This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jXJPIagQB7xJy4c-VYsshQQ5ZU8.roa
File:                     jXJPIagQB7xJy4c-VYsshQQ5ZU8.roa (raw, json)
Hash identifier:          LZ2zXEnHEosFY9V/e5cqBzDV0kKFDDyZWuhh0GN0XAw=
Subject key identifier:   8D:72:4F:21:A8:10:07:BC:49:CB:87:3E:55:8B:2C:85:04:39:65:4F
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       019B7E38104C6455F4CC199D65A600D40578
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jXJPIagQB7xJy4c-VYsshQQ5ZU8.roa
Signing time:             Fri 02 Jan 2026 10:19:21 +0000
ROA not before:           Fri 02 Jan 2026 10:19:21 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212165
IP address blocks:        185.246.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 13:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:10:4c:64:55:f4:cc:19:9d:65:a6:00:d4:05:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jan  2 10:19:21 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8d724f21a81007bc49cb873e558b2c850439654f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:26:d7:fc:48:f1:43:3b:ec:aa:ec:70:59:b2:
                    02:6c:40:c8:2b:41:d4:5c:81:f6:c2:2e:be:5c:3b:
                    48:2f:90:c0:7e:a7:b7:a4:79:3e:7a:4b:4f:7e:3b:
                    85:2d:6a:33:37:7e:57:a8:a0:18:5e:e9:35:20:72:
                    87:cf:64:fd:97:df:1f:94:8e:bf:18:a9:d0:df:44:
                    31:20:45:1a:bd:2c:ea:23:20:dc:04:e7:d1:cf:2a:
                    89:bd:4d:3e:f4:9e:7f:21:9b:e3:8f:81:50:fb:37:
                    ee:b2:19:9a:f9:c8:69:8a:0e:62:12:7d:ba:80:6c:
                    d0:34:ed:dd:9b:ff:71:42:66:7e:7d:d7:ee:68:4c:
                    28:91:a1:e4:69:a1:eb:2b:63:67:17:30:3e:1c:9d:
                    58:7c:92:04:cb:2c:de:84:c7:a5:d5:5a:4f:b2:d7:
                    44:71:c9:39:25:b2:6e:ad:64:e0:ab:ed:38:76:b5:
                    96:3f:65:9e:2a:2c:45:fb:cb:d3:ad:23:2e:a9:b5:
                    d3:dc:6c:ca:9d:9e:7a:41:3e:e0:da:f0:54:45:59:
                    af:92:1a:85:75:3f:e0:06:4c:d9:a5:eb:01:51:79:
                    8d:d9:1e:0a:da:e2:95:ad:ed:bb:59:61:b5:df:b2:
                    87:a8:88:ab:c1:02:11:ba:70:86:19:3f:e2:03:bd:
                    7d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:72:4F:21:A8:10:07:BC:49:CB:87:3E:55:8B:2C:85:04:39:65:4F
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jXJPIagQB7xJy4c-VYsshQQ5ZU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.246.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:df:f0:94:4a:f6:0f:38:41:0a:4d:9e:8b:a1:0c:85:18:9c:
         86:b5:ee:17:4c:64:74:0e:ac:46:28:84:90:6e:37:f1:1a:99:
         73:0b:3d:a8:66:ce:a4:00:cd:a7:10:1d:ad:ae:5c:4e:f5:6e:
         cc:57:8d:3d:ec:f3:8c:cd:d0:40:e5:47:59:d9:a1:57:51:10:
         58:c7:08:b7:24:7a:b6:7a:79:6d:17:04:a5:eb:d1:72:2c:3b:
         10:01:b3:f9:95:57:21:c7:a6:d7:fb:ba:2e:3d:8e:4b:df:5e:
         06:15:30:7c:46:85:05:18:77:89:8a:4e:65:c4:10:6b:ae:63:
         17:ca:fa:fe:62:29:07:4a:9d:ea:83:fb:34:52:ba:f1:0c:d8:
         9d:d0:4b:71:0e:1d:87:9e:f4:5c:81:2f:c0:09:ee:c9:f9:11:
         0e:ac:96:4f:ae:d3:43:55:c6:52:22:dd:a8:88:ee:cd:2b:e9:
         5a:de:9f:f3:ed:46:ec:83:b9:17:dd:05:35:c6:8e:50:62:f3:
         36:a0:ca:34:d7:27:7e:a9:e0:e3:c5:c9:01:ae:07:0f:5b:52:
         54:e2:64:fa:a9:75:37:a6:ee:9e:6e:85:9e:fa:6a:fd:47:29:
         cd:c8:f1:a2:b4:07:14:89:f8:ee:6a:86:4f:84:8d:b6:9a:cf:
         b4:58:75:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OBBMZFX0zBmdZaYA1AV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwMTAyMTAxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcyNGYyMWE4MTAwN2JjNDljYjg3M2U1NThiMmM4NTA0Mzk2NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSbX/EjxQzvsquxwWbICbEDIK0HU
XIH2wi6+XDtIL5DAfqe3pHk+ektPfjuFLWozN35XqKAYXuk1IHKHz2T9l98flI6/
GKnQ30QxIEUavSzqIyDcBOfRzyqJvU0+9J5/IZvjj4FQ+zfushma+chpig5iEn26
gGzQNO3dm/9xQmZ+fdfuaEwokaHkaaHrK2NnFzA+HJ1YfJIEyyzehMel1VpPstdE
cck5JbJurWTgq+04drWWP2WeKixF+8vTrSMuqbXT3GzKnZ56QT7g2vBURVmvkhqF
dT/gBkzZpesBUXmN2R4K2uKVre27WWG137KHqIirwQIRunCGGT/iA719ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1yTyGoEAe8ScuHPlWLLIUEOWVPMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvalhKUElhZ1FCN3hKeTRjLVZZc3NoUVE1WlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufZ2MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ3/CUSvYPOEEKTZ6LoQyFGJyGte4XTGR0DqxGKISQ
bjfxGplzCz2oZs6kAM2nEB2trlxO9W7MV4097POMzdBA5UdZ2aFXURBYxwi3JHq2
enltFwSl69FyLDsQAbP5lVchx6bX+7ouPY5L314GFTB8RoUFGHeJik5lxBBrrmMX
yvr+YikHSp3qg/s0UrrxDNid0EtxDh2HnvRcgS/ACe7J+REOrJZPrtNDVcZSIt2o
iO7NK+la3p/z7Ubsg7kX3QU1xo5QYvM2oMo01yd+qeDjxckBrgcPW1JU4mT6qXU3
pu6eboWe+mr9RynNyPGitAcUifjuaoZPhI22ms+0WHWa
-----END CERTIFICATE-----