This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/VLzEBPYWpwlxw34UQJFFdOGntXc.roa
File:                     VLzEBPYWpwlxw34UQJFFdOGntXc.roa (raw, json)
Hash identifier:          MIMHe1Kmdz8phFSPAFOMKLvUlt1LLncBccV6RF4w1BI=
Subject key identifier:   54:BC:C4:04:F6:16:A7:09:71:C3:7E:14:40:91:45:74:E1:A7:B5:77
Certificate issuer:       /CN=4674af1bbdc4ca483c669c4fe0bdd764b8ac1675
Certificate serial:       019B797E3A19A210C1DAB1A0A9F8478E9015
Authority key identifier: 46:74:AF:1B:BD:C4:CA:48:3C:66:9C:4F:E0:BD:D7:64:B8:AC:16:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RnSvG73Eykg8ZpxP4L3XZLisFnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/VLzEBPYWpwlxw34UQJFFdOGntXc.roa
Signing time:             Thu 01 Jan 2026 12:17:54 +0000
ROA not before:           Thu 01 Jan 2026 12:17:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3225
IP address blocks:        185.46.144.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/RnSvG73Eykg8ZpxP4L3XZLisFnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/RnSvG73Eykg8ZpxP4L3XZLisFnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RnSvG73Eykg8ZpxP4L3XZLisFnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:3a:19:a2:10:c1:da:b1:a0:a9:f8:47:8e:90:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4674af1bbdc4ca483c669c4fe0bdd764b8ac1675
        Validity
            Not Before: Jan  1 12:17:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=54bcc404f616a70971c37e1440914574e1a7b577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fe:33:87:26:a7:f3:11:aa:95:ee:dd:13:2e:
                    d1:c6:ad:01:45:02:27:b6:a2:08:16:de:89:bd:b2:
                    b2:90:9b:69:ae:99:bf:67:ce:80:7a:c0:15:3b:64:
                    95:2e:8c:fe:f8:21:e7:de:79:13:0c:f1:19:4b:32:
                    2b:5b:b4:cb:24:da:f9:11:94:7f:f0:36:f2:d7:67:
                    58:02:a0:3d:a9:ee:50:c7:31:bd:8a:ad:07:ee:72:
                    c5:58:24:79:28:e0:55:0c:f5:c9:de:c8:6c:6c:6b:
                    1f:f9:c3:a0:e4:ab:0e:4f:4c:64:2e:8c:25:8c:e3:
                    f1:5c:27:f3:c8:ad:28:c7:31:7a:e4:11:ab:2b:86:
                    c8:97:7e:ab:a9:ee:d9:a4:c2:d6:6a:3d:ec:e5:8d:
                    3e:7f:f4:8d:66:56:bb:2d:c8:a4:dd:f9:5c:b0:ea:
                    98:ee:94:fa:86:be:e3:b7:06:3b:60:43:06:ce:c0:
                    2c:a1:49:63:4b:b0:c4:ba:14:30:2b:bd:d6:04:a7:
                    98:61:4e:01:f6:37:c4:1a:57:92:7d:ec:8a:ca:c7:
                    53:85:4a:50:a7:a8:50:d4:0e:76:02:e3:4c:e5:82:
                    07:99:37:4f:97:fb:9a:60:7c:54:9f:66:2f:f5:19:
                    ff:14:23:fd:bf:af:fe:70:c0:e5:60:6e:ce:74:37:
                    0d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:BC:C4:04:F6:16:A7:09:71:C3:7E:14:40:91:45:74:E1:A7:B5:77
            X509v3 Authority Key Identifier:
                keyid:46:74:AF:1B:BD:C4:CA:48:3C:66:9C:4F:E0:BD:D7:64:B8:AC:16:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnSvG73Eykg8ZpxP4L3XZLisFnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/VLzEBPYWpwlxw34UQJFFdOGntXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d54138-1308-4b42-a170-5492e0e4ebc3/1/RnSvG73Eykg8ZpxP4L3XZLisFnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:ec:b8:77:5c:01:b2:e8:5a:8c:5e:06:e8:d6:df:3a:cb:9a:
         c0:5d:47:ee:fd:14:4a:d7:78:00:78:53:cd:19:54:12:3d:e3:
         ec:29:e2:b7:f3:8a:cf:31:19:3e:4b:11:e1:67:5c:75:c6:39:
         55:d4:bc:0d:74:45:eb:a5:c4:25:d7:8a:6f:0a:71:5a:15:05:
         87:76:fd:a3:0f:58:c7:ef:8d:b0:04:51:c5:58:cf:aa:c9:a2:
         ae:91:75:a1:e3:c2:f2:f2:18:a4:84:cc:0d:1f:7a:98:57:d0:
         90:0c:b6:6f:ca:62:23:2c:d9:86:ab:07:9a:a8:58:53:28:83:
         d5:52:56:eb:24:14:3c:16:01:5d:f4:23:15:e7:03:de:ae:4d:
         83:f2:ae:12:2b:3e:97:df:7c:e6:fd:26:4c:75:ee:02:08:f2:
         26:52:61:c2:93:04:43:ea:5c:ed:4d:98:35:e9:b1:9d:44:5a:
         f2:ae:2e:c1:08:3f:46:da:5c:93:6b:3b:de:1f:3a:30:7a:28:
         39:b7:95:d8:82:34:03:80:8c:7a:e0:d7:a7:7c:bc:26:d7:26:
         67:72:24:9d:e3:a1:9b:fb:c4:0e:3a:fa:ab:d7:1b:49:d7:e3:
         1e:2f:9a:d8:7f:fd:98:f3:ff:1f:32:98:54:69:ec:31:22:d4:
         91:d4:b7:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fjoZohDB2rGgqfhHjpAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NzRhZjFiYmRjNGNhNDgzYzY2OWM0ZmUwYmRkNzY0Yjhh
YzE2NzUwHhcNMjYwMTAxMTIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJjYzQwNGY2MTZhNzA5NzFjMzdlMTQ0MDkxNDU3NGUxYTdiNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/4zhyan8xGqle7dEy7Rxq0BRQIn
tqIIFt6JvbKykJtprpm/Z86AesAVO2SVLoz++CHn3nkTDPEZSzIrW7TLJNr5EZR/
8Dby12dYAqA9qe5QxzG9iq0H7nLFWCR5KOBVDPXJ3shsbGsf+cOg5KsOT0xkLowl
jOPxXCfzyK0oxzF65BGrK4bIl36rqe7ZpMLWaj3s5Y0+f/SNZla7Lcik3flcsOqY
7pT6hr7jtwY7YEMGzsAsoUljS7DEuhQwK73WBKeYYU4B9jfEGleSfeyKysdThUpQ
p6hQ1A52AuNM5YIHmTdPl/uaYHxUn2Yv9Rn/FCP9v6/+cMDlYG7OdDcNhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFS8xAT2FqcJccN+FECRRXThp7V3MB8GA1UdIwQY
MBaAFEZ0rxu9xMpIPGacT+C912S4rBZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5Tdkc3M0V5a2c4WnB4UDRMM1haTGlzRm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kNTQxMzgtMTMwOC00YjQyLWExNzAt
NTQ5MmUwZTRlYmMzLzEvVkx6RUJQWVdwd2x4dzM0VVFKRkZkT0dudFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kNTQxMzgtMTMwOC00YjQyLWExNzAtNTQ5MmUwZTRlYmMz
LzEvUm5Tdkc3M0V5a2c4WnB4UDRMM1haTGlzRm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBg7Lh3XAGy6FqMXgbo1t86y5rAXUfu/RRK13gAeFPN
GVQSPePsKeK384rPMRk+SxHhZ1x1xjlV1LwNdEXrpcQl14pvCnFaFQWHdv2jD1jH
742wBFHFWM+qyaKukXWh48Ly8hikhMwNH3qYV9CQDLZvymIjLNmGqweaqFhTKIPV
UlbrJBQ8FgFd9CMV5wPerk2D8q4SKz6X33zm/SZMde4CCPImUmHCkwRD6lztTZg1
6bGdRFryri7BCD9G2lyTazveHzoweig5t5XYgjQDgIx64NenfLwm1yZnciSd46Gb
+8QOOvqr1xtJ1+MeL5rYf/2Y8/8fMphUaewxItSR1Ldz
-----END CERTIFICATE-----