This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/jRSx240EFvikEXOWUrVqRyU2b0s.roa
File:                     jRSx240EFvikEXOWUrVqRyU2b0s.roa (raw, json)
Hash identifier:          bVFXm7wLR7zi83z8MQIWEvOELjneGFr/AACpBxvKs98=
Subject key identifier:   8D:14:B1:DB:8D:04:16:F8:A4:11:73:96:52:B5:6A:47:25:36:6F:4B
Certificate issuer:       /CN=df53a6b719197a6e7517574d3987f31eb9e9d4c9
Certificate serial:       019B775918ED5FB2A37B1A9713B13CAC94D1
Authority key identifier: DF:53:A6:B7:19:19:7A:6E:75:17:57:4D:39:87:F3:1E:B9:E9:D4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31OmtxkZem51F1dNOYfzHrnp1Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/jRSx240EFvikEXOWUrVqRyU2b0s.roa
Signing time:             Thu 01 Jan 2026 02:18:06 +0000
ROA not before:           Thu 01 Jan 2026 02:18:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     62319
IP address blocks:        193.104.171.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/31OmtxkZem51F1dNOYfzHrnp1Mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/31OmtxkZem51F1dNOYfzHrnp1Mk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31OmtxkZem51F1dNOYfzHrnp1Mk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 20:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:18:ed:5f:b2:a3:7b:1a:97:13:b1:3c:ac:94:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df53a6b719197a6e7517574d3987f31eb9e9d4c9
        Validity
            Not Before: Jan  1 02:18:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8d14b1db8d0416f8a411739652b56a4725366f4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:ce:36:a4:a4:11:39:c7:55:ef:57:da:91:7d:
                    d0:74:70:19:41:3b:c6:ca:e6:ac:31:f4:db:90:1a:
                    58:25:5f:b8:97:bd:e7:f6:de:e9:dd:17:bb:30:9e:
                    33:06:6e:d2:03:d3:78:83:02:62:92:c9:3d:37:a0:
                    c3:e0:dc:9b:47:16:d9:fb:b9:d3:49:53:66:40:41:
                    c8:0d:72:98:19:c1:9c:0a:74:9b:02:99:4b:ae:1e:
                    f4:be:85:dc:1f:6c:9c:3e:6f:38:7c:2c:ef:c4:8e:
                    93:15:b6:b3:b2:d0:77:69:a5:23:96:85:b9:72:a7:
                    e7:49:2d:e5:09:6e:ec:34:69:a5:9f:da:4a:8a:ab:
                    ec:9e:97:36:f5:a4:45:f2:fc:78:eb:a4:f8:1b:20:
                    33:22:2a:da:1b:57:e1:e7:3c:1f:96:d0:46:85:ae:
                    e0:bc:d8:01:88:e3:d1:e3:ef:d0:7e:84:6c:4e:bc:
                    31:b4:db:a9:09:cf:dc:ba:24:17:55:50:07:7c:1c:
                    55:1e:cf:e5:2c:77:e6:18:52:aa:f0:73:14:2a:15:
                    79:cf:89:3f:91:d4:36:48:8e:84:15:72:24:14:de:
                    d9:65:a0:d6:e9:3d:2b:04:4a:4f:2e:ca:82:38:a3:
                    f3:7c:62:4a:a6:ef:c3:c6:4d:23:7d:1c:b1:e4:cf:
                    6d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:14:B1:DB:8D:04:16:F8:A4:11:73:96:52:B5:6A:47:25:36:6F:4B
            X509v3 Authority Key Identifier:
                keyid:DF:53:A6:B7:19:19:7A:6E:75:17:57:4D:39:87:F3:1E:B9:E9:D4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31OmtxkZem51F1dNOYfzHrnp1Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/jRSx240EFvikEXOWUrVqRyU2b0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5f38a6-a97e-4861-ab3e-85212b9d159b/1/31OmtxkZem51F1dNOYfzHrnp1Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:dd:d9:2f:07:32:c3:0c:30:77:30:e7:a2:48:2c:42:86:1e:
         51:7e:7f:e2:ef:eb:43:11:5a:9a:a8:48:2b:ff:23:c5:29:e8:
         87:89:8d:ca:45:ed:51:d9:1c:0e:51:a5:96:bf:75:4a:4e:52:
         d6:ee:51:4e:be:15:93:de:55:cc:e7:1c:22:57:a3:28:9a:8a:
         de:35:7b:45:58:8e:06:e4:79:78:13:02:ff:d6:1d:df:4e:b6:
         91:95:17:06:4c:00:eb:d1:fc:06:4a:dd:6a:1a:c9:1b:ee:f0:
         7d:8a:ed:87:24:d9:9b:48:d5:0a:64:fb:1f:f4:d9:6b:dd:17:
         d3:f5:44:60:87:db:b5:77:e2:d0:bd:44:54:df:d1:fb:79:b0:
         66:db:ab:0a:ee:22:ad:5d:07:15:d5:43:ae:4b:f0:d3:bf:e9:
         a1:7b:0b:08:3f:7f:04:d7:3e:07:ad:91:fb:40:cc:1e:17:a2:
         c2:6d:ed:b9:a2:75:ee:3b:13:b5:c8:65:26:50:aa:cb:cb:2a:
         22:51:d2:3e:2d:d9:4e:d9:b0:85:b9:73:1b:f0:8f:23:ba:00:
         4c:e6:b9:73:e8:ef:af:c5:39:fa:9e:5f:69:fd:fd:2b:36:62:
         01:4c:cd:e9:63:08:b4:70:4d:63:67:f3:74:31:6e:58:6a:43:
         a4:69:1b:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WRjtX7KjexqXE7E8rJTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTNhNmI3MTkxOTdhNmU3NTE3NTc0ZDM5ODdmMzFlYjll
OWQ0YzkwHhcNMjYwMTAxMDIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDE0YjFkYjhkMDQxNmY4YTQxMTczOTY1MmI1NmE0NzI1MzY2ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M42pKQROcdV71fakX3QdHAZQTvG
yuasMfTbkBpYJV+4l73n9t7p3Re7MJ4zBm7SA9N4gwJiksk9N6DD4NybRxbZ+7nT
SVNmQEHIDXKYGcGcCnSbAplLrh70voXcH2ycPm84fCzvxI6TFbazstB3aaUjloW5
cqfnSS3lCW7sNGmln9pKiqvsnpc29aRF8vx466T4GyAzIiraG1fh5zwfltBGha7g
vNgBiOPR4+/QfoRsTrwxtNupCc/cuiQXVVAHfBxVHs/lLHfmGFKq8HMUKhV5z4k/
kdQ2SI6EFXIkFN7ZZaDW6T0rBEpPLsqCOKPzfGJKpu/Dxk0jfRyx5M9tqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0UsduNBBb4pBFzllK1akclNm9LMB8GA1UdIwQY
MBaAFN9TprcZGXpudRdXTTmH8x656dTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFPbXR4a1plbTUxRjFkTk9ZZnpIcm5wMU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZjM4YTYtYTk3ZS00ODYxLWFiM2Ut
ODUyMTJiOWQxNTliLzEvalJTeDI0MEVGdmlrRVhPV1VyVnFSeVUyYjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZjM4YTYtYTk3ZS00ODYxLWFiM2UtODUyMTJiOWQxNTli
LzEvMzFPbXR4a1plbTUxRjFkTk9ZZnpIcm5wMU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWirMA0G
CSqGSIb3DQEBCwUAA4IBAQBi3dkvBzLDDDB3MOeiSCxChh5Rfn/i7+tDEVqaqEgr
/yPFKeiHiY3KRe1R2RwOUaWWv3VKTlLW7lFOvhWT3lXM5xwiV6MomoreNXtFWI4G
5Hl4EwL/1h3fTraRlRcGTADr0fwGSt1qGskb7vB9iu2HJNmbSNUKZPsf9Nlr3RfT
9URgh9u1d+LQvURU39H7ebBm26sK7iKtXQcV1UOuS/DTv+mhewsIP38E1z4HrZH7
QMweF6LCbe25onXuOxO1yGUmUKrLyyoiUdI+LdlO2bCFuXMb8I8jugBM5rlz6O+v
xTn6nl9p/f0rNmIBTM3pYwi0cE1jZ/N0MW5YakOkaRuJ
-----END CERTIFICATE-----