This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/83yp9RS3s8eXojaScYjtFG_MDFg.roa
File:                     83yp9RS3s8eXojaScYjtFG_MDFg.roa (raw, json)
Hash identifier:          87TXxEFIZkiZwcWyqY2NvriX9BTGocm4Ri0lAKL2aQM=
Subject key identifier:   F3:7C:A9:F5:14:B7:B3:C7:97:A2:36:92:71:88:ED:14:6F:CC:0C:58
Certificate issuer:       /CN=10ab57ab0e96518679114cbf0ee8af54bbfda5f5
Certificate serial:       019B7A5B7CA588304F69EFF77CE929D3EF12
Authority key identifier: 10:AB:57:AB:0E:96:51:86:79:11:4C:BF:0E:E8:AF:54:BB:FD:A5:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EKtXqw6WUYZ5EUy_DuivVLv9pfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/83yp9RS3s8eXojaScYjtFG_MDFg.roa
Signing time:             Thu 01 Jan 2026 16:19:34 +0000
ROA not before:           Thu 01 Jan 2026 16:19:34 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     198053
IP address blocks:        2001:67c:768::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/EKtXqw6WUYZ5EUy_DuivVLv9pfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/EKtXqw6WUYZ5EUy_DuivVLv9pfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EKtXqw6WUYZ5EUy_DuivVLv9pfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Feb 2026 21:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:7c:a5:88:30:4f:69:ef:f7:7c:e9:29:d3:ef:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10ab57ab0e96518679114cbf0ee8af54bbfda5f5
        Validity
            Not Before: Jan  1 16:19:34 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f37ca9f514b7b3c797a236927188ed146fcc0c58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b0:5d:53:95:08:34:b5:14:c6:0a:35:82:94:
                    9e:e0:99:c4:cd:84:61:90:2e:94:12:31:7a:7e:28:
                    47:01:00:a6:0c:83:c7:ec:87:dc:ab:de:15:78:e3:
                    e1:ea:ac:9b:59:de:9c:56:3d:22:05:35:d8:93:b8:
                    cf:e6:d9:77:88:a4:c9:46:1a:93:65:14:15:e7:c4:
                    9d:94:4c:d4:e6:30:52:04:39:ab:fb:ff:04:00:1f:
                    6c:bd:be:60:03:d6:70:2d:dd:cb:c5:fa:15:96:bc:
                    98:4f:23:e8:8d:b2:8c:87:11:9b:87:ac:32:e3:df:
                    94:85:9e:45:67:96:cc:bc:8a:36:c0:93:a3:0c:2a:
                    20:75:da:77:81:c9:1e:06:2f:5f:08:a8:4f:d9:de:
                    2d:61:38:20:2d:93:63:78:31:35:5f:fb:7b:e7:8f:
                    0b:79:68:19:80:0b:ff:37:bc:35:d5:26:7d:55:9f:
                    eb:92:8e:c2:3e:23:b9:f4:ee:b8:2e:20:f7:37:03:
                    c4:76:cd:57:82:e5:75:a2:31:59:78:95:d6:7c:c4:
                    2d:80:55:27:46:29:d9:86:9d:8e:f6:71:2d:7e:5b:
                    18:f7:16:7e:d4:3c:a8:1e:37:39:35:6e:76:dc:b7:
                    f9:d1:aa:c2:45:61:69:3b:64:a4:5c:fe:01:48:2a:
                    90:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:7C:A9:F5:14:B7:B3:C7:97:A2:36:92:71:88:ED:14:6F:CC:0C:58
            X509v3 Authority Key Identifier:
                keyid:10:AB:57:AB:0E:96:51:86:79:11:4C:BF:0E:E8:AF:54:BB:FD:A5:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKtXqw6WUYZ5EUy_DuivVLv9pfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/83yp9RS3s8eXojaScYjtFG_MDFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/EKtXqw6WUYZ5EUy_DuivVLv9pfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:768::/48

    Signature Algorithm: sha256WithRSAEncryption
         3a:a2:d7:dc:d1:b2:92:e6:f0:9c:27:f6:79:1c:ac:8d:4c:c2:
         fd:65:7c:b2:03:1e:9d:73:2a:fa:c8:1d:b4:78:65:59:13:c5:
         d1:b0:9e:df:17:76:f5:af:fc:bd:82:f8:87:4d:b7:8b:bc:64:
         49:06:c0:0b:f8:cf:73:68:69:03:f4:d5:22:9b:a7:31:31:df:
         b8:b8:48:3c:35:af:f0:88:bc:6b:81:a5:8c:75:13:eb:bb:e5:
         01:78:13:24:29:cb:a9:62:ce:34:c8:6a:77:3a:6b:f8:4f:18:
         64:65:d4:79:4e:7f:ee:31:62:25:42:35:31:70:f8:12:8e:f8:
         87:e7:44:4f:fa:dc:7f:33:46:34:7f:ef:44:f8:df:86:60:f1:
         3e:68:fa:37:20:90:05:03:9b:7d:9e:7a:32:57:ce:11:e0:b0:
         f1:8b:83:2c:94:3d:d7:68:05:ec:97:b7:e0:d6:72:4c:2d:26:
         f0:51:2d:01:8c:ab:45:b4:5a:ea:bd:9e:10:23:73:3c:31:27:
         f9:3e:25:c5:08:bb:86:90:e0:c0:5e:35:df:4b:8e:c0:bf:9a:
         00:ce:05:fe:19:26:d2:aa:36:83:3b:bd:65:7d:ad:6b:92:62:
         65:4d:df:80:47:60:4f:5c:a1:4f:60:67:73:04:63:39:2c:f8:
         e9:17:b3:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt6W3yliDBPae/3fOkp0+8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWI1N2FiMGU5NjUxODY3OTExNGNiZjBlZThhZjU0YmJm
ZGE1ZjUwHhcNMjYwMTAxMTYxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzdjYTlmNTE0YjdiM2M3OTdhMjM2OTI3MTg4ZWQxNDZmY2MwYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbBdU5UINLUUxgo1gpSe4JnEzYRh
kC6UEjF6fihHAQCmDIPH7Ifcq94VeOPh6qybWd6cVj0iBTXYk7jP5tl3iKTJRhqT
ZRQV58SdlEzU5jBSBDmr+/8EAB9svb5gA9ZwLd3LxfoVlryYTyPojbKMhxGbh6wy
49+UhZ5FZ5bMvIo2wJOjDCogddp3gckeBi9fCKhP2d4tYTggLZNjeDE1X/t7548L
eWgZgAv/N7w11SZ9VZ/rko7CPiO59O64LiD3NwPEds1XguV1ojFZeJXWfMQtgFUn
RinZhp2O9nEtflsY9xZ+1DyoHjc5NW523Lf50arCRWFpO2SkXP4BSCqQewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPN8qfUUt7PHl6I2knGI7RRvzAxYMB8GA1UdIwQY
MBaAFBCrV6sOllGGeRFMvw7or1S7/aX1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUt0WHF3NldVWVo1RVV5X0R1aXZWTHY5cGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNjFhYzItNmUyNy00ZDRlLWFiOWUt
ZjM4MGJmMGZkZDg0LzEvODN5cDlSUzNzOGVYb2phU2NZanRGR19NREZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNjFhYzItNmUyNy00ZDRlLWFiOWUtZjM4MGJmMGZkZDg0
LzEvRUt0WHF3NldVWVo1RVV5X0R1aXZWTHY5cGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAdo
MA0GCSqGSIb3DQEBCwUAA4IBAQA6otfc0bKS5vCcJ/Z5HKyNTML9ZXyyAx6dcyr6
yB20eGVZE8XRsJ7fF3b1r/y9gviHTbeLvGRJBsAL+M9zaGkD9NUim6cxMd+4uEg8
Na/wiLxrgaWMdRPru+UBeBMkKcupYs40yGp3Omv4TxhkZdR5Tn/uMWIlQjUxcPgS
jviH50RP+tx/M0Y0f+9E+N+GYPE+aPo3IJAFA5t9nnoyV84R4LDxi4MslD3XaAXs
l7fg1nJMLSbwUS0BjKtFtFrqvZ4QI3M8MSf5PiXFCLuGkODAXjXfS47Av5oAzgX+
GSbSqjaDO71lfa1rkmJlTd+AR2BPXKFPYGdzBGM5LPjpF7PK
-----END CERTIFICATE-----