This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Ix4OiCGslJTscGc7-wU3M6G7S8U.roa
File:                     Ix4OiCGslJTscGc7-wU3M6G7S8U.roa (raw, json)
Hash identifier:          AJvqjWQ+n7SY8hOMaDOiq7u0d8v8pOsglCAwmm0/6rk=
Subject key identifier:   23:1E:0E:88:21:AC:94:94:EC:70:67:3B:FB:05:37:33:A1:BB:4B:C5
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       019B7C133C1D125CE3E05E78670DDCBC5DA4
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Ix4OiCGslJTscGc7-wU3M6G7S8U.roa
Signing time:             Fri 02 Jan 2026 00:19:53 +0000
ROA not before:           Fri 02 Jan 2026 00:19:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202723
IP address blocks:        185.75.134.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 13:16:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:3c:1d:12:5c:e3:e0:5e:78:67:0d:dc:bc:5d:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  2 00:19:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=231e0e8821ac9494ec70673bfb053733a1bb4bc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:9b:44:c6:d7:22:d6:e8:dd:4c:a7:4e:00:2f:
                    b3:19:23:9f:cb:d1:69:6b:47:f3:b1:0a:27:61:3c:
                    d0:76:29:49:c7:2d:02:f1:d1:80:69:70:9d:8f:c5:
                    f3:32:83:3a:70:97:09:87:2b:b2:b6:98:f5:56:3b:
                    eb:19:d0:d7:f5:d2:e1:13:03:87:ce:37:a4:97:bb:
                    82:0f:7a:a3:65:c6:49:fb:8e:16:0a:31:53:14:92:
                    cc:0e:cb:f0:bf:28:28:dd:02:93:cd:00:1c:3a:47:
                    cd:25:dd:3d:ea:bc:ad:c9:92:f3:ae:2f:3e:9d:6d:
                    cf:2a:04:67:f8:22:21:d1:4e:75:c8:cc:52:a2:44:
                    c2:66:02:a0:23:f3:c4:d4:cd:ad:a2:72:9e:36:2f:
                    54:a1:7a:d4:81:d8:27:c1:7c:ef:35:0d:8a:32:66:
                    44:a3:e5:6a:ea:a3:cc:b8:56:f3:de:da:1c:66:0a:
                    4a:9e:4f:67:d1:b5:8c:7d:e8:ab:28:ff:aa:b5:b1:
                    37:9f:9b:2c:3f:eb:cc:8e:ba:8d:8b:20:a9:5d:d7:
                    73:1a:81:04:2e:fb:2e:eb:78:80:cd:d5:3d:1b:ad:
                    d8:6f:f8:5e:9a:24:f8:2e:b1:2c:bf:df:a8:c6:f7:
                    44:b2:87:cc:30:8a:82:c8:57:5a:4b:9c:12:5c:4b:
                    aa:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:1E:0E:88:21:AC:94:94:EC:70:67:3B:FB:05:37:33:A1:BB:4B:C5
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Ix4OiCGslJTscGc7-wU3M6G7S8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:5d:b6:06:49:bb:ac:ad:55:01:97:a9:64:b0:ea:e3:f2:4c:
         be:f7:58:6d:15:d1:bb:a5:1f:0d:74:7e:3c:ab:61:bd:e5:8e:
         54:da:04:bf:fe:9c:8f:89:b9:cf:0e:f6:21:d2:b7:54:80:10:
         3b:98:59:93:32:8f:2a:d6:db:b4:97:d9:7b:93:2e:8b:ac:79:
         eb:f1:85:84:f4:0e:36:fa:f9:53:ce:ab:5c:de:cb:6a:d3:d9:
         a8:40:25:47:a5:98:b9:8b:97:fa:ad:3e:43:e3:4a:d2:ec:1b:
         b9:e6:51:e7:04:1c:93:0c:fa:fc:e0:d8:1d:4a:25:52:e9:1e:
         31:21:1d:c0:53:06:64:4e:d0:e2:ec:41:75:26:1b:e5:04:84:
         d6:d2:fc:52:61:db:e4:10:4b:90:39:a9:de:44:3c:91:71:a6:
         b0:9f:ec:ff:49:47:6d:0f:3a:c2:25:d4:7a:7d:16:77:09:9b:
         9e:f9:5a:1c:27:62:e9:c5:e2:69:6c:18:d8:b6:60:5e:f8:19:
         0a:de:25:4b:d7:85:3f:0e:54:e8:73:e2:9b:ca:b0:9a:54:52:
         97:5b:ec:3c:07:51:2a:37:fc:09:f3:ab:79:bd:10:c5:f6:9a:
         25:91:d5:32:ef:e1:0f:e8:21:bf:8d:69:b0:2c:3c:38:4d:b6:
         49:e0:1e:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8EzwdElzj4F54Zw3cvF2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjYwMTAyMDAxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFlMGU4ODIxYWM5NDk0ZWM3MDY3M2JmYjA1MzczM2ExYmI0YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZtExtci1ujdTKdOAC+zGSOfy9Fp
a0fzsQonYTzQdilJxy0C8dGAaXCdj8XzMoM6cJcJhyuytpj1VjvrGdDX9dLhEwOH
zjekl7uCD3qjZcZJ+44WCjFTFJLMDsvwvygo3QKTzQAcOkfNJd096rytyZLzri8+
nW3PKgRn+CIh0U51yMxSokTCZgKgI/PE1M2tonKeNi9UoXrUgdgnwXzvNQ2KMmZE
o+Vq6qPMuFbz3tocZgpKnk9n0bWMfeirKP+qtbE3n5ssP+vMjrqNiyCpXddzGoEE
Lvsu63iAzdU9G63Yb/hemiT4LrEsv9+oxvdEsofMMIqCyFdaS5wSXEuqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMeDoghrJSU7HBnO/sFNzOhu0vFMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSXg0T2lDR3NsSlRzY0djNy13VTNNNkc3UzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUuGMA0G
CSqGSIb3DQEBCwUAA4IBAQBRXbYGSbusrVUBl6lksOrj8ky+91htFdG7pR8NdH48
q2G95Y5U2gS//pyPibnPDvYh0rdUgBA7mFmTMo8q1tu0l9l7ky6LrHnr8YWE9A42
+vlTzqtc3stq09moQCVHpZi5i5f6rT5D40rS7Bu55lHnBByTDPr84NgdSiVS6R4x
IR3AUwZkTtDi7EF1JhvlBITW0vxSYdvkEEuQOaneRDyRcaawn+z/SUdtDzrCJdR6
fRZ3CZue+VocJ2LpxeJpbBjYtmBe+BkK3iVL14U/DlToc+KbyrCaVFKXW+w8B1Eq
N/wJ86t5vRDF9polkdUy7+EP6CG/jWmwLDw4TbZJ4B7c
-----END CERTIFICATE-----