This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/R2uv8D1AC8qkVVlzoluUFlx0Uzc.roa
File:                     R2uv8D1AC8qkVVlzoluUFlx0Uzc.roa (raw, json)
Hash identifier:          Px0hZ7oJHqm6VJaRC8v/ew/nIaAHwORSGtXPvMgDntg=
Subject key identifier:   47:6B:AF:F0:3D:40:0B:CA:A4:55:59:73:A2:5B:94:16:5C:74:53:37
Certificate issuer:       /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial:       019B7BA35500E86E1A998898C556A1EFE34E
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/R2uv8D1AC8qkVVlzoluUFlx0Uzc.roa
Signing time:             Thu 01 Jan 2026 22:17:40 +0000
ROA not before:           Thu 01 Jan 2026 22:17:40 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     13347
IP address blocks:        161.8.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 12:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a3:55:00:e8:6e:1a:99:88:98:c5:56:a1:ef:e3:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
        Validity
            Not Before: Jan  1 22:17:40 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=476baff03d400bcaa4555973a25b94165c745337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7f:9b:94:10:69:9c:6a:a3:c4:5c:bb:2f:3f:
                    62:c3:43:97:89:5c:92:b6:d4:4f:20:b9:69:66:4d:
                    fd:56:dc:1e:7c:cf:65:a5:38:51:d4:69:0a:d4:9e:
                    cf:38:25:db:d4:35:0c:90:51:db:84:4e:34:45:00:
                    7a:a0:cd:86:3f:f1:88:8b:56:73:2b:1f:23:0d:43:
                    86:5a:99:c6:3c:13:c6:10:ad:4f:a0:6a:a9:da:b6:
                    2b:35:fc:4b:bf:be:17:2b:f9:8e:e7:ad:c8:4c:11:
                    94:e3:76:d1:7c:c9:fa:3c:98:f3:ba:e5:75:89:c0:
                    0b:d3:50:3b:6f:44:fd:00:76:ca:cd:48:b3:84:19:
                    54:dd:04:c3:e3:b2:57:35:14:86:4e:f9:a4:89:38:
                    d7:1f:4b:f2:c9:28:03:53:fc:78:46:0e:90:17:80:
                    68:1c:eb:77:2f:42:70:04:fa:8b:72:5d:12:f6:4b:
                    cc:42:49:33:af:81:f1:6c:f6:3c:fd:78:a2:94:c1:
                    7d:44:91:a0:a4:d3:f9:ec:0b:de:4f:02:e7:9f:ea:
                    2e:6b:bf:bc:8e:f0:19:b1:9d:28:b8:61:54:d1:e1:
                    c8:8a:0d:72:cf:74:01:d8:28:27:93:50:20:82:d4:
                    76:7f:3f:bb:1a:50:e9:78:d7:76:50:69:6b:18:c5:
                    3c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:6B:AF:F0:3D:40:0B:CA:A4:55:59:73:A2:5B:94:16:5C:74:53:37
            X509v3 Authority Key Identifier:
                keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/R2uv8D1AC8qkVVlzoluUFlx0Uzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.8.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         8b:3d:9c:90:f0:d3:3b:ea:ed:f4:76:83:0d:6b:90:dd:69:a1:
         a5:23:78:fc:6f:c7:6b:81:10:5b:d9:28:64:15:64:9d:6b:bd:
         5a:2f:ac:9b:f8:99:11:1f:73:f5:a5:ff:a2:96:cb:4a:0d:7b:
         fa:3e:8c:05:f6:fe:57:2d:d2:fa:8b:60:0d:ef:5e:83:45:98:
         15:fc:a0:8f:88:6a:2d:da:8a:d6:29:e2:80:09:04:be:4f:7c:
         22:dd:67:8d:dc:05:43:c8:e9:c5:e3:2d:bf:60:52:bd:73:c7:
         e9:bb:c6:2b:80:42:0a:12:85:8d:ca:78:21:b5:db:4e:92:64:
         28:50:d2:a2:f0:20:5b:fa:5b:db:4c:8a:0f:64:e9:9f:fa:d2:
         26:71:b1:65:76:ae:fc:66:86:f6:8d:36:e9:ac:10:f4:66:07:
         cb:e6:11:f9:00:bd:60:f9:50:25:eb:9d:9f:4e:0e:05:8d:58:
         26:87:0f:ac:f0:14:5c:6b:2c:e2:7a:d4:5b:c4:3a:58:dd:f4:
         c2:67:bd:1e:70:b4:e4:3d:ac:f6:c1:9e:0c:dc:02:84:14:24:
         95:57:e7:9c:d4:aa:61:2a:4d:2e:1f:d2:13:02:a1:fa:c1:ac:
         1d:ab:b1:ed:f2:c5:5a:9b:31:4c:3a:c0:52:22:1f:12:4e:10:
         71:3a:f6:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7o1UA6G4amYiYxVah7+NOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjYwMTAxMjIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZiYWZmMDNkNDAwYmNhYTQ1NTU5NzNhMjViOTQxNjVjNzQ1MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon+blBBpnGqjxFy7Lz9iw0OXiVyS
ttRPILlpZk39VtwefM9lpThR1GkK1J7POCXb1DUMkFHbhE40RQB6oM2GP/GIi1Zz
Kx8jDUOGWpnGPBPGEK1PoGqp2rYrNfxLv74XK/mO563ITBGU43bRfMn6PJjzuuV1
icAL01A7b0T9AHbKzUizhBlU3QTD47JXNRSGTvmkiTjXH0vyySgDU/x4Rg6QF4Bo
HOt3L0JwBPqLcl0S9kvMQkkzr4HxbPY8/XiilMF9RJGgpNP57AveTwLnn+oua7+8
jvAZsZ0ouGFU0eHIig1yz3QB2Cgnk1AggtR2fz+7GlDpeNd2UGlrGMU8DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdrr/A9QAvKpFVZc6JblBZcdFM3MB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvUjJ1djhEMUFDOHFrVlZsem9sdVVGbHgwVXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFoQigMA0G
CSqGSIb3DQEBCwUAA4IBAQCLPZyQ8NM76u30doMNa5DdaaGlI3j8b8drgRBb2Shk
FWSda71aL6yb+JkRH3P1pf+ilstKDXv6PowF9v5XLdL6i2AN716DRZgV/KCPiGot
2orWKeKACQS+T3wi3WeN3AVDyOnF4y2/YFK9c8fpu8YrgEIKEoWNynghtdtOkmQo
UNKi8CBb+lvbTIoPZOmf+tImcbFldq78Zob2jTbprBD0ZgfL5hH5AL1g+VAl652f
Tg4FjVgmhw+s8BRcayzietRbxDpY3fTCZ70ecLTkPaz2wZ4M3AKEFCSVV+ec1Kph
Kk0uH9ITAqH6wawdq7Ht8sVamzFMOsBSIh8SThBxOvY4
-----END CERTIFICATE-----