This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/rJNKAC_7vgy7WAf0s8sdhHN9BiQ.roa
File:                     rJNKAC_7vgy7WAf0s8sdhHN9BiQ.roa (raw, json)
Hash identifier:          1B23Y1SamnbnH9DuB2QCnvYB+p28JNjbqvc9WGT21MQ=
Subject key identifier:   AC:93:4A:00:2F:FB:BE:0C:BB:58:07:F4:B3:CB:1D:84:73:7D:06:24
Certificate issuer:       /CN=9577345dfcc93478c5ff221d482ee4c98483f908
Certificate serial:       019BB79CF056887107AC95D16EFB18310E89
Authority key identifier: 95:77:34:5D:FC:C9:34:78:C5:FF:22:1D:48:2E:E4:C9:84:83:F9:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/rJNKAC_7vgy7WAf0s8sdhHN9BiQ.roa
Signing time:             Tue 13 Jan 2026 13:47:54 +0000
ROA not before:           Tue 13 Jan 2026 13:47:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214446
IP address blocks:        5.42.150.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:b7:9c:f0:56:88:71:07:ac:95:d1:6e:fb:18:31:0e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9577345dfcc93478c5ff221d482ee4c98483f908
        Validity
            Not Before: Jan 13 13:47:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ac934a002ffbbe0cbb5807f4b3cb1d84737d0624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d8:d8:dd:73:b7:14:62:9d:4b:83:f7:de:f4:
                    6d:28:ce:65:c8:25:8e:74:1a:03:c0:80:a5:8e:ad:
                    bb:bf:90:26:17:4f:a2:f4:90:00:dc:65:09:77:ec:
                    d1:04:ca:42:9f:9a:83:27:4e:0a:27:1f:d7:2b:1c:
                    9c:d1:4c:2d:8d:4a:33:c5:a2:bf:89:e6:54:d7:8a:
                    66:fc:99:af:4e:07:20:47:a0:38:78:6e:5c:87:46:
                    83:2e:4a:59:be:1c:19:8f:40:2e:45:84:8a:40:04:
                    b0:f5:63:27:4e:cf:c6:90:5b:9c:85:09:77:54:50:
                    73:48:04:08:c2:7b:66:ec:e4:9b:b0:14:b0:a5:3b:
                    5b:cb:6b:fb:e2:f0:22:d8:a4:ba:05:c1:d3:e7:86:
                    47:6e:c5:ef:c1:46:03:1d:3c:9a:db:c2:4b:71:75:
                    d9:c9:b7:40:7d:37:7c:39:a4:7b:9f:df:43:0f:68:
                    d0:c0:2e:71:e9:a7:df:f1:29:71:2b:16:6b:e8:05:
                    61:34:86:8e:74:f3:73:67:e2:f1:6e:91:74:9b:f4:
                    27:7e:d9:17:e0:7b:ac:c9:ce:62:f9:bf:8e:bc:3c:
                    a6:fb:d6:d9:65:48:e0:7c:87:77:be:b6:7c:04:bb:
                    02:b3:35:74:01:12:66:dd:45:15:18:eb:08:b0:f8:
                    f7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:93:4A:00:2F:FB:BE:0C:BB:58:07:F4:B3:CB:1D:84:73:7D:06:24
            X509v3 Authority Key Identifier:
                keyid:95:77:34:5D:FC:C9:34:78:C5:FF:22:1D:48:2E:E4:C9:84:83:F9:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/rJNKAC_7vgy7WAf0s8sdhHN9BiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:b3:61:a6:6c:2d:24:db:72:73:3d:5a:e6:62:c4:39:06:d3:
         74:67:34:82:d7:00:51:b5:cb:b5:ed:e4:a1:9d:c6:06:a1:54:
         b6:cd:8e:66:08:14:f0:b2:ee:42:3e:1b:cb:5d:38:f0:10:e4:
         9b:2f:e2:f5:78:d0:58:1b:ac:59:ac:15:3e:22:50:05:ad:f4:
         46:2d:a1:99:ca:d7:6a:d4:83:31:89:9c:52:6f:0c:90:4a:c2:
         4a:3b:29:98:b2:d2:75:a8:1f:41:35:af:62:c8:ee:96:bd:3a:
         f9:2e:84:a6:32:af:f2:07:1b:4d:e9:13:b0:ca:1f:1b:ca:f5:
         8f:e2:ea:41:34:64:52:83:30:be:b3:f2:86:02:74:ae:bd:7a:
         dc:42:a0:51:fc:f0:96:80:83:53:cf:99:e2:ca:1b:0d:1c:53:
         35:c0:6a:11:46:9f:d1:e6:fe:2b:68:27:0f:34:4b:b0:1a:e2:
         df:38:b0:54:a9:92:1e:2e:41:fa:4e:3b:e9:e2:67:1c:47:6f:
         35:63:d8:f4:ee:95:ee:59:bc:a2:36:e6:36:c5:7b:59:05:2f:
         4b:17:0a:b8:9c:f5:d2:ee:49:98:86:02:87:b1:0f:d9:f1:95:
         a0:c5:26:35:1c:d8:64:e7:8e:b3:20:71:c5:02:a4:28:2c:e9:
         d4:fb:37:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZu3nPBWiHEHrJXRbvsYMQ6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NzczNDVkZmNjOTM0NzhjNWZmMjIxZDQ4MmVlNGM5ODQ4
M2Y5MDgwHhcNMjYwMTEzMTM0NzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzkzNGEwMDJmZmJiZTBjYmI1ODA3ZjRiM2NiMWQ4NDczN2QwNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1djY3XO3FGKdS4P33vRtKM5lyCWO
dBoDwICljq27v5AmF0+i9JAA3GUJd+zRBMpCn5qDJ04KJx/XKxyc0UwtjUozxaK/
ieZU14pm/JmvTgcgR6A4eG5ch0aDLkpZvhwZj0AuRYSKQASw9WMnTs/GkFuchQl3
VFBzSAQIwntm7OSbsBSwpTtby2v74vAi2KS6BcHT54ZHbsXvwUYDHTya28JLcXXZ
ybdAfTd8OaR7n99DD2jQwC5x6aff8SlxKxZr6AVhNIaOdPNzZ+LxbpF0m/QnftkX
4Husyc5i+b+OvDym+9bZZUjgfId3vrZ8BLsCszV0ARJm3UUVGOsIsPj3DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyTSgAv+74Mu1gH9LPLHYRzfQYkMB8GA1UdIwQY
MBaAFJV3NF38yTR4xf8iHUgu5MmEg/kIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFhjMFhmekpOSGpGX3lJZFNDN2t5WVNELVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMTZmNjYtMmFmNC00NjNlLTk3ODUt
NDMzZjVmYTRmOTAxLzEvckpOS0FDXzd2Z3k3V0FmMHM4c2RoSE45QmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMTZmNjYtMmFmNC00NjNlLTk3ODUtNDMzZjVmYTRmOTAx
LzEvbFhjMFhmekpOSGpGX3lJZFNDN2t5WVNELVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSqWMA0G
CSqGSIb3DQEBCwUAA4IBAQBxs2GmbC0k23JzPVrmYsQ5BtN0ZzSC1wBRtcu17eSh
ncYGoVS2zY5mCBTwsu5CPhvLXTjwEOSbL+L1eNBYG6xZrBU+IlAFrfRGLaGZytdq
1IMxiZxSbwyQSsJKOymYstJ1qB9BNa9iyO6WvTr5LoSmMq/yBxtN6ROwyh8byvWP
4upBNGRSgzC+s/KGAnSuvXrcQqBR/PCWgINTz5niyhsNHFM1wGoRRp/R5v4raCcP
NEuwGuLfOLBUqZIeLkH6Tjvp4mccR281Y9j07pXuWbyiNuY2xXtZBS9LFwq4nPXS
7kmYhgKHsQ/Z8ZWgxSY1HNhk546zIHHFAqQoLOnU+zfN
-----END CERTIFICATE-----