This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/phSq6B7Lec-9di1Goq_0nokqdXw.roa
File:                     phSq6B7Lec-9di1Goq_0nokqdXw.roa (raw, json)
Hash identifier:          W/a8o66xkq14CwRGv0AcCVK3WZR+Cp5Yy3n/yVITo38=
Subject key identifier:   A6:14:AA:E8:1E:CB:79:CF:BD:76:2D:46:A2:AF:F4:9E:89:2A:75:7C
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       019B797DF3E78D783DED1923F2F898D418BB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/phSq6B7Lec-9di1Goq_0nokqdXw.roa
Signing time:             Thu 01 Jan 2026 12:17:36 +0000
ROA not before:           Thu 01 Jan 2026 12:17:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     197715
IP address blocks:        37.153.158.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 08:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7d:f3:e7:8d:78:3d:ed:19:23:f2:f8:98:d4:18:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Jan  1 12:17:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a614aae81ecb79cfbd762d46a2aff49e892a757c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:16:3b:eb:b9:61:1f:ae:21:a5:61:79:cb:1b:
                    2b:eb:67:e0:44:19:87:0d:53:55:6c:a5:3c:85:f4:
                    bc:b1:89:71:b2:3f:5c:37:a5:97:aa:65:c6:81:7b:
                    0f:b6:95:fe:bc:52:98:4e:24:0a:fe:e1:a1:11:3b:
                    9f:f3:91:b3:24:23:ab:c2:22:62:83:3c:7f:eb:73:
                    09:3f:c2:ce:42:e3:a5:90:01:22:5b:3c:f4:52:2c:
                    5f:8e:69:5e:02:03:dc:cd:a0:1e:1c:25:c1:d2:b9:
                    74:4e:e7:b6:0b:22:ad:ed:b5:1c:1f:ee:89:08:7d:
                    4d:8f:f5:aa:61:ea:32:d4:9d:0d:f6:c8:f5:39:7f:
                    8f:83:e0:63:37:94:43:3b:7a:fa:85:74:21:8b:85:
                    b7:66:c7:1a:1a:7b:14:a1:29:5a:b3:00:c7:07:2d:
                    57:75:8d:56:2c:54:82:a9:c1:32:24:64:45:32:80:
                    21:62:e7:c1:45:fb:b8:84:01:99:f8:9d:a4:f3:5e:
                    11:7a:fa:a9:88:4c:84:a6:bb:6b:f1:1d:7a:71:60:
                    05:86:aa:31:44:08:41:f4:c6:a0:ff:f0:e7:dc:1f:
                    fa:60:85:e5:6f:fb:4d:d9:55:a5:3d:67:eb:af:73:
                    2d:b9:ea:8f:df:18:b9:a4:29:0a:0a:e6:42:05:bc:
                    1a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:14:AA:E8:1E:CB:79:CF:BD:76:2D:46:A2:AF:F4:9E:89:2A:75:7C
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/phSq6B7Lec-9di1Goq_0nokqdXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.153.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:5b:32:8f:67:77:0b:93:ab:df:f8:ec:55:37:0c:51:7c:7d:
         a1:2a:08:76:3f:26:5e:18:4b:bb:e6:26:f2:8f:3b:71:8f:4f:
         16:31:62:c5:92:7c:45:ee:39:e7:07:71:4b:0f:f8:23:d2:4e:
         cc:ea:9f:dc:3d:1d:08:39:f2:46:6e:e0:a5:76:a2:35:82:7c:
         cc:f8:b9:61:5d:e1:b9:12:51:d1:1b:0e:96:8b:ee:3d:66:ab:
         50:b5:fe:5c:68:13:52:d0:91:ec:ac:cd:6e:1a:02:04:ac:da:
         24:39:39:2f:c3:74:b9:d4:53:aa:35:7f:73:e8:8a:0e:5d:1b:
         7d:11:42:b3:7b:89:06:8b:a8:ae:fd:33:f7:ba:41:41:9a:9b:
         5d:13:b9:e0:e3:46:cf:37:9d:d3:d8:f1:12:49:de:34:bc:91:
         b2:7b:42:73:2b:09:b0:b7:c8:b6:da:2a:3c:55:97:54:75:ef:
         f6:d6:da:6b:03:a8:1c:25:e5:1c:b1:01:8d:13:5d:5e:54:8d:
         89:37:55:0e:61:51:3c:8c:bd:74:85:49:6f:7a:f1:62:f9:49:
         80:d1:e2:36:7b:6d:08:1d:1f:8f:d2:eb:a1:64:f6:d6:ca:32:
         3a:f2:ae:b8:de:19:29:92:3b:17:fa:e6:9d:2e:51:38:80:8f:
         aa:c7:5c:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5ffPnjXg97Rkj8viY1Bi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMTAxMTIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE0YWFlODFlY2I3OWNmYmQ3NjJkNDZhMmFmZjQ5ZTg5MmE3NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihY767lhH64hpWF5yxsr62fgRBmH
DVNVbKU8hfS8sYlxsj9cN6WXqmXGgXsPtpX+vFKYTiQK/uGhETuf85GzJCOrwiJi
gzx/63MJP8LOQuOlkAEiWzz0UixfjmleAgPczaAeHCXB0rl0Tue2CyKt7bUcH+6J
CH1Nj/WqYeoy1J0N9sj1OX+Pg+BjN5RDO3r6hXQhi4W3ZscaGnsUoSlaswDHBy1X
dY1WLFSCqcEyJGRFMoAhYufBRfu4hAGZ+J2k814RevqpiEyEprtr8R16cWAFhqox
RAhB9Mag//Dn3B/6YIXlb/tN2VWlPWfrr3MtueqP3xi5pCkKCuZCBbwaDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYUqugey3nPvXYtRqKv9J6JKnV8MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcGhTcTZCN0xlYy05ZGkxR29xXzBub2txZFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmeMA0G
CSqGSIb3DQEBCwUAA4IBAQCWWzKPZ3cLk6vf+OxVNwxRfH2hKgh2PyZeGEu75iby
jztxj08WMWLFknxF7jnnB3FLD/gj0k7M6p/cPR0IOfJGbuCldqI1gnzM+LlhXeG5
ElHRGw6Wi+49ZqtQtf5caBNS0JHsrM1uGgIErNokOTkvw3S51FOqNX9z6IoOXRt9
EUKze4kGi6iu/TP3ukFBmptdE7ng40bPN53T2PESSd40vJGye0JzKwmwt8i22io8
VZdUde/21tprA6gcJeUcsQGNE11eVI2JN1UOYVE8jL10hUlvevFi+UmA0eI2e20I
HR+P0uuhZPbWyjI68q643hkpkjsX+uadLlE4gI+qx1yx
-----END CERTIFICATE-----