This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/T_ajvR2nQAvlNGNDSwjL2eitBKI.roa
File:                     T_ajvR2nQAvlNGNDSwjL2eitBKI.roa (raw, json)
Hash identifier:          uZlllXoSCgzxncNwBPd5Cx/IZ61QG4puWlaD0A2LBZ8=
Subject key identifier:   4F:F6:A3:BD:1D:A7:40:0B:E5:34:63:43:4B:08:CB:D9:E8:AD:04:A2
Certificate issuer:       /CN=c7ebabd786da13805655b1b5501fdcbf433bc78d
Certificate serial:       019B7B36DDE0C147EEB00E4FF520A927F52B
Authority key identifier: C7:EB:AB:D7:86:DA:13:80:56:55:B1:B5:50:1F:DC:BF:43:3B:C7:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x-ur14baE4BWVbG1UB_cv0M7x40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/T_ajvR2nQAvlNGNDSwjL2eitBKI.roa
Signing time:             Thu 01 Jan 2026 20:19:11 +0000
ROA not before:           Thu 01 Jan 2026 20:19:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15404
IP address blocks:        91.213.201.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/x-ur14baE4BWVbG1UB_cv0M7x40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/x-ur14baE4BWVbG1UB_cv0M7x40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x-ur14baE4BWVbG1UB_cv0M7x40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 08:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:dd:e0:c1:47:ee:b0:0e:4f:f5:20:a9:27:f5:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7ebabd786da13805655b1b5501fdcbf433bc78d
        Validity
            Not Before: Jan  1 20:19:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4ff6a3bd1da7400be53463434b08cbd9e8ad04a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b6:e0:7f:81:28:3b:de:99:16:93:71:bd:e5:
                    2e:a4:6f:4a:e6:0d:cf:02:6f:df:05:e1:2b:df:75:
                    af:62:3c:f9:89:cc:59:d6:76:b3:4e:3c:e5:e2:79:
                    97:f3:3c:49:45:fc:df:a6:f4:c3:e8:a0:80:2a:ad:
                    c2:dd:58:c8:22:e3:23:24:26:5f:27:45:a1:ca:2c:
                    f4:cc:fc:d1:35:fe:67:22:74:a6:c7:98:19:80:7a:
                    fe:98:44:23:60:73:7d:e5:7b:a8:a0:81:d8:cf:fa:
                    a9:9d:f1:bd:f7:54:88:97:86:d5:18:f1:7b:4d:fd:
                    88:13:71:13:49:6f:a1:98:55:80:52:9f:b3:a3:c4:
                    39:6f:6c:67:25:86:78:13:38:ba:e3:3d:b9:92:f0:
                    97:30:18:7c:d5:fd:07:7f:d6:22:3b:5a:fe:41:37:
                    6c:00:3b:0f:f8:b8:cc:5c:1e:fa:39:e4:c7:e6:ab:
                    e5:7c:26:d2:83:45:73:07:7c:7f:bf:08:8c:6c:be:
                    c0:a1:ed:a3:17:5a:f1:82:ab:b3:52:a2:24:27:84:
                    c3:f4:84:f0:e1:2f:6d:59:3e:cf:f8:d6:5a:1e:60:
                    ba:4e:64:ef:d4:2b:23:05:ea:05:ec:5b:df:ce:e7:
                    ff:3c:73:7f:19:f1:3c:b3:51:e0:d9:5c:2e:2f:a1:
                    39:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:F6:A3:BD:1D:A7:40:0B:E5:34:63:43:4B:08:CB:D9:E8:AD:04:A2
            X509v3 Authority Key Identifier:
                keyid:C7:EB:AB:D7:86:DA:13:80:56:55:B1:B5:50:1F:DC:BF:43:3B:C7:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-ur14baE4BWVbG1UB_cv0M7x40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/T_ajvR2nQAvlNGNDSwjL2eitBKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/x-ur14baE4BWVbG1UB_cv0M7x40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:4a:ce:ad:5f:1a:e3:22:b2:ea:4d:8b:44:7e:50:34:26:d4:
         92:f4:f3:0a:08:86:59:34:16:51:46:0a:fc:59:bd:f4:88:96:
         81:da:32:18:a7:fc:de:09:2d:97:40:df:a2:4d:02:ef:5b:3a:
         8e:74:55:1e:18:04:db:e2:e7:1c:f6:01:39:df:df:07:d9:17:
         cb:43:18:37:f9:79:09:4e:52:3c:7b:3d:59:f4:0f:d6:9d:c2:
         cb:56:2b:1a:83:50:b1:35:b9:1c:06:c6:dc:25:b5:8e:49:b4:
         de:a1:42:db:cf:b0:d1:73:98:4d:51:36:f9:65:3e:aa:8f:19:
         31:53:4e:e7:57:bd:a3:c9:35:f9:72:8e:4b:7a:ae:53:b6:19:
         22:89:d4:b9:47:f3:7f:a3:bb:e2:13:b3:55:87:f4:29:cc:56:
         37:19:e1:85:53:78:f9:cd:72:1c:8c:92:03:34:b7:ad:50:16:
         fa:73:51:e2:18:5c:e1:f8:c4:ad:60:ae:6a:72:04:f9:56:d5:
         40:c3:c5:4e:25:9a:25:42:03:76:dd:5a:75:b5:5a:81:bd:20:
         2a:20:e7:38:6c:22:1b:05:94:a8:e6:2b:b7:6c:d3:6e:80:a9:
         de:e3:5a:fe:80:dc:bf:e4:54:63:68:61:57:99:18:55:f9:27:
         cd:9a:f3:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7Nt3gwUfusA5P9SCpJ/UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZWJhYmQ3ODZkYTEzODA1NjU1YjFiNTUwMWZkY2JmNDMz
YmM3OGQwHhcNMjYwMTAxMjAxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY2YTNiZDFkYTc0MDBiZTUzNDYzNDM0YjA4Y2JkOWU4YWQwNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrbgf4EoO96ZFpNxveUupG9K5g3P
Am/fBeEr33WvYjz5icxZ1nazTjzl4nmX8zxJRfzfpvTD6KCAKq3C3VjIIuMjJCZf
J0Whyiz0zPzRNf5nInSmx5gZgHr+mEQjYHN95XuooIHYz/qpnfG991SIl4bVGPF7
Tf2IE3ETSW+hmFWAUp+zo8Q5b2xnJYZ4Ezi64z25kvCXMBh81f0Hf9YiO1r+QTds
ADsP+LjMXB76OeTH5qvlfCbSg0VzB3x/vwiMbL7Aoe2jF1rxgquzUqIkJ4TD9ITw
4S9tWT7P+NZaHmC6TmTv1CsjBeoF7Fvfzuf/PHN/GfE8s1Hg2VwuL6E58QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/2o70dp0AL5TRjQ0sIy9norQSiMB8GA1UdIwQY
MBaAFMfrq9eG2hOAVlWxtVAf3L9DO8eNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC11cjE0YmFFNEJXVmJHMVVCX2N2ME03eDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jMDY0YTUtZDdhOS00ZTZmLThmZDgt
MGRjZDAzZGMwODk3LzEvVF9hanZSMm5RQXZsTkdORFN3akwyZWl0QktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jMDY0YTUtZDdhOS00ZTZmLThmZDgtMGRjZDAzZGMwODk3
LzEveC11cjE0YmFFNEJXVmJHMVVCX2N2ME03eDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XJMA0G
CSqGSIb3DQEBCwUAA4IBAQBjSs6tXxrjIrLqTYtEflA0JtSS9PMKCIZZNBZRRgr8
Wb30iJaB2jIYp/zeCS2XQN+iTQLvWzqOdFUeGATb4ucc9gE5398H2RfLQxg3+XkJ
TlI8ez1Z9A/WncLLVisag1CxNbkcBsbcJbWOSbTeoULbz7DRc5hNUTb5ZT6qjxkx
U07nV72jyTX5co5Leq5TthkiidS5R/N/o7viE7NVh/QpzFY3GeGFU3j5zXIcjJID
NLetUBb6c1HiGFzh+MStYK5qcgT5VtVAw8VOJZolQgN23Vp1tVqBvSAqIOc4bCIb
BZSo5iu3bNNugKne41r+gNy/5FRjaGFXmRhV+SfNmvMJ
-----END CERTIFICATE-----