This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/Kmej-qj8fPfHORtg4SVaVONzC0U.roa
File:                     Kmej-qj8fPfHORtg4SVaVONzC0U.roa (raw, json)
Hash identifier:          6jPhrS5Z1S4tcgzddswtFrBAws8weds+gbgTtA+mUrw=
Subject key identifier:   2A:67:A3:FA:A8:FC:7C:F7:C7:39:1B:60:E1:25:5A:54:E3:73:0B:45
Certificate issuer:       /CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
Certificate serial:       019B7AC7CB42C14B4F9EE6526C818F98E059
Authority key identifier: 03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/Kmej-qj8fPfHORtg4SVaVONzC0U.roa
Signing time:             Thu 01 Jan 2026 18:17:52 +0000
ROA not before:           Thu 01 Jan 2026 18:17:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215452
IP address blocks:        185.201.68.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:cb:42:c1:4b:4f:9e:e6:52:6c:81:8f:98:e0:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
        Validity
            Not Before: Jan  1 18:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2a67a3faa8fc7cf7c7391b60e1255a54e3730b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:fc:99:3f:ab:79:13:58:67:44:05:4c:ee:b2:
                    65:d3:9a:a2:b3:ba:38:e7:e7:22:f6:65:15:44:74:
                    ea:f8:9e:bf:d3:e2:ea:65:b8:9c:33:57:69:8a:09:
                    3a:fb:44:2c:3f:7a:63:a9:08:8d:17:85:09:b4:ec:
                    e8:79:e9:a5:5e:fe:27:76:83:e7:b4:8d:49:16:17:
                    b1:52:51:2c:ca:07:8a:5a:13:8e:02:88:68:3a:37:
                    fe:91:df:cf:d7:93:4e:b0:4c:54:14:ce:51:8d:ce:
                    f0:18:7f:62:2a:0b:32:fb:9f:2e:97:05:b1:39:0a:
                    dd:26:6b:8c:02:74:90:80:f8:c4:15:83:5b:d3:b0:
                    af:56:d8:72:6d:50:55:66:bb:bf:9a:7c:c2:10:c2:
                    8f:92:25:61:7e:a8:bc:99:70:73:0b:b4:9f:0d:86:
                    65:50:19:70:12:af:c5:30:5f:d4:87:8e:a8:4e:2b:
                    db:93:e3:c5:c9:a7:1e:ef:2f:89:b7:a4:bf:dd:b2:
                    e6:37:b6:dd:45:1f:eb:d7:10:72:73:44:28:5f:83:
                    af:8f:25:fb:49:5b:02:76:74:76:54:cc:89:56:8e:
                    1e:49:ed:6d:e3:6b:c4:97:7e:2c:88:83:16:ac:f2:
                    c9:47:c1:d1:cd:58:48:f3:76:2c:1a:2b:e8:36:7a:
                    5c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:67:A3:FA:A8:FC:7C:F7:C7:39:1B:60:E1:25:5A:54:E3:73:0B:45
            X509v3 Authority Key Identifier:
                keyid:03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/Kmej-qj8fPfHORtg4SVaVONzC0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:a2:db:6f:41:3a:a1:82:5e:4b:5f:b8:ff:cf:cf:d6:3f:e9:
         1c:93:85:4b:93:23:25:3c:02:f2:0a:05:7d:07:53:18:73:4f:
         2c:58:63:93:50:4f:e4:79:b0:82:02:04:a3:bc:2c:6d:fe:20:
         dc:3f:1b:fa:1d:7a:27:f7:ee:fc:c3:53:10:29:09:54:0c:96:
         27:87:b6:38:09:38:7b:f7:8a:67:5e:0b:10:0e:da:aa:c8:bf:
         b8:b7:aa:5f:ed:dc:0a:b0:5f:68:b5:08:61:32:df:f7:dd:aa:
         b1:b8:84:98:0a:18:8c:14:00:44:6b:b0:92:39:4b:ab:09:3a:
         0b:4c:47:b7:53:9f:a4:cd:04:00:79:6d:b2:6f:fb:71:b0:e7:
         46:d9:dc:e4:83:4b:a2:ce:5d:d5:54:17:94:fc:54:2c:8f:86:
         93:88:e1:c3:9b:ee:7e:33:26:d7:ad:e5:56:98:8e:b4:23:10:
         95:c8:06:52:f9:8c:4d:14:50:e4:24:4d:20:2c:a9:2d:39:5a:
         cf:41:62:c0:53:54:ab:d1:f2:4e:e5:7a:a3:3d:90:d3:a9:32:
         a9:18:59:2c:f3:d9:6c:00:fb:5b:06:a4:4d:87:a0:e0:ad:a6:
         cf:66:05:02:f4:b3:e1:b7:1f:c5:b3:46:9b:cf:ce:61:00:5f:
         5b:2a:81:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x8tCwUtPnuZSbIGPmOBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjdlN2NmODE3NmUzMDI3NjRkNDgyOTlmYzIyYTliZGM2
YmE2ODMwHhcNMjYwMTAxMTgxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY3YTNmYWE4ZmM3Y2Y3YzczOTFiNjBlMTI1NWE1NGUzNzMwYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfyZP6t5E1hnRAVM7rJl05qis7o4
5+ci9mUVRHTq+J6/0+LqZbicM1dpigk6+0QsP3pjqQiNF4UJtOzoeemlXv4ndoPn
tI1JFhexUlEsygeKWhOOAohoOjf+kd/P15NOsExUFM5Rjc7wGH9iKgsy+58ulwWx
OQrdJmuMAnSQgPjEFYNb07CvVthybVBVZru/mnzCEMKPkiVhfqi8mXBzC7SfDYZl
UBlwEq/FMF/Uh46oTivbk+PFyace7y+Jt6S/3bLmN7bdRR/r1xByc0QoX4OvjyX7
SVsCdnR2VMyJVo4eSe1t42vEl34siIMWrPLJR8HRzVhI83YsGivoNnpc/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpno/qo/Hz3xzkbYOElWlTjcwtFMB8GA1UdIwQY
MBaAFAP358+BduMCdk1IKZ/CKpvca6aDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9mbno0RjI0d0oyVFVncG44SXFtOXhycG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hZTQ1NDctMmNhMi00Y2JkLWExYjUt
M2NmM2I0NjNhODZhLzEvS21lai1xajhmUGZIT1J0ZzRTVmFWT056QzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hZTQ1NDctMmNhMi00Y2JkLWExYjUtM2NmM2I0NjNhODZh
LzEvQV9mbno0RjI0d0oyVFVncG44SXFtOXhycG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuclEMA0G
CSqGSIb3DQEBCwUAA4IBAQB8ottvQTqhgl5LX7j/z8/WP+kck4VLkyMlPALyCgV9
B1MYc08sWGOTUE/kebCCAgSjvCxt/iDcPxv6HXon9+78w1MQKQlUDJYnh7Y4CTh7
94pnXgsQDtqqyL+4t6pf7dwKsF9otQhhMt/33aqxuISYChiMFABEa7CSOUurCToL
TEe3U5+kzQQAeW2yb/txsOdG2dzkg0uizl3VVBeU/FQsj4aTiOHDm+5+MybXreVW
mI60IxCVyAZS+YxNFFDkJE0gLKktOVrPQWLAU1Sr0fJO5XqjPZDTqTKpGFks89ls
APtbBqRNh6DgrabPZgUC9LPhtx/Fs0abz85hAF9bKoEA
-----END CERTIFICATE-----