This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/t25FS3p7VfnEPbzfHv-DyXEln4A.roa
File:                     t25FS3p7VfnEPbzfHv-DyXEln4A.roa (raw, json)
Hash identifier:          71ZKU18culvAhzrOg6y8Lw3IENicOoZIJiAlIOqPr8E=
Subject key identifier:   B7:6E:45:4B:7A:7B:55:F9:C4:3D:BC:DF:1E:FF:83:C9:71:25:9F:80
Certificate issuer:       /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial:       019B7AC8E411496B995C8A12F33D99A4ABFA
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/t25FS3p7VfnEPbzfHv-DyXEln4A.roa
Signing time:             Thu 01 Jan 2026 18:19:04 +0000
ROA not before:           Thu 01 Jan 2026 18:19:04 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8075
IP address blocks:        45.157.47.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:e4:11:49:6b:99:5c:8a:12:f3:3d:99:a4:ab:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
        Validity
            Not Before: Jan  1 18:19:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b76e454b7a7b55f9c43dbcdf1eff83c971259f80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:34:80:74:1e:5b:dd:ba:3e:7e:f3:40:b4:df:
                    b0:75:63:46:11:42:95:e0:96:36:98:da:43:d3:52:
                    18:f9:a3:f9:d6:11:ea:a9:54:9f:d0:59:c5:8e:e1:
                    0a:8a:1a:bc:6d:95:07:bb:32:ef:51:c2:17:39:17:
                    67:ac:af:63:23:06:f9:f9:5c:ea:92:f4:fe:59:ae:
                    25:b9:87:5a:19:d0:4d:f2:ef:db:81:11:5a:46:cf:
                    b5:61:71:e1:0e:b5:26:24:db:e8:27:a3:8f:73:aa:
                    55:af:2a:0a:24:d5:e6:c7:6c:70:05:ff:5f:2c:7c:
                    b9:ea:92:65:fa:a6:a2:27:5d:c3:37:b1:4a:bd:47:
                    21:d7:be:db:54:23:64:d8:de:56:e2:14:fe:ba:72:
                    5a:8d:c7:ad:be:1a:cb:5f:b4:87:93:e1:ae:34:33:
                    5d:3a:11:8e:79:b9:c0:45:b2:ee:c8:44:c3:7c:28:
                    75:eb:35:ce:06:05:7f:de:f3:cd:5d:f8:14:03:46:
                    cc:e2:54:97:4f:b8:6f:61:a2:65:a1:20:fa:80:71:
                    f2:34:07:90:14:78:94:37:69:7a:df:23:0e:c4:c7:
                    a3:9e:d1:75:33:b8:21:6d:8d:26:3f:a5:3e:f8:43:
                    85:6d:fa:24:ff:92:7a:61:1c:79:c5:ec:07:67:e5:
                    93:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:6E:45:4B:7A:7B:55:F9:C4:3D:BC:DF:1E:FF:83:C9:71:25:9F:80
            X509v3 Authority Key Identifier:
                keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/t25FS3p7VfnEPbzfHv-DyXEln4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:fb:28:69:db:f4:f2:20:f0:b7:5d:64:85:90:e4:97:a3:75:
         9b:5e:4d:fc:9d:99:da:4d:93:d8:4c:a5:e4:6d:86:00:b3:30:
         9d:b7:cd:f2:47:02:af:da:c6:bb:fd:32:7e:51:f2:98:cb:e7:
         a8:0d:cb:a2:6e:b2:e1:69:5c:97:5e:77:cc:55:a9:52:75:03:
         e1:50:9e:18:85:04:36:54:9f:10:00:de:c3:10:be:fc:c9:da:
         43:e4:1d:17:9d:15:41:b2:04:08:ef:3b:de:66:9a:46:cd:80:
         12:ea:6e:a9:4f:85:5b:d7:de:ea:65:4d:d9:2d:23:ee:c4:64:
         da:ba:16:d5:ff:c8:f2:42:66:15:51:da:f7:aa:fb:0c:7e:e9:
         fc:c0:08:1f:08:22:d2:47:c6:b9:46:16:e5:9b:9b:df:2f:9c:
         ae:af:4e:08:17:d6:4b:58:87:d3:2e:61:b6:f0:ea:bc:ac:94:
         db:1b:85:ba:ad:c8:b2:2d:c5:6b:b7:21:4c:a3:92:d9:27:3d:
         0a:8b:3b:a6:02:20:87:41:da:7b:5f:f4:52:e7:c0:0c:3e:79:
         ba:af:8e:11:ed:5e:2d:d0:6e:6c:7b:4a:b1:96:04:2f:20:b9:
         e4:78:a0:25:50:bc:a8:08:7b:38:1a:82:d6:d6:c8:cb:f5:cf:
         36:02:b8:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yOQRSWuZXIoS8z2ZpKv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjYwMTAxMTgxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZlNDU0YjdhN2I1NWY5YzQzZGJjZGYxZWZmODNjOTcxMjU5ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzSAdB5b3bo+fvNAtN+wdWNGEUKV
4JY2mNpD01IY+aP51hHqqVSf0FnFjuEKihq8bZUHuzLvUcIXORdnrK9jIwb5+Vzq
kvT+Wa4luYdaGdBN8u/bgRFaRs+1YXHhDrUmJNvoJ6OPc6pVryoKJNXmx2xwBf9f
LHy56pJl+qaiJ13DN7FKvUch177bVCNk2N5W4hT+unJajcetvhrLX7SHk+GuNDNd
OhGOebnARbLuyETDfCh16zXOBgV/3vPNXfgUA0bM4lSXT7hvYaJloSD6gHHyNAeQ
FHiUN2l63yMOxMejntF1M7ghbY0mP6U++EOFbfok/5J6YRx5xewHZ+WTHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLduRUt6e1X5xD283x7/g8lxJZ+AMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvdDI1RlMzcDdWZm5FUGJ6Zkh2LUR5WEVsbjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0vMA0G
CSqGSIb3DQEBCwUAA4IBAQCp+yhp2/TyIPC3XWSFkOSXo3WbXk38nZnaTZPYTKXk
bYYAszCdt83yRwKv2sa7/TJ+UfKYy+eoDcuibrLhaVyXXnfMValSdQPhUJ4YhQQ2
VJ8QAN7DEL78ydpD5B0XnRVBsgQI7zveZppGzYAS6m6pT4Vb197qZU3ZLSPuxGTa
uhbV/8jyQmYVUdr3qvsMfun8wAgfCCLSR8a5Rhblm5vfL5yur04IF9ZLWIfTLmG2
8Oq8rJTbG4W6rciyLcVrtyFMo5LZJz0KizumAiCHQdp7X/RS58AMPnm6r44R7V4t
0G5se0qxlgQvILnkeKAlULyoCHs4GoLW1sjL9c82ArhI
-----END CERTIFICATE-----