This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/jbu7YVaEChenzG9Nd_JwZvXoWTI.roa
File:                     jbu7YVaEChenzG9Nd_JwZvXoWTI.roa (raw, json)
Hash identifier:          xb+DIZFFqeE3EtRAWh6vIJmLk/CrtqEEWekcTpnXn0A=
Subject key identifier:   8D:BB:BB:61:56:84:0A:17:A7:CC:6F:4D:77:F2:70:66:F5:E8:59:32
Certificate issuer:       /CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
Certificate serial:       019B7B3575B3BF0C249B8C1028A073244439
Authority key identifier: 78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/jbu7YVaEChenzG9Nd_JwZvXoWTI.roa
Signing time:             Thu 01 Jan 2026 20:17:39 +0000
ROA not before:           Thu 01 Jan 2026 20:17:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     19905
IP address blocks:        185.89.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:75:b3:bf:0c:24:9b:8c:10:28:a0:73:24:44:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
        Validity
            Not Before: Jan  1 20:17:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8dbbbb6156840a17a7cc6f4d77f27066f5e85932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8c:3b:d7:46:f9:5d:31:04:16:da:c3:a7:4d:
                    a0:64:42:43:8b:37:74:25:85:c4:df:db:ff:37:5d:
                    2d:42:f2:68:a4:80:7f:49:da:c9:f8:1c:52:48:66:
                    68:c8:1b:f1:98:48:ff:19:c2:b9:a2:ec:cb:2b:ac:
                    8a:e2:c1:7e:b0:72:75:d6:de:34:15:32:64:a8:73:
                    ac:2f:f5:e8:40:dd:75:0d:98:0d:bb:db:4d:a6:76:
                    09:e1:14:21:0d:1f:11:9e:8a:25:d9:eb:af:74:c3:
                    b7:c3:0d:f6:6c:4a:ce:a1:6e:94:af:b4:6a:27:1e:
                    44:a9:27:7c:97:4a:c2:d4:15:55:38:f6:a7:cf:28:
                    20:22:d8:df:98:e6:42:02:01:4f:b0:af:53:a6:19:
                    71:54:0b:bb:f5:98:f4:59:32:42:ae:a5:c0:c2:67:
                    b1:d2:c9:16:aa:64:ea:bc:9a:a8:cd:1e:2e:2a:2a:
                    ae:e3:c7:a1:4c:a1:84:bc:8c:50:da:2c:d7:d4:7d:
                    e8:80:6f:27:9f:1b:e3:a8:25:31:c6:5e:6a:2a:ba:
                    e2:96:ad:c2:01:42:e5:08:fc:1e:0c:46:90:d2:15:
                    53:1a:85:b0:d8:eb:e2:6b:3c:a2:d5:03:87:34:73:
                    8a:ae:3a:6c:28:78:8c:2a:77:90:35:f8:2f:f1:4c:
                    5d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:BB:BB:61:56:84:0A:17:A7:CC:6F:4D:77:F2:70:66:F5:E8:59:32
            X509v3 Authority Key Identifier:
                keyid:78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/jbu7YVaEChenzG9Nd_JwZvXoWTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.89.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:bb:ca:97:8a:61:1c:35:34:1e:fb:22:f7:93:dc:21:e6:55:
         84:c9:3d:bf:e6:72:3c:49:c0:b5:48:38:75:16:65:b5:4c:99:
         89:21:5a:25:c8:8a:39:9e:35:1c:4b:83:07:c1:ca:82:a2:41:
         34:73:57:23:44:2b:18:7a:3e:23:7d:7e:7c:37:f5:8b:04:31:
         37:27:b2:13:6a:bb:52:6d:d8:8d:0e:d3:02:83:8a:63:4d:5f:
         32:b1:74:3e:ef:d5:ce:e4:e4:f1:da:8f:c2:01:b2:01:5b:4f:
         34:b8:07:4f:f9:50:b9:75:fa:09:7a:75:ce:8c:a5:29:39:fe:
         61:d4:2a:a4:78:32:7c:4c:68:fe:4d:48:7f:4e:36:fd:1f:aa:
         39:c6:8f:19:35:83:35:63:ef:a2:56:0a:62:2d:c9:39:86:80:
         d2:7e:d1:9a:60:69:c6:16:fe:57:d1:60:14:37:be:42:4c:d1:
         e2:4c:29:ca:5f:0b:ff:fd:0f:c6:f6:98:e1:8b:ab:4e:8d:18:
         34:e5:42:e0:5c:4e:d2:f7:15:6f:03:6c:8e:7d:3c:80:1e:f8:
         92:a4:b8:da:95:5a:d0:7a:33:bd:a4:56:84:7a:2d:8e:3d:9f:
         72:3e:85:2b:26:60:50:3c:6d:ae:57:22:5e:ae:10:b6:31:34:
         ff:fb:34:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NXWzvwwkm4wQKKBzJEQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MjZiNjA0ZjZmOGMwM2ZlOWRmNmM5OGU2MWYzOWVhZWQ3
NTU1YTUwHhcNMjYwMTAxMjAxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJiYmI2MTU2ODQwYTE3YTdjYzZmNGQ3N2YyNzA2NmY1ZTg1OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuow710b5XTEEFtrDp02gZEJDizd0
JYXE39v/N10tQvJopIB/SdrJ+BxSSGZoyBvxmEj/GcK5ouzLK6yK4sF+sHJ11t40
FTJkqHOsL/XoQN11DZgNu9tNpnYJ4RQhDR8Rnool2euvdMO3ww32bErOoW6Ur7Rq
Jx5EqSd8l0rC1BVVOPanzyggItjfmOZCAgFPsK9TphlxVAu79Zj0WTJCrqXAwmex
0skWqmTqvJqozR4uKiqu48ehTKGEvIxQ2izX1H3ogG8nnxvjqCUxxl5qKrrilq3C
AULlCPweDEaQ0hVTGoWw2Oviazyi1QOHNHOKrjpsKHiMKneQNfgv8UxdXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI27u2FWhAoXp8xvTXfycGb16FkyMB8GA1UdIwQY
MBaAFHgmtgT2+MA/6d9smOYfOertdVWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTct
Y2EwNDc0YWRmMzczLzEvamJ1N1lWYUVDaGVuekc5TmRfSndadlhvV1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTctY2EwNDc0YWRmMzcz
LzEvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVliMA0G
CSqGSIb3DQEBCwUAA4IBAQBTu8qXimEcNTQe+yL3k9wh5lWEyT2/5nI8ScC1SDh1
FmW1TJmJIVolyIo5njUcS4MHwcqCokE0c1cjRCsYej4jfX58N/WLBDE3J7ITartS
bdiNDtMCg4pjTV8ysXQ+79XO5OTx2o/CAbIBW080uAdP+VC5dfoJenXOjKUpOf5h
1CqkeDJ8TGj+TUh/Tjb9H6o5xo8ZNYM1Y++iVgpiLck5hoDSftGaYGnGFv5X0WAU
N75CTNHiTCnKXwv//Q/G9pjhi6tOjRg05ULgXE7S9xVvA2yOfTyAHviSpLjalVrQ
ejO9pFaEei2OPZ9yPoUrJmBQPG2uVyJerhC2MTT/+zQi
-----END CERTIFICATE-----