This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QJdhXrd0hewbECSXcRvrsJk3ASg.roa
File:                     QJdhXrd0hewbECSXcRvrsJk3ASg.roa (raw, json)
Hash identifier:          bB8P5JwY0QXuX90wzD9aBaOKhM+aBogHupfui9iT+R0=
Subject key identifier:   40:97:61:5E:B7:74:85:EC:1B:10:24:97:71:1B:EB:B0:99:37:01:28
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       019B7BA560EB1AD4B0141B380FF348B746AF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QJdhXrd0hewbECSXcRvrsJk3ASg.roa
Signing time:             Thu 01 Jan 2026 22:19:54 +0000
ROA not before:           Thu 01 Jan 2026 22:19:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211043
IP address blocks:        185.227.34.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 13:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a5:60:eb:1a:d4:b0:14:1b:38:0f:f3:48:b7:46:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:19:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4097615eb77485ec1b102497711bebb099370128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b2:bc:5b:65:b3:67:59:f8:6c:ce:79:f8:b4:
                    90:7f:8b:9e:53:f4:7e:f5:44:22:37:ec:ce:ea:11:
                    2b:de:c5:fd:af:ee:e2:ab:f9:92:66:15:dd:4d:a1:
                    0b:3a:0c:8e:fa:25:b4:f7:b6:86:4a:73:ce:a6:c6:
                    57:67:f8:c4:dc:07:10:b9:dd:10:69:b6:fe:c2:dc:
                    e4:17:cb:77:29:7b:b6:f8:6f:72:c3:e1:ae:71:6c:
                    8f:14:b9:17:a2:a4:e7:8b:db:0c:96:fb:aa:00:1d:
                    f7:cc:9a:69:7d:52:1c:80:e2:e3:e1:ae:cc:d0:4e:
                    fc:a1:df:ab:3f:4c:1f:fe:ac:6d:d2:44:6e:9f:4f:
                    cb:1c:41:59:42:db:78:3d:47:d5:54:17:89:44:1a:
                    64:27:89:fb:f8:12:88:c3:a2:a7:35:d0:01:52:a1:
                    26:bb:03:e5:41:e7:e4:98:ce:e2:e6:2d:e8:a9:80:
                    0f:b2:af:99:a2:51:44:58:29:28:c3:ed:58:26:24:
                    d1:fd:c4:06:0f:60:6e:80:93:df:ce:c7:26:21:e3:
                    34:15:76:9e:fc:dc:07:df:e4:85:93:dc:f2:64:a1:
                    97:50:cc:f9:d2:92:65:36:99:22:86:0b:0b:82:0d:
                    43:0c:25:19:23:ec:b8:2d:32:8d:23:bc:16:13:b7:
                    e6:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:97:61:5E:B7:74:85:EC:1B:10:24:97:71:1B:EB:B0:99:37:01:28
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QJdhXrd0hewbECSXcRvrsJk3ASg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.227.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:2c:97:5e:f7:cc:7a:0f:3e:56:44:9a:78:91:26:87:42:e5:
         e9:0c:42:57:68:0b:c3:6c:dc:76:0e:fb:08:31:35:9e:55:eb:
         9c:f5:09:9b:2a:ba:f4:8e:0f:74:02:f4:bf:c3:c4:9f:bf:55:
         9a:4d:ba:f8:5a:2a:b9:67:bd:e7:7c:27:38:2c:e0:b4:32:60:
         32:30:27:f5:7b:7d:7c:8c:66:15:e3:21:91:c4:cf:98:ba:b8:
         21:4a:4a:89:78:86:e8:b6:6b:1b:f2:83:0b:dc:4b:4a:0c:ed:
         58:0e:21:6a:a6:c5:60:c7:e2:74:1a:bd:95:bf:95:d4:36:15:
         ab:d1:89:84:39:0f:3c:23:8d:66:03:10:cc:c2:cb:be:57:53:
         50:6f:27:99:35:aa:f4:80:84:45:b8:0e:e4:ca:23:d4:f3:29:
         f0:c7:1b:1a:be:8e:1a:7c:f5:f4:71:35:64:ea:bb:fd:83:05:
         b9:32:9c:d6:37:9f:e9:69:fe:50:ad:f0:c0:8a:5d:0a:8a:1b:
         97:3d:8e:04:93:f2:43:8c:ba:2e:76:64:ed:90:1b:45:21:a8:
         4b:02:48:6d:0d:ff:10:23:4d:16:c6:df:af:38:ad:2a:9c:aa:
         f3:d5:c6:81:5b:bd:e5:7f:9c:2a:71:7e:48:20:8b:ff:2a:73:
         77:f4:36:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pWDrGtSwFBs4D/NIt0avMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjYwMTAxMjIxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk3NjE1ZWI3NzQ4NWVjMWIxMDI0OTc3MTFiZWJiMDk5MzcwMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurK8W2WzZ1n4bM55+LSQf4ueU/R+
9UQiN+zO6hEr3sX9r+7iq/mSZhXdTaELOgyO+iW097aGSnPOpsZXZ/jE3AcQud0Q
abb+wtzkF8t3KXu2+G9yw+GucWyPFLkXoqTni9sMlvuqAB33zJppfVIcgOLj4a7M
0E78od+rP0wf/qxt0kRun0/LHEFZQtt4PUfVVBeJRBpkJ4n7+BKIw6KnNdABUqEm
uwPlQefkmM7i5i3oqYAPsq+ZolFEWCkow+1YJiTR/cQGD2BugJPfzscmIeM0FXae
/NwH3+SFk9zyZKGXUMz50pJlNpkihgsLgg1DDCUZI+y4LTKNI7wWE7fm4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECXYV63dIXsGxAkl3Eb67CZNwEoMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUUpkaFhyZDBoZXdiRUNTWGNSdnJzSmszQVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAELJde98x6Dz5WRJp4kSaHQuXpDEJXaAvDbNx2DvsI
MTWeVeuc9QmbKrr0jg90AvS/w8Sfv1WaTbr4Wiq5Z73nfCc4LOC0MmAyMCf1e318
jGYV4yGRxM+YurghSkqJeIbotmsb8oML3EtKDO1YDiFqpsVgx+J0Gr2Vv5XUNhWr
0YmEOQ88I41mAxDMwsu+V1NQbyeZNar0gIRFuA7kyiPU8ynwxxsavo4afPX0cTVk
6rv9gwW5MpzWN5/paf5QrfDAil0KihuXPY4Ek/JDjLoudmTtkBtFIahLAkhtDf8Q
I00Wxt+vOK0qnKrz1caBW73lf5wqcX5IIIv/KnN39DYA
-----END CERTIFICATE-----