This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/eBymUAqZyrXsauAb8neOB7R0FqA.roa
File:                     eBymUAqZyrXsauAb8neOB7R0FqA.roa (raw, json)
Hash identifier:          wowD/ZNy2Gh6RNTsjMg8v4b4d4GuZYTg//SMNlCdkxg=
Subject key identifier:   78:1C:A6:50:0A:99:CA:B5:EC:6A:E0:1B:F2:77:8E:07:B4:74:16:A0
Certificate issuer:       /CN=d6a553612d94b091b3659b2120bc8efb260e7d30
Certificate serial:       019A96C2A300BD93081E5A7E3B7729DEE485
Authority key identifier: D6:A5:53:61:2D:94:B0:91:B3:65:9B:21:20:BC:8E:FB:26:0E:7D:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1qVTYS2UsJGzZZshILyO-yYOfTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/eBymUAqZyrXsauAb8neOB7R0FqA.roa
Signing time:             Tue 18 Nov 2025 11:38:49 +0000
ROA not before:           Tue 18 Nov 2025 11:38:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     203796
IP address blocks:        2a14:8280::/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/1qVTYS2UsJGzZZshILyO-yYOfTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/1qVTYS2UsJGzZZshILyO-yYOfTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1qVTYS2UsJGzZZshILyO-yYOfTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Nov 2025 06:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:96:c2:a3:00:bd:93:08:1e:5a:7e:3b:77:29:de:e4:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6a553612d94b091b3659b2120bc8efb260e7d30
        Validity
            Not Before: Nov 18 11:38:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=781ca6500a99cab5ec6ae01bf2778e07b47416a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9c:d5:e4:b7:a2:c5:4e:76:0b:f0:ab:42:52:
                    5e:5d:50:4b:6e:bb:d7:a0:a0:86:9b:e4:c6:cd:91:
                    32:13:cd:e3:5d:39:77:c3:7a:b4:02:42:7e:3f:f4:
                    48:7c:b2:f2:86:71:1f:d2:00:e0:21:45:4b:dd:9a:
                    f5:b4:f5:6f:80:0f:25:7c:d8:2a:1a:30:e1:be:62:
                    bb:30:f9:e6:da:f0:7a:a7:0f:e2:44:ef:2c:3c:89:
                    d7:55:dc:d7:68:69:af:b8:b4:b7:de:47:c9:c3:c5:
                    d3:4d:01:11:85:d2:ce:0c:3c:49:1e:ee:f1:b9:87:
                    74:71:03:f1:06:6b:9a:ce:b8:ee:18:e9:32:aa:ec:
                    d6:a4:cb:0d:7b:b1:c3:26:20:3e:6d:5d:5c:f4:5d:
                    3b:91:89:f1:2e:72:78:c2:d6:63:e8:5e:10:30:11:
                    30:01:69:e0:4c:02:ae:c0:eb:65:b3:28:57:ef:ac:
                    ba:ca:2d:6e:ac:a2:e2:0c:4f:03:0c:0d:3f:7d:82:
                    b4:81:df:40:c4:52:9e:e1:39:1c:87:e5:ed:2b:a3:
                    8e:f3:78:9b:dc:ae:51:61:95:fd:4f:99:79:45:db:
                    99:a8:80:90:bb:e0:1e:ff:b5:9d:fd:07:9d:b2:84:
                    15:1b:20:1b:92:df:de:43:f7:4b:7c:b3:c5:c1:2e:
                    d8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:1C:A6:50:0A:99:CA:B5:EC:6A:E0:1B:F2:77:8E:07:B4:74:16:A0
            X509v3 Authority Key Identifier:
                keyid:D6:A5:53:61:2D:94:B0:91:B3:65:9B:21:20:BC:8E:FB:26:0E:7D:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qVTYS2UsJGzZZshILyO-yYOfTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/eBymUAqZyrXsauAb8neOB7R0FqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/188fcd-d689-436d-a684-e05906cb6948/1/1qVTYS2UsJGzZZshILyO-yYOfTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:8280::/29

    Signature Algorithm: sha256WithRSAEncryption
         80:5b:4f:8f:4e:2d:6e:67:19:74:e9:76:ee:d7:7a:bb:50:b8:
         ff:1f:c7:7f:08:35:d2:28:f0:83:71:18:4d:72:53:d8:c4:08:
         04:9f:9c:7a:ba:57:5e:ab:d5:47:64:f8:3c:47:8d:f8:27:4a:
         a2:68:91:a6:8c:7a:c1:38:a5:ca:71:41:f2:a1:1d:6a:78:75:
         97:d1:68:74:e9:98:c6:ba:0c:49:d4:83:24:28:c1:b7:cf:df:
         48:66:d8:4f:10:15:7f:98:ef:d0:86:56:84:2f:c8:b8:e9:c4:
         8a:1d:f1:29:b0:1f:7e:06:02:89:de:4d:bd:fb:19:15:8a:44:
         79:bb:45:d2:bd:6f:a3:1c:6c:43:9a:5e:98:97:67:d1:de:8c:
         77:fd:b3:7f:b1:69:51:9b:cf:be:1f:7b:45:49:e8:fe:a5:74:
         53:69:78:4a:40:f9:aa:6d:63:ca:fd:35:93:94:40:4c:b3:57:
         34:d7:0b:23:43:06:9b:68:46:72:cf:95:e1:fd:b9:10:20:a7:
         ec:6d:56:bf:4a:f4:1f:59:ed:61:aa:46:6a:ce:08:9c:aa:2a:
         5a:f9:39:e6:f1:ba:a6:80:43:6c:bd:fb:c0:14:9e:03:5d:ee:
         6f:46:01:dc:4a:2b:1f:f4:b2:ff:2c:72:31:46:e6:15:ab:c2:
         aa:95:ed:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZqWwqMAvZMIHlp+O3cp3uSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YTU1MzYxMmQ5NGIwOTFiMzY1OWIyMTIwYmM4ZWZiMjYw
ZTdkMzAwHhcNMjUxMTE4MTEzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFjYTY1MDBhOTljYWI1ZWM2YWUwMWJmMjc3OGUwN2I0NzQxNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZzV5LeixU52C/CrQlJeXVBLbrvX
oKCGm+TGzZEyE83jXTl3w3q0AkJ+P/RIfLLyhnEf0gDgIUVL3Zr1tPVvgA8lfNgq
GjDhvmK7MPnm2vB6pw/iRO8sPInXVdzXaGmvuLS33kfJw8XTTQERhdLODDxJHu7x
uYd0cQPxBmuazrjuGOkyquzWpMsNe7HDJiA+bV1c9F07kYnxLnJ4wtZj6F4QMBEw
AWngTAKuwOtlsyhX76y6yi1urKLiDE8DDA0/fYK0gd9AxFKe4Tkch+XtK6OO83ib
3K5RYZX9T5l5RduZqICQu+Ae/7Wd/QedsoQVGyAbkt/eQ/dLfLPFwS7YUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHgcplAKmcq17GrgG/J3jge0dBagMB8GA1UdIwQY
MBaAFNalU2EtlLCRs2WbISC8jvsmDn0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFWVFlTMlVzSkd6WlpzaElMeU8teVlPZlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODhmY2QtZDY4OS00MzZkLWE2ODQt
ZTA1OTA2Y2I2OTQ4LzEvZUJ5bVVBcVp5clhzYXVBYjhuZU9CN1IwRnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xODhmY2QtZDY4OS00MzZkLWE2ODQtZTA1OTA2Y2I2OTQ4
LzEvMXFWVFlTMlVzSkd6WlpzaElMeU8teVlPZlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSCgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgFtPj04tbmcZdOl27td6u1C4/x/Hfwg10ijwg3EY
TXJT2MQIBJ+cerpXXqvVR2T4PEeN+CdKomiRpox6wTilynFB8qEdanh1l9FodOmY
xroMSdSDJCjBt8/fSGbYTxAVf5jv0IZWhC/IuOnEih3xKbAffgYCid5NvfsZFYpE
ebtF0r1voxxsQ5pemJdn0d6Md/2zf7FpUZvPvh97RUno/qV0U2l4SkD5qm1jyv01
k5RATLNXNNcLI0MGm2hGcs+V4f25ECCn7G1Wv0r0H1ntYapGas4InKoqWvk55vG6
poBDbL37wBSeA13ub0YB3EorH/Sy/yxyMUbmFavCqpXtag==
-----END CERTIFICATE-----