed:8e:01:b3:5d:5f:46:d3:5a:b7:b6:5b:
         9c:f2:b4:23:9d:8f:d4:14:19:e9:84:45:9e:8e:b2:c0:40:cb:
         ad:27:e3:07:40:a7:7d:4f:78:1e:ce:6f:c0:c6:fa:1a:6b:d9:
         f2:e6:c7:cb:b4:3c:ba:21:a3:d9:47:4c:e8:38:49:f6:e6:bf:
         d5:be:69:40:a2:93:a6:f9:7c:bb:02:07:19:58:48:c8:e7:79:
         e2:25:30:10:89:bd:ed:24:eb:f0:01:8c:e6:e8:5c:3b:3e:25:
         28:8d:6e:1c:27:93:92:85:cc:0f:7a:cb:30:6a:97:7b:0c:44:
         36:15:55:b0:fa:af:57:0e:04:07:f3:1d:4a:70:0f:e9:24:77:
         31:39:1e:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8EoLWwt4BLYvv2GjqQjIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjYwMTAyMDAxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBhYjE4MDk2MGJmMjYwNmZkYzZlYjU0ODZlOTBjZDk5ZDlhM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJGRce1gobH/YNEVQnURB/Niuz8W
fQRUNOHI+xKjKLqgu/RY3H9JpZUcdCUEya/7OkQOxEdBAuIDgW1SRVlpoysnr7uU
xjXRUAqleuKiDXUudTy4BrbfY018u1Lvr205yRsMuIOW+QYKlsR00oeHGhPgzvib
AXhGUkTTECM9nd8/kkMGHIc1/2vuFyGK/g0HLfIeuqsZpAl8eP4iPaXM9+m7+rqK
E68nK2YDkoqwLhaNVqKb2itWrZnXrgTc3s7gOwv6+mcUfXOiPnMgHIURec0uBn+c
J3BsrF4kz1eHwexl6szx80L1owlW37bKsTiocivcQrTxlP4A4xsu37gIswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsKsYCWC/Jgb9xutUhukM2Z2aP5MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvaXdxeGdKWUw4bUJ2M0c2MVNHNlF6Wm5ab19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEJDMA0G
CSqGSIb3DQEBCwUAA4IBAQAPJHkfMe9QDII4xDuxwXyu0PkksCd0+KctQlyTwFgt
fWiZ/rzCV/xJTRA0oOxssDSYxfFeHBELS3CJKQamjJqldDuhbqVEvcfhjEECME6J
FMFX9AcZ/KbBVa7DZmhzRyI9bRUhpvI9U0EyuEvLKqHabwztjgGzXV9G01q3tluc
8rQjnY/UFBnphEWejrLAQMutJ+MHQKd9T3gezm/Axvoaa9ny5sfLtDy6IaPZR0zo
OEn25r/VvmlAopOm+Xy7AgcZWEjI53niJTAQib3tJOvwAYzm6Fw7PiUojW4cJ5OS
hcwPesswapd7DEQ2FVWw+q9XDgQH8x1KcA/pJHcxOR5K
-----END CERTIFICATE-----