This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/DRM_Q_F-RhaMoXsJguF4yvAN2Mk.roa
File:                     DRM_Q_F-RhaMoXsJguF4yvAN2Mk.roa (raw, json)
Hash identifier:          WtpNIruU6xrFaWJhp/TUD58RszhAuM2Cz2GEwYtHSFI=
Subject key identifier:   0D:13:3F:43:F1:7E:46:16:8C:A1:7B:09:82:E1:78:CA:F0:0D:D8:C9
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA41B1FBCEE872BC2E05875CB1BC930
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/DRM_Q_F-RhaMoXsJguF4yvAN2Mk.roa
Signing time:             Thu 01 Jan 2026 22:18:30 +0000
ROA not before:           Thu 01 Jan 2026 22:18:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     210899
IP address blocks:        45.137.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:1b:1f:bc:ee:87:2b:c2:e0:58:75:cb:1b:c9:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0d133f43f17e46168ca17b0982e178caf00dd8c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5f:ea:dc:31:a9:c9:9e:82:c2:f1:46:8c:45:
                    61:60:25:17:42:eb:a8:c4:52:b6:31:1a:d6:73:d2:
                    19:ca:f1:77:39:bf:fa:05:d2:5a:c2:c3:05:ef:6f:
                    87:6e:61:a9:d7:95:8f:63:f4:84:68:6c:a8:e0:2a:
                    c6:1f:64:69:ee:c9:c6:94:5e:d1:a6:89:3d:fa:04:
                    69:f6:af:52:db:4c:8b:da:ed:7c:ad:2e:80:48:e9:
                    b4:dc:10:72:96:16:c3:ad:db:0a:a4:49:e4:b8:7e:
                    36:38:08:e7:b8:32:ea:83:4a:5a:4a:e4:20:c1:ee:
                    95:2a:0b:e7:55:2b:5f:0c:8b:45:86:c4:e5:0b:e5:
                    13:ef:ba:41:7e:fe:ac:40:c9:fd:76:cf:23:5d:71:
                    33:f8:ae:c2:0d:48:06:78:17:bd:c0:52:df:08:ed:
                    01:71:10:ea:88:ed:c3:a2:ff:fd:cf:06:01:8f:25:
                    aa:44:8e:20:76:e8:0d:ac:c2:77:84:ed:71:78:56:
                    72:69:99:3d:b0:52:b7:27:3b:1f:20:e9:29:16:38:
                    ee:53:34:4f:64:24:19:d4:d6:85:dd:aa:24:47:42:
                    bb:6e:ab:6d:dc:7d:d2:aa:32:ff:64:1d:f2:b5:56:
                    7f:db:0f:6b:5b:ae:3a:eb:87:3e:dc:f4:82:55:3b:
                    69:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:13:3F:43:F1:7E:46:16:8C:A1:7B:09:82:E1:78:CA:F0:0D:D8:C9
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/DRM_Q_F-RhaMoXsJguF4yvAN2Mk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:04:42:0a:d3:4f:34:30:1e:1e:fa:5a:7d:72:1b:49:9e:b9:
         51:09:ac:58:a6:1f:e9:b8:86:50:21:bd:5b:4b:6e:38:a5:89:
         4f:43:1c:67:7f:a9:6e:66:d0:43:3f:ba:12:4c:19:ba:99:b0:
         52:11:43:f6:30:08:84:9f:04:63:8d:0c:b4:31:94:f4:35:5b:
         09:92:71:33:7c:c0:bd:d3:eb:3c:70:dc:42:4f:c7:12:1f:af:
         2a:f8:79:78:49:8d:3c:a2:ee:3d:d3:18:f6:37:b4:3a:df:64:
         1f:bf:33:0b:b5:b2:04:d2:9b:ea:32:28:24:0a:be:82:61:8f:
         27:53:71:39:bd:96:39:9c:e3:6b:7d:45:cf:8a:2f:86:d1:91:
         10:63:8e:3b:24:6c:5a:da:1c:a3:e0:58:31:51:f2:54:2b:16:
         09:4f:db:2c:34:f5:16:3b:00:31:d5:12:ca:c0:5a:4d:48:aa:
         ab:73:09:36:a1:3e:8d:46:19:83:a3:e5:ec:09:ee:01:95:1b:
         f9:d7:65:c6:f0:97:6b:5b:d3:0f:16:94:ee:b5:63:25:bd:0e:
         26:6b:25:62:64:a3:a0:28:2d:da:b8:c2:8e:2c:3f:0c:9d:2c:
         36:03:3b:e8:75:d2:3c:22:01:12:23:e0:17:22:a6:83:2f:9b:
         ff:5b:f8:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pBsfvO6HK8LgWHXLG8kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEzM2Y0M2YxN2U0NjE2OGNhMTdiMDk4MmUxNzhjYWYwMGRkOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF/q3DGpyZ6CwvFGjEVhYCUXQuuo
xFK2MRrWc9IZyvF3Ob/6BdJawsMF72+HbmGp15WPY/SEaGyo4CrGH2Rp7snGlF7R
pok9+gRp9q9S20yL2u18rS6ASOm03BBylhbDrdsKpEnkuH42OAjnuDLqg0paSuQg
we6VKgvnVStfDItFhsTlC+UT77pBfv6sQMn9ds8jXXEz+K7CDUgGeBe9wFLfCO0B
cRDqiO3Dov/9zwYBjyWqRI4gdugNrMJ3hO1xeFZyaZk9sFK3JzsfIOkpFjjuUzRP
ZCQZ1NaF3aokR0K7bqtt3H3SqjL/ZB3ytVZ/2w9rW64664c+3PSCVTtpTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0TP0PxfkYWjKF7CYLheMrwDdjJMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvRFJNX1FfRi1SaGFNb1hzSmd1RjR5dkFOMk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlpMA0G
CSqGSIb3DQEBCwUAA4IBAQASBEIK0080MB4e+lp9chtJnrlRCaxYph/puIZQIb1b
S244pYlPQxxnf6luZtBDP7oSTBm6mbBSEUP2MAiEnwRjjQy0MZT0NVsJknEzfMC9
0+s8cNxCT8cSH68q+Hl4SY08ou490xj2N7Q632QfvzMLtbIE0pvqMigkCr6CYY8n
U3E5vZY5nONrfUXPii+G0ZEQY447JGxa2hyj4FgxUfJUKxYJT9ssNPUWOwAx1RLK
wFpNSKqrcwk2oT6NRhmDo+XsCe4BlRv512XG8JdrW9MPFpTutWMlvQ4mayViZKOg
KC3auMKOLD8MnSw2AzvoddI8IgESI+AXIqaDL5v/W/g5
-----END CERTIFICATE-----