This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Fet2VkbNn8RduimGMfmGmPn-6ns.roa
File:                     Fet2VkbNn8RduimGMfmGmPn-6ns.roa (raw, json)
Hash identifier:          zsGi88dcY4x4vbC0NITr6Ine1V6zKc7yF+lYCMFPRi8=
Subject key identifier:   15:EB:76:56:46:CD:9F:C4:5D:BA:29:86:31:F9:86:98:F9:FE:EA:7B
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       019B7F15A48BED219C15D0C0550C6B421DAD
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Fet2VkbNn8RduimGMfmGmPn-6ns.roa
Signing time:             Fri 02 Jan 2026 14:21:23 +0000
ROA not before:           Fri 02 Jan 2026 14:21:23 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     52374
IP address blocks:        2.20.46.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 07:45:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:a4:8b:ed:21:9c:15:d0:c0:55:0c:6b:42:1d:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Jan  2 14:21:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=15eb765646cd9fc45dba298631f98698f9feea7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:91:cb:17:3c:bb:e8:94:3e:a8:27:04:06:5c:
                    ab:8e:10:17:85:a0:5b:49:19:4f:fb:78:cf:63:63:
                    ff:6b:cd:16:f0:a5:b5:3d:27:62:72:57:80:17:bc:
                    11:5d:07:14:c2:57:87:62:41:f5:32:52:30:ff:c0:
                    fb:70:ec:d4:5f:3a:53:8e:73:38:38:b3:c2:f6:04:
                    b8:b7:6e:0e:b7:45:21:2d:a7:7c:6d:0c:a1:0a:70:
                    43:85:12:06:29:93:0b:8a:ed:ca:d0:8f:05:49:85:
                    9f:9d:4d:1e:47:9a:8a:35:88:ec:20:68:81:87:6b:
                    5e:44:b7:20:71:1d:f4:2b:38:8a:e8:9f:b9:73:9a:
                    ca:2d:0c:0c:94:97:5a:c9:53:46:13:53:5e:a6:72:
                    c9:8f:06:02:b8:2c:96:d7:a1:96:54:bc:78:63:3b:
                    05:d1:42:9f:93:57:0b:69:a8:07:f9:b2:8e:0a:49:
                    9d:5d:46:d2:e6:c0:23:b3:58:31:c2:da:61:73:04:
                    13:91:c4:3a:53:82:4c:d6:29:40:65:29:63:e0:b7:
                    5c:2a:cf:5e:c6:9d:22:ab:f7:49:df:5e:7e:31:1a:
                    8e:80:f2:9e:fd:e7:06:0c:c3:33:03:ce:30:1a:9a:
                    e3:3e:aa:03:f3:fe:7f:fe:99:e2:10:af:e1:42:f0:
                    5b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:EB:76:56:46:CD:9F:C4:5D:BA:29:86:31:F9:86:98:F9:FE:EA:7B
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Fet2VkbNn8RduimGMfmGmPn-6ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.20.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ce:01:22:41:97:50:78:ef:bf:cc:f4:b1:3b:6a:26:02:ec:
         45:cd:72:dc:ae:60:c1:03:3d:cc:b8:7f:33:12:0f:6c:7b:d8:
         88:fa:ea:24:f0:5b:f7:b1:d5:57:88:5c:97:57:ef:cb:6d:8e:
         d0:d3:ee:3f:f9:43:ac:1a:e8:82:31:ba:c6:b6:7e:fe:4e:db:
         d4:86:e4:33:fd:21:89:c4:8f:11:d7:29:c8:f4:ae:5f:83:6c:
         a4:4b:ee:49:45:10:c2:ef:d7:3a:26:bf:b7:d5:bb:41:3a:9d:
         c8:a6:14:84:10:34:0e:3f:c2:50:15:63:81:f8:7e:c5:33:34:
         7c:c7:f2:8f:a9:97:23:79:e8:4b:47:fe:cd:97:dd:d6:2f:43:
         f7:b1:0f:92:99:67:1c:03:0e:c9:81:be:cc:31:1f:1a:43:be:
         1c:b8:47:98:7a:49:b1:11:7f:43:1f:83:22:6b:1b:b1:71:93:
         bd:2b:6f:d6:93:5e:ea:12:b7:05:20:36:61:38:6c:19:c0:e8:
         12:e9:2f:e7:83:da:4c:db:84:72:93:76:ff:19:c5:55:54:85:
         8d:65:3b:67:39:eb:60:c0:13:82:ee:76:c2:b3:0c:ff:b1:d0:
         67:14:f3:d1:7a:5b:4e:25:a4:91:fe:1d:85:d4:58:21:48:eb:
         bd:e4:7d:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FaSL7SGcFdDAVQxrQh2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjYwMTAyMTQyMTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWViNzY1NjQ2Y2Q5ZmM0NWRiYTI5ODYzMWY5ODY5OGY5ZmVlYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJHLFzy76JQ+qCcEBlyrjhAXhaBb
SRlP+3jPY2P/a80W8KW1PSdicleAF7wRXQcUwleHYkH1MlIw/8D7cOzUXzpTjnM4
OLPC9gS4t24Ot0UhLad8bQyhCnBDhRIGKZMLiu3K0I8FSYWfnU0eR5qKNYjsIGiB
h2teRLcgcR30KziK6J+5c5rKLQwMlJdayVNGE1NepnLJjwYCuCyW16GWVLx4YzsF
0UKfk1cLaagH+bKOCkmdXUbS5sAjs1gxwtphcwQTkcQ6U4JM1ilAZSlj4LdcKs9e
xp0iq/dJ315+MRqOgPKe/ecGDMMzA84wGprjPqoD8/5//pniEK/hQvBbxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXrdlZGzZ/EXbophjH5hpj5/up7MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvRmV0MlZrYk5uOFJkdWltR01mbUdtUG4tNm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhQuMA0G
CSqGSIb3DQEBCwUAA4IBAQCIzgEiQZdQeO+/zPSxO2omAuxFzXLcrmDBAz3MuH8z
Eg9se9iI+uok8Fv3sdVXiFyXV+/LbY7Q0+4/+UOsGuiCMbrGtn7+TtvUhuQz/SGJ
xI8R1ynI9K5fg2ykS+5JRRDC79c6Jr+31btBOp3IphSEEDQOP8JQFWOB+H7FMzR8
x/KPqZcjeehLR/7Nl93WL0P3sQ+SmWccAw7Jgb7MMR8aQ74cuEeYekmxEX9DH4Mi
axuxcZO9K2/Wk17qErcFIDZhOGwZwOgS6S/ng9pM24Ryk3b/GcVVVIWNZTtnOetg
wBOC7nbCswz/sdBnFPPReltOJaSR/h2F1FghSOu95H1U
-----END CERTIFICATE-----