This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/LDB6M5jKAUAX0pW_Ow6Al3r3TVc.roa
File:                     LDB6M5jKAUAX0pW_Ow6Al3r3TVc.roa (raw, json)
Hash identifier:          0871MmeimwA3qa6fuNCLnFf75uwna79ZP/U6WsupA/A=
Subject key identifier:   2C:30:7A:33:98:CA:01:40:17:D2:95:BF:3B:0E:80:97:7A:F7:4D:57
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       019B77C676937B5CCA6D68AED9FEC3906360
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/LDB6M5jKAUAX0pW_Ow6Al3r3TVc.roa
Signing time:             Thu 01 Jan 2026 04:17:33 +0000
ROA not before:           Thu 01 Jan 2026 04:17:33 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     61975
IP address blocks:        95.158.169.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 Jan 2026 07:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:76:93:7b:5c:ca:6d:68:ae:d9:fe:c3:90:63:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  1 04:17:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2c307a3398ca014017d295bf3b0e80977af74d57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:30:44:e5:98:5e:e3:46:be:e3:8c:4a:9b:74:
                    a9:dc:55:06:50:67:43:37:f1:50:f8:80:f3:0e:b1:
                    b2:8b:07:2f:1b:d5:f8:6f:27:10:2d:99:69:96:3e:
                    9d:70:fe:b8:da:25:f4:dd:fd:b1:35:e6:d2:b5:30:
                    ad:55:a8:b7:27:c9:1d:0a:10:8c:9e:d1:d5:07:db:
                    ec:4d:6d:ff:3c:9b:44:f9:b8:26:1c:49:e9:b8:36:
                    21:d1:ee:ed:fc:23:f8:93:ef:c6:7e:92:f4:a3:76:
                    ee:30:c1:eb:63:dc:f5:8c:81:da:42:4f:56:28:44:
                    43:2f:69:60:67:98:ce:e6:96:12:47:d2:57:8e:50:
                    9a:75:14:cf:a7:01:25:44:8b:d9:f7:dd:1d:ff:44:
                    60:42:39:4b:22:5d:ec:3a:27:b0:f0:f2:39:ff:86:
                    35:7a:1d:40:09:4b:a1:af:3a:a6:88:a2:1d:f2:31:
                    01:e4:ba:c6:e8:74:c6:9b:ff:c8:39:af:15:04:e7:
                    05:90:06:3f:ab:17:a2:e1:34:90:c8:fe:e1:ed:c4:
                    4b:e7:d8:8e:43:1b:06:79:28:e5:2e:47:dc:08:73:
                    d7:8a:a8:7a:a4:23:5b:a8:c7:68:48:04:49:cb:46:
                    fc:bd:eb:da:e7:f1:73:97:2c:53:b6:94:f3:05:86:
                    b2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:30:7A:33:98:CA:01:40:17:D2:95:BF:3B:0E:80:97:7A:F7:4D:57
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/LDB6M5jKAUAX0pW_Ow6Al3r3TVc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.158.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:d2:92:0b:e2:60:b9:fa:eb:71:29:f3:20:3b:38:58:e0:00:
         57:8c:2c:8a:1a:dc:55:c3:30:ed:6f:0f:d2:5e:63:d8:f5:4c:
         66:93:98:7c:35:58:d5:74:db:70:0b:0e:b5:67:75:7a:d2:a4:
         72:66:6e:35:0f:8b:c9:54:c7:ce:0c:d3:55:d4:3b:8a:e7:93:
         ff:64:99:77:db:d8:4f:27:6a:48:2b:77:e4:4f:a0:14:22:1c:
         55:7d:86:bf:0d:5f:8f:e8:af:0c:69:df:ec:7a:06:cd:1a:6c:
         d4:2f:d6:65:6e:6d:8b:64:0c:29:00:43:71:45:46:2c:39:ac:
         e0:4b:be:8a:8a:b3:39:27:9d:bd:ac:85:db:b8:00:91:70:d4:
         07:38:db:58:27:c0:f2:3e:58:55:85:30:a1:c3:5e:1b:52:33:
         2d:d4:5e:14:5f:ab:7e:99:35:d3:ba:94:31:4a:31:d2:c6:df:
         58:85:35:0a:e0:3d:c4:ea:16:b8:84:a4:36:56:f5:e9:32:b6:
         82:3c:df:87:27:d7:c3:33:38:f6:33:36:ac:42:bf:e7:60:3d:
         73:3b:22:9b:7f:8f:f1:90:70:a6:6a:70:25:ca:8e:d0:b5:f1:
         b5:b5:ee:5d:fe:7e:4f:a2:78:c6:b3:f2:91:50:69:d2:8b:8d:
         7d:61:b8:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xnaTe1zKbWiu2f7DkGNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjYwMTAxMDQxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzMwN2EzMzk4Y2EwMTQwMTdkMjk1YmYzYjBlODA5NzdhZjc0ZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTBE5Zhe40a+44xKm3Sp3FUGUGdD
N/FQ+IDzDrGyiwcvG9X4bycQLZlplj6dcP642iX03f2xNebStTCtVai3J8kdChCM
ntHVB9vsTW3/PJtE+bgmHEnpuDYh0e7t/CP4k+/GfpL0o3buMMHrY9z1jIHaQk9W
KERDL2lgZ5jO5pYSR9JXjlCadRTPpwElRIvZ990d/0RgQjlLIl3sOiew8PI5/4Y1
eh1ACUuhrzqmiKId8jEB5LrG6HTGm//IOa8VBOcFkAY/qxei4TSQyP7h7cRL59iO
QxsGeSjlLkfcCHPXiqh6pCNbqMdoSARJy0b8veva5/FzlyxTtpTzBYayzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCwwejOYygFAF9KVvzsOgJd6901XMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvTERCNk01aktBVUFYMHBXX093NkFsM3IzVFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX56pMA0G
CSqGSIb3DQEBCwUAA4IBAQAI0pIL4mC5+utxKfMgOzhY4ABXjCyKGtxVwzDtbw/S
XmPY9Uxmk5h8NVjVdNtwCw61Z3V60qRyZm41D4vJVMfODNNV1DuK55P/ZJl329hP
J2pIK3fkT6AUIhxVfYa/DV+P6K8Mad/segbNGmzUL9Zlbm2LZAwpAENxRUYsOazg
S76KirM5J529rIXbuACRcNQHONtYJ8DyPlhVhTChw14bUjMt1F4UX6t+mTXTupQx
SjHSxt9YhTUK4D3E6ha4hKQ2VvXpMraCPN+HJ9fDMzj2MzasQr/nYD1zOyKbf4/x
kHCmanAlyo7QtfG1te5d/n5PonjGs/KRUGnSi419Ybj1
-----END CERTIFICATE-----