This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ZIzWdYCWEqP0nRUrAP6zh-QOsuE.roa
File:                     ZIzWdYCWEqP0nRUrAP6zh-QOsuE.roa (raw, json)
Hash identifier:          MUIcfPisY1eMFVRSw9BY2JjDKL1V86i8a+65UUghrL0=
Subject key identifier:   64:8C:D6:75:80:96:12:A3:F4:9D:15:2B:00:FE:B3:87:E4:0E:B2:E1
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       019BD1D9A16786EA79F4D2138ED3BA103C7F
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ZIzWdYCWEqP0nRUrAP6zh-QOsuE.roa
Signing time:             Sun 18 Jan 2026 16:04:19 +0000
ROA not before:           Sun 18 Jan 2026 16:04:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214025
IP address blocks:        185.155.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 19:27:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:d1:d9:a1:67:86:ea:79:f4:d2:13:8e:d3:ba:10:3c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Jan 18 16:04:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=648cd675809612a3f49d152b00feb387e40eb2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:41:b2:1e:96:05:39:7c:bf:d2:b3:cb:27:83:
                    dd:10:91:63:eb:17:f7:d1:a5:f5:8b:43:b0:eb:18:
                    2e:d7:d0:51:09:33:50:cb:2c:34:66:b2:e0:48:b1:
                    b1:83:80:00:11:83:b1:62:d4:d5:6a:54:cb:4b:5e:
                    08:67:93:0a:e8:5f:fc:30:7a:04:ff:f4:21:c4:f4:
                    89:9f:af:52:2c:ae:54:bf:f8:f0:4b:9b:21:8d:6e:
                    e6:b2:48:e9:7f:71:31:12:e0:71:82:88:b9:3f:dc:
                    7f:36:c8:c6:bd:43:3b:5e:3d:58:ab:31:13:ee:c4:
                    b8:77:fe:6e:81:7e:fd:19:d7:1b:bb:d2:57:fe:bf:
                    8a:c6:e7:7c:50:65:36:50:1d:5c:d5:18:4f:59:58:
                    5c:0d:3e:f5:a7:06:56:58:75:38:ed:7f:2b:c6:da:
                    26:8e:2f:a0:df:d1:9e:71:a7:fc:00:0c:53:e8:c2:
                    75:b9:17:b1:48:e2:0f:97:0c:92:17:0b:f2:2c:68:
                    2b:4d:0c:4f:db:d2:e7:91:51:bf:43:fb:ff:90:81:
                    67:a0:db:93:f7:b0:4b:3b:f1:b5:96:1b:c2:9f:9d:
                    53:44:bd:59:ca:fe:77:26:e6:c0:d6:e9:ef:fc:65:
                    b5:c4:16:79:43:e5:f0:f9:55:d4:41:0a:21:1f:fa:
                    59:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8C:D6:75:80:96:12:A3:F4:9D:15:2B:00:FE:B3:87:E4:0E:B2:E1
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ZIzWdYCWEqP0nRUrAP6zh-QOsuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:90:2c:2d:14:9e:51:bf:01:db:4a:96:e7:ec:ac:49:fb:7b:
         c8:5d:f2:b2:fa:25:ff:06:15:3b:21:b1:96:1c:b1:32:bd:49:
         4d:43:60:ce:d2:e6:d9:76:0e:48:60:d9:d6:78:fe:67:d3:25:
         f7:7e:97:7d:de:21:89:b6:2b:18:70:64:89:5b:6d:b9:c6:a3:
         6b:47:0d:c0:b1:cf:b9:59:56:91:ac:cc:d5:4d:bd:a4:d7:b3:
         b9:f3:4f:7a:45:bd:1d:37:ad:56:bf:83:f6:4e:1a:d6:4d:ad:
         17:a6:56:3d:28:82:20:42:57:8b:c5:15:c5:25:e2:33:3c:c0:
         ad:4f:cf:16:b8:65:52:67:6c:52:0c:c2:5f:0c:ed:ad:02:b1:
         fd:4c:d5:af:d8:ee:c9:61:b1:d7:37:a0:c3:5c:64:35:99:62:
         f6:4f:0c:f3:64:b1:8f:7a:4a:1b:10:95:6b:b1:06:30:5d:e7:
         0e:2f:e9:bd:7a:67:f8:90:09:f2:33:0f:fe:33:84:74:99:1d:
         ab:90:2a:76:11:3d:1f:f9:ed:09:ae:07:bf:d1:14:74:01:11:
         e6:26:8a:24:dd:46:ed:94:58:ce:33:a6:51:29:30:c2:10:a7:
         5b:81:2a:34:87:9e:05:6b:e3:c6:b9:e3:64:11:e6:a0:49:f4:
         c8:3e:66:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvR2aFnhup59NITjtO6EDx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjYwMTE4MTYwNDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDhjZDY3NTgwOTYxMmEzZjQ5ZDE1MmIwMGZlYjM4N2U0MGViMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEGyHpYFOXy/0rPLJ4PdEJFj6xf3
0aX1i0Ow6xgu19BRCTNQyyw0ZrLgSLGxg4AAEYOxYtTValTLS14IZ5MK6F/8MHoE
//QhxPSJn69SLK5Uv/jwS5shjW7mskjpf3ExEuBxgoi5P9x/NsjGvUM7Xj1YqzET
7sS4d/5ugX79Gdcbu9JX/r+Kxud8UGU2UB1c1RhPWVhcDT71pwZWWHU47X8rxtom
ji+g39Gecaf8AAxT6MJ1uRexSOIPlwySFwvyLGgrTQxP29LnkVG/Q/v/kIFnoNuT
97BLO/G1lhvCn51TRL1Zyv53JubA1unv/GW1xBZ5Q+Xw+VXUQQohH/pZtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSM1nWAlhKj9J0VKwD+s4fkDrLhMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvWkl6V2RZQ1dFcVAwblJVckFQNnpoLVFPc3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZs1MA0G
CSqGSIb3DQEBCwUAA4IBAQBUkCwtFJ5RvwHbSpbn7KxJ+3vIXfKy+iX/BhU7IbGW
HLEyvUlNQ2DO0ubZdg5IYNnWeP5n0yX3fpd93iGJtisYcGSJW225xqNrRw3Asc+5
WVaRrMzVTb2k17O58096Rb0dN61Wv4P2ThrWTa0XplY9KIIgQleLxRXFJeIzPMCt
T88WuGVSZ2xSDMJfDO2tArH9TNWv2O7JYbHXN6DDXGQ1mWL2TwzzZLGPekobEJVr
sQYwXecOL+m9emf4kAnyMw/+M4R0mR2rkCp2ET0f+e0Jrge/0RR0ARHmJook3Ubt
lFjOM6ZRKTDCEKdbgSo0h54Fa+PGueNkEeagSfTIPmar
-----END CERTIFICATE-----