This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/_bZKuF7AFVv9FOPtEDmaIyaLkgc.roa
File:                     _bZKuF7AFVv9FOPtEDmaIyaLkgc.roa (raw, json)
Hash identifier:          /OjfGerjj4MNTsCbNROwrp1Es3nNekhRr//F8a0HSXE=
Subject key identifier:   FD:B6:4A:B8:5E:C0:15:5B:FD:14:E3:ED:10:39:9A:23:26:8B:92:07
Certificate issuer:       /CN=ef5e3d6f69fa2b42517911eae569573030799156
Certificate serial:       019B7A5AEF26D0F5CE04E4E78D59889AC5B4
Authority key identifier: EF:5E:3D:6F:69:FA:2B:42:51:79:11:EA:E5:69:57:30:30:79:91:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7149b2n6K0JReRHq5WlXMDB5kVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/_bZKuF7AFVv9FOPtEDmaIyaLkgc.roa
Signing time:             Thu 01 Jan 2026 16:18:58 +0000
ROA not before:           Thu 01 Jan 2026 16:18:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     199562
IP address blocks:        185.207.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/7149b2n6K0JReRHq5WlXMDB5kVY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/7149b2n6K0JReRHq5WlXMDB5kVY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7149b2n6K0JReRHq5WlXMDB5kVY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5a:ef:26:d0:f5:ce:04:e4:e7:8d:59:88:9a:c5:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef5e3d6f69fa2b42517911eae569573030799156
        Validity
            Not Before: Jan  1 16:18:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fdb64ab85ec0155bfd14e3ed10399a23268b9207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ca:f7:6e:6a:3c:22:93:d4:88:a0:62:7c:b7:
                    3b:fc:2e:03:ce:83:ec:9b:a1:97:90:49:f9:83:dc:
                    20:ab:63:ae:c5:3f:61:fc:b4:7f:8d:7e:18:00:e3:
                    5a:04:b9:f4:c7:9a:09:b4:52:b4:a8:ed:52:86:33:
                    46:f2:0b:16:b8:f5:d7:ff:73:15:06:c8:ed:4f:94:
                    8d:0b:be:70:ea:b0:0f:b8:84:3a:f0:fb:d3:5b:45:
                    26:c7:ed:4c:c1:a0:f1:66:3b:03:55:c8:81:24:68:
                    b1:f6:6b:de:86:7d:dd:b1:10:0f:d3:49:32:54:56:
                    4b:ed:b4:b7:50:8e:92:2f:f8:85:53:5d:db:f8:02:
                    78:05:1e:bb:04:51:08:93:0a:6c:ed:61:9f:47:ef:
                    a0:5f:cb:64:74:01:ed:98:f3:99:5e:e8:91:45:fe:
                    d9:d1:cd:f4:64:31:0d:09:0a:30:42:ec:f5:6f:78:
                    39:32:4b:96:36:76:69:02:60:ef:d9:bf:e2:ef:6d:
                    a0:d2:08:de:67:55:32:d1:be:29:39:f2:9f:dc:af:
                    8c:2c:5f:7f:14:eb:0f:ff:53:3f:24:fa:4a:0f:a3:
                    73:83:3b:21:d9:e4:b5:64:b7:7d:d6:7f:89:89:ba:
                    ea:19:6b:72:c4:b8:fe:13:4a:5e:75:bb:c0:06:d4:
                    c5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B6:4A:B8:5E:C0:15:5B:FD:14:E3:ED:10:39:9A:23:26:8B:92:07
            X509v3 Authority Key Identifier:
                keyid:EF:5E:3D:6F:69:FA:2B:42:51:79:11:EA:E5:69:57:30:30:79:91:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7149b2n6K0JReRHq5WlXMDB5kVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/_bZKuF7AFVv9FOPtEDmaIyaLkgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/272d50-7bb3-44b0-8254-fcff9e847ca2/1/7149b2n6K0JReRHq5WlXMDB5kVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:35:d8:22:64:90:16:8e:85:de:46:40:7e:e0:1e:b9:78:a0:
         5a:64:60:52:8e:90:4f:35:6e:19:7e:24:3a:81:35:88:40:8c:
         53:0d:50:a6:0c:a7:19:fa:13:28:40:02:76:c3:3d:83:ff:80:
         6a:db:16:d1:de:03:4d:c9:ca:24:29:12:e3:a8:43:39:d5:2a:
         a8:23:4c:97:ff:2e:e7:3e:7d:dc:ba:3e:0d:41:3e:aa:ac:0a:
         1f:c9:29:e0:1e:69:85:47:0a:d7:f7:e4:a3:ea:05:f9:d1:2a:
         38:bb:45:38:74:40:7b:8c:56:35:fa:a7:77:33:3c:49:20:8d:
         91:bb:e4:ad:2b:01:6a:46:6c:36:6e:6f:50:69:3a:81:a1:52:
         6a:5e:3e:94:25:f8:da:b1:87:e0:cf:f2:04:8e:75:43:5f:01:
         1a:6f:ec:1a:d6:dc:fb:4e:df:7e:7f:41:4c:49:85:b7:4a:d5:
         7e:db:2b:32:38:17:63:5b:1e:3c:55:0f:fc:16:90:bd:0d:4a:
         8c:23:10:6a:3c:8e:eb:45:32:a3:e9:84:bd:6e:c6:31:fc:6d:
         55:cf:af:17:ab:b0:f0:72:16:7d:29:ed:fa:29:39:01:b6:2a:
         c1:d1:f3:96:de:13:4f:4e:ee:57:50:93:e0:3e:2c:0b:35:46:
         a3:9f:8f:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6Wu8m0PXOBOTnjVmImsW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNWUzZDZmNjlmYTJiNDI1MTc5MTFlYWU1Njk1NzMwMzA3
OTkxNTYwHhcNMjYwMTAxMTYxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI2NGFiODVlYzAxNTViZmQxNGUzZWQxMDM5OWEyMzI2OGI5MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcr3bmo8IpPUiKBifLc7/C4DzoPs
m6GXkEn5g9wgq2OuxT9h/LR/jX4YAONaBLn0x5oJtFK0qO1ShjNG8gsWuPXX/3MV
BsjtT5SNC75w6rAPuIQ68PvTW0Umx+1MwaDxZjsDVciBJGix9mvehn3dsRAP00ky
VFZL7bS3UI6SL/iFU13b+AJ4BR67BFEIkwps7WGfR++gX8tkdAHtmPOZXuiRRf7Z
0c30ZDENCQowQuz1b3g5MkuWNnZpAmDv2b/i722g0gjeZ1Uy0b4pOfKf3K+MLF9/
FOsP/1M/JPpKD6Nzgzsh2eS1ZLd91n+JibrqGWtyxLj+E0pedbvABtTFXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP22SrhewBVb/RTj7RA5miMmi5IHMB8GA1UdIwQY
MBaAFO9ePW9p+itCUXkR6uVpVzAweZFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzE0OWIybjZLMEpSZVJIcTVXbFhNREI1a1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yNzJkNTAtN2JiMy00NGIwLTgyNTQt
ZmNmZjllODQ3Y2EyLzEvX2JaS3VGN0FGVnY5Rk9QdEVEbWFJeWFMa2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yNzJkNTAtN2JiMy00NGIwLTgyNTQtZmNmZjllODQ3Y2Ey
LzEvNzE0OWIybjZLMEpSZVJIcTVXbFhNREI1a1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc/XMA0G
CSqGSIb3DQEBCwUAA4IBAQA6NdgiZJAWjoXeRkB+4B65eKBaZGBSjpBPNW4ZfiQ6
gTWIQIxTDVCmDKcZ+hMoQAJ2wz2D/4Bq2xbR3gNNycokKRLjqEM51SqoI0yX/y7n
Pn3cuj4NQT6qrAofySngHmmFRwrX9+Sj6gX50So4u0U4dEB7jFY1+qd3MzxJII2R
u+StKwFqRmw2bm9QaTqBoVJqXj6UJfjasYfgz/IEjnVDXwEab+wa1tz7Tt9+f0FM
SYW3StV+2ysyOBdjWx48VQ/8FpC9DUqMIxBqPI7rRTKj6YS9bsYx/G1Vz68Xq7Dw
chZ9Ke36KTkBtirB0fOW3hNPTu5XUJPgPiwLNUajn49o
-----END CERTIFICATE-----