This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/aX67thVuhkTa2S1WbEsDaaxyx_U.roa
File:                     aX67thVuhkTa2S1WbEsDaaxyx_U.roa (raw, json)
Hash identifier:          e6/sW4ioMZgIWgsgRys4jC3T5C0ZPSKh0y+ZX7aZe5E=
Subject key identifier:   69:7E:BB:B6:15:6E:86:44:DA:D9:2D:56:6C:4B:03:69:AC:72:C7:F5
Certificate issuer:       /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial:       019B791046E74CE1199CF3EAB6B3599CC072
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/aX67thVuhkTa2S1WbEsDaaxyx_U.roa
Signing time:             Thu 01 Jan 2026 10:17:48 +0000
ROA not before:           Thu 01 Jan 2026 10:17:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        178.21.148.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:46:e7:4c:e1:19:9c:f3:ea:b6:b3:59:9c:c0:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
        Validity
            Not Before: Jan  1 10:17:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=697ebbb6156e8644dad92d566c4b0369ac72c7f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:d9:62:fb:ec:ab:cf:05:29:c4:6a:92:6f:f8:
                    9f:9e:ea:cc:a9:6e:9e:33:9c:15:0f:d8:2d:cb:cf:
                    fd:79:70:91:ce:6a:e8:8f:1c:f0:a6:ce:17:a7:21:
                    31:ad:d2:dd:9e:4c:3e:e5:41:8f:4c:b3:1d:a0:7e:
                    5a:d4:78:a4:75:54:24:af:99:71:74:8e:0e:65:c3:
                    bd:ed:68:65:43:ae:c4:ed:0e:80:2c:f6:a7:79:e1:
                    09:d3:dc:88:ce:3b:78:0a:db:f9:a6:06:17:b2:96:
                    e3:a2:bd:9b:f7:48:23:0a:e8:08:7a:95:da:32:2e:
                    85:85:f4:67:48:1e:9a:1e:e9:6f:1e:29:81:1e:dd:
                    28:2d:43:a0:72:73:44:36:dc:6f:98:d3:8d:95:2e:
                    4c:25:e0:39:b7:92:fe:a9:62:28:3b:53:61:25:65:
                    a7:b1:76:54:eb:93:32:66:81:af:f4:b3:ae:4e:f2:
                    e1:5a:41:ac:5c:ea:2f:41:04:16:a3:36:49:bd:7c:
                    01:18:12:6a:bd:94:8a:8d:fa:d0:2e:b9:72:6a:96:
                    04:20:8c:f0:21:7e:5f:67:ee:41:39:c2:df:c2:9d:
                    a4:73:37:2d:d5:ca:1b:62:68:c6:2a:ac:8b:24:1a:
                    c5:48:52:2d:97:48:f5:58:51:f2:98:38:0c:02:cd:
                    2b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7E:BB:B6:15:6E:86:44:DA:D9:2D:56:6C:4B:03:69:AC:72:C7:F5
            X509v3 Authority Key Identifier:
                keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/aX67thVuhkTa2S1WbEsDaaxyx_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:db:4b:60:a3:ef:00:7b:b1:4e:62:fc:1d:89:17:a6:7d:a3:
         04:01:a7:fd:c4:4d:56:f1:f9:80:53:fa:b8:95:6c:94:cc:50:
         6c:4c:b9:39:7c:a4:92:3f:9e:c7:f8:b4:de:60:0d:9e:be:ff:
         7d:2d:62:20:53:43:55:a7:11:18:91:e0:2b:f3:9f:6e:11:20:
         d6:48:9c:c1:47:ec:fa:cc:4e:42:70:ca:f9:ca:ea:09:4a:a1:
         02:ea:8b:57:52:8b:5d:f6:8a:53:3c:37:51:ac:86:6d:ce:9e:
         c4:fa:ec:b8:e5:fb:6f:5d:26:d7:9e:7f:04:8e:79:27:96:1f:
         b8:3a:ae:7b:0a:57:91:1b:d6:cd:1c:9f:c3:75:69:eb:e2:0b:
         e0:23:d2:64:6c:c8:0f:3a:a9:cd:f3:d7:48:a1:0f:68:66:d1:
         f1:c5:0c:3e:b3:48:53:32:b5:f4:6d:f9:7c:29:8e:51:fa:7e:
         d1:32:3b:0e:58:0d:ac:91:1c:0b:3d:5f:18:14:5e:46:55:be:
         88:44:e9:12:1b:7f:2f:f4:6e:92:2a:ef:f4:17:59:b8:1b:f0:
         56:c9:d9:0e:b6:21:e4:eb:54:ae:be:58:04:4b:90:05:e7:58:
         f4:b5:6b:0f:67:09:32:23:39:ee:29:75:6a:62:be:2f:2b:36:
         c8:e0:98:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EEbnTOEZnPPqtrNZnMByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjYwMTAxMTAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdlYmJiNjE1NmU4NjQ0ZGFkOTJkNTY2YzRiMDM2OWFjNzJjN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nli++yrzwUpxGqSb/ifnurMqW6e
M5wVD9gty8/9eXCRzmrojxzwps4XpyExrdLdnkw+5UGPTLMdoH5a1HikdVQkr5lx
dI4OZcO97WhlQ67E7Q6ALPaneeEJ09yIzjt4Ctv5pgYXspbjor2b90gjCugIepXa
Mi6FhfRnSB6aHulvHimBHt0oLUOgcnNENtxvmNONlS5MJeA5t5L+qWIoO1NhJWWn
sXZU65MyZoGv9LOuTvLhWkGsXOovQQQWozZJvXwBGBJqvZSKjfrQLrlyapYEIIzw
IX5fZ+5BOcLfwp2kczct1cobYmjGKqyLJBrFSFItl0j1WFHymDgMAs0r8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl+u7YVboZE2tktVmxLA2mscsf1MB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvYVg2N3RoVnVoa1RhMlMxV2JFc0RhYXh5eF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshWUMA0G
CSqGSIb3DQEBCwUAA4IBAQA820tgo+8Ae7FOYvwdiRemfaMEAaf9xE1W8fmAU/q4
lWyUzFBsTLk5fKSSP57H+LTeYA2evv99LWIgU0NVpxEYkeAr859uESDWSJzBR+z6
zE5CcMr5yuoJSqEC6otXUotd9opTPDdRrIZtzp7E+uy45ftvXSbXnn8Ejnknlh+4
Oq57CleRG9bNHJ/DdWnr4gvgI9JkbMgPOqnN89dIoQ9oZtHxxQw+s0hTMrX0bfl8
KY5R+n7RMjsOWA2skRwLPV8YFF5GVb6IROkSG38v9G6SKu/0F1m4G/BWydkOtiHk
61SuvlgES5AF51j0tWsPZwkyIznuKXVqYr4vKzbI4Jg4
-----END CERTIFICATE-----