This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/F-ogY8Ta0_wee_Msr6wXjLMMLdk.roa
File:                     F-ogY8Ta0_wee_Msr6wXjLMMLdk.roa (raw, json)
Hash identifier:          UNtwMKF8S5Lr7jUG500KlLAuDRJg8Q6dusBqXV40+W8=
Subject key identifier:   17:EA:20:63:C4:DA:D3:FC:1E:7B:F3:2C:AF:AC:17:8C:B3:0C:2D:D9
Certificate issuer:       /CN=571a0fc012efb89650a77e6fbd12dcabda428cb0
Certificate serial:       019B79EC9058D55BF8F8FDB183160DAE16A5
Authority key identifier: 57:1A:0F:C0:12:EF:B8:96:50:A7:7E:6F:BD:12:DC:AB:DA:42:8C:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VxoPwBLvuJZQp35vvRLcq9pCjLA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/F-ogY8Ta0_wee_Msr6wXjLMMLdk.roa
Signing time:             Thu 01 Jan 2026 14:18:25 +0000
ROA not before:           Thu 01 Jan 2026 14:18:25 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     680
IP address blocks:        139.18.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/VxoPwBLvuJZQp35vvRLcq9pCjLA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/VxoPwBLvuJZQp35vvRLcq9pCjLA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VxoPwBLvuJZQp35vvRLcq9pCjLA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Jan 2026 02:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:90:58:d5:5b:f8:f8:fd:b1:83:16:0d:ae:16:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=571a0fc012efb89650a77e6fbd12dcabda428cb0
        Validity
            Not Before: Jan  1 14:18:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=17ea2063c4dad3fc1e7bf32cafac178cb30c2dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:15:5d:37:61:98:e5:b9:65:b2:1c:d6:05:d6:
                    dc:a0:68:04:84:3f:ef:aa:f3:4b:06:95:2c:8e:36:
                    64:f9:3f:9a:38:43:1f:ca:d8:50:d6:78:7a:86:b4:
                    e1:8f:0a:54:f4:22:87:ed:c6:a3:dc:90:7c:88:c1:
                    9a:f6:9e:8c:6f:a5:11:bd:54:ff:a0:7c:b8:e3:b9:
                    e6:e4:6f:4b:f7:c5:b9:76:01:e2:c9:67:a7:23:83:
                    8a:75:17:cd:6a:de:52:14:7c:4b:84:f9:ae:33:0f:
                    96:75:80:da:fe:2b:1b:09:df:d9:82:07:1e:a6:c7:
                    00:cd:ad:37:ba:c3:15:a3:95:55:ba:f7:0f:58:1b:
                    2a:43:78:7f:9b:65:b4:70:bf:37:f0:bd:c2:eb:bc:
                    56:49:30:af:7e:9f:fe:4b:f3:34:a2:96:4c:9c:c0:
                    cd:84:c7:46:3b:4b:8a:fa:2b:9b:e2:77:90:f4:bb:
                    29:0e:0d:1b:19:f1:81:c9:3b:58:85:a2:86:99:50:
                    15:a4:63:8e:10:0d:14:cb:4b:d5:0d:71:01:21:88:
                    6d:33:20:63:e7:5d:26:da:e6:d7:e0:89:be:6f:1f:
                    28:ca:a6:ef:b6:28:fb:9d:f6:92:a3:a1:d1:aa:16:
                    4e:77:0f:81:8d:3a:98:03:7f:0b:82:db:5c:ef:2c:
                    6c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EA:20:63:C4:DA:D3:FC:1E:7B:F3:2C:AF:AC:17:8C:B3:0C:2D:D9
            X509v3 Authority Key Identifier:
                keyid:57:1A:0F:C0:12:EF:B8:96:50:A7:7E:6F:BD:12:DC:AB:DA:42:8C:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxoPwBLvuJZQp35vvRLcq9pCjLA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/F-ogY8Ta0_wee_Msr6wXjLMMLdk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d67661-4324-4e7a-ac6e-8b49dab166a4/1/VxoPwBLvuJZQp35vvRLcq9pCjLA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.18.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         35:38:51:e2:a9:ea:7a:fb:2d:bf:47:74:47:88:18:00:35:12:
         3f:41:15:10:8b:eb:04:6e:38:d9:f8:1c:d3:53:c7:82:9d:e6:
         c5:5e:0c:a7:0d:fe:84:26:b3:8f:a5:51:df:bd:49:29:75:0f:
         b3:39:55:48:c6:c8:bb:b0:fa:d5:5a:bf:3b:e6:5c:52:b4:ca:
         fb:49:48:5f:14:8b:73:37:0c:e6:95:a9:1e:a4:05:e1:d5:b9:
         39:39:ed:54:22:46:bc:46:bf:59:e9:93:15:04:4f:64:9b:36:
         f8:4c:b1:13:3f:fb:c1:02:9e:16:69:18:6b:92:fd:5c:01:51:
         52:18:09:23:e8:16:72:e1:65:93:a6:4b:e0:2d:d9:3f:bb:88:
         00:b2:26:41:e0:67:c4:09:75:0d:19:a5:eb:b1:15:76:f6:df:
         e6:15:3e:ad:a8:03:66:9b:ab:0d:4e:ea:c7:ba:7c:bb:d7:15:
         0e:54:8f:6e:48:2b:dc:2b:45:64:95:c0:d1:23:86:23:00:8b:
         88:5a:ce:78:bd:b9:e1:09:e8:c0:1c:5e:7f:dc:cf:34:05:e8:
         73:d2:d9:da:1c:2f:7d:10:a2:3a:37:55:52:4f:32:04:9e:a3:
         20:90:46:ff:12:a2:b2:1b:22:16:ac:f7:2a:86:7d:28:da:47:
         3a:00:f4:6a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZt57JBY1Vv4+P2xgxYNrhalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWEwZmMwMTJlZmI4OTY1MGE3N2U2ZmJkMTJkY2FiZGE0
MjhjYjAwHhcNMjYwMTAxMTQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2VhMjA2M2M0ZGFkM2ZjMWU3YmYzMmNhZmFjMTc4Y2IzMGMyZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxVdN2GY5bllshzWBdbcoGgEhD/v
qvNLBpUsjjZk+T+aOEMfythQ1nh6hrThjwpU9CKH7caj3JB8iMGa9p6Mb6URvVT/
oHy447nm5G9L98W5dgHiyWenI4OKdRfNat5SFHxLhPmuMw+WdYDa/isbCd/Zggce
pscAza03usMVo5VVuvcPWBsqQ3h/m2W0cL838L3C67xWSTCvfp/+S/M0opZMnMDN
hMdGO0uK+iub4neQ9LspDg0bGfGByTtYhaKGmVAVpGOOEA0Uy0vVDXEBIYhtMyBj
510m2ubX4Im+bx8oyqbvtij7nfaSo6HRqhZOdw+BjTqYA38Lgttc7yxs8wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBfqIGPE2tP8HnvzLK+sF4yzDC3ZMB8GA1UdIwQY
MBaAFFcaD8AS77iWUKd+b70S3KvaQoywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhvUHdCTHZ1SlpRcDM1dnZSTGNxOXBDakxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNjc2NjEtNDMyNC00ZTdhLWFjNmUt
OGI0OWRhYjE2NmE0LzEvRi1vZ1k4VGEwX3dlZV9Nc3I2d1hqTE1NTGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNjc2NjEtNDMyNC00ZTdhLWFjNmUtOGI0OWRhYjE2NmE0
LzEvVnhvUHdCTHZ1SlpRcDM1dnZSTGNxOXBDakxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAixIwDQYJ
KoZIhvcNAQELBQADggEBADU4UeKp6nr7Lb9HdEeIGAA1Ej9BFRCL6wRuONn4HNNT
x4Kd5sVeDKcN/oQms4+lUd+9SSl1D7M5VUjGyLuw+tVavzvmXFK0yvtJSF8Ui3M3
DOaVqR6kBeHVuTk57VQiRrxGv1npkxUET2SbNvhMsRM/+8ECnhZpGGuS/VwBUVIY
CSPoFnLhZZOmS+At2T+7iACyJkHgZ8QJdQ0ZpeuxFXb23+YVPq2oA2abqw1O6se6
fLvXFQ5Uj25IK9wrRWSVwNEjhiMAi4hazni9ueEJ6MAcXn/czzQF6HPS2docL30Q
ojo3VVJPMgSeoyCQRv8SorIbIhas9yqGfSjaRzoA9Go=
-----END CERTIFICATE-----