This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/7QXSQMVR5e3PA33Tbe1jUFBiBtU.roa
File:                     7QXSQMVR5e3PA33Tbe1jUFBiBtU.roa (raw, json)
Hash identifier:          Fu/x5ydAHbzxjRuQ9kPsYtD1frLQkvc1el/MBrSoppE=
Subject key identifier:   ED:05:D2:40:C5:51:E5:ED:CF:03:7D:D3:6D:ED:63:50:50:62:06:D5
Certificate issuer:       /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial:       019B7BA44366A6E08952D3006E898B24E228
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/7QXSQMVR5e3PA33Tbe1jUFBiBtU.roa
Signing time:             Thu 01 Jan 2026 22:18:41 +0000
ROA not before:           Thu 01 Jan 2026 22:18:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     12548
IP address blocks:        212.68.160.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 10:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:43:66:a6:e0:89:52:d3:00:6e:89:8b:24:e2:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
        Validity
            Not Before: Jan  1 22:18:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ed05d240c551e5edcf037dd36ded6350506206d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:25:d3:54:33:1a:9f:16:00:5e:8b:3e:97:74:
                    a8:f1:f1:c6:e0:46:7c:c7:63:f1:a9:b1:e7:ca:f3:
                    19:e1:a7:b3:70:53:ed:ab:7a:6b:95:4e:79:fb:c5:
                    0e:05:ef:88:59:59:d3:86:e6:00:8f:15:45:c9:d7:
                    e9:72:97:55:08:d2:95:dc:49:33:ee:e9:7d:04:c9:
                    5f:3f:86:be:c9:c4:7f:b0:17:76:9e:27:c6:7f:71:
                    e9:be:2a:ad:54:48:71:07:25:84:c1:ef:da:f7:06:
                    17:99:c6:2c:c8:a9:75:af:63:47:5b:b0:69:8e:c0:
                    c7:c5:c7:28:73:6b:af:b7:bf:c1:9c:8b:82:fb:49:
                    32:68:04:c7:74:f6:ba:87:99:f9:fe:d9:2c:64:a9:
                    e1:d8:c1:54:8e:53:6c:f5:e6:76:8d:3a:4f:1b:5a:
                    98:58:8f:05:c6:98:58:e4:cf:c0:17:9b:33:28:a4:
                    80:59:61:52:1c:09:42:db:52:36:e8:75:10:23:cd:
                    ed:1a:6d:f2:f8:2e:37:03:fc:74:66:08:bc:18:84:
                    68:bd:a4:38:72:8c:25:b7:7f:df:80:d1:01:d1:cc:
                    96:8a:38:16:43:65:d0:b4:5a:0f:3e:d7:a2:7f:3d:
                    d0:c0:26:9a:1f:78:6f:65:75:b0:d6:63:66:be:eb:
                    40:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:05:D2:40:C5:51:E5:ED:CF:03:7D:D3:6D:ED:63:50:50:62:06:D5
            X509v3 Authority Key Identifier:
                keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/7QXSQMVR5e3PA33Tbe1jUFBiBtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.68.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:ef:54:79:0a:fa:ed:9c:ee:b3:a4:87:25:0f:3b:36:5e:de:
         be:e5:34:82:b0:72:3f:1b:de:e6:b3:e0:f5:48:41:45:06:96:
         45:49:98:b5:61:2b:58:66:cc:ad:7c:5a:b6:d1:d1:e9:0d:da:
         ab:e1:b2:35:9e:f9:75:ad:5d:16:2a:b1:ae:5a:b9:e3:84:28:
         59:4b:a3:17:48:3c:34:73:1e:e2:3e:ea:fe:19:15:11:2e:64:
         80:66:ed:a3:4e:9d:35:d0:49:af:9f:0d:9b:41:d7:ff:72:c9:
         fc:d5:72:17:32:6d:5d:5b:4b:7d:c6:7a:d5:47:02:c1:2c:a0:
         c7:6b:64:62:da:18:33:8a:c8:96:01:e4:87:86:28:d9:9e:b4:
         d9:b2:2a:fa:dd:dc:fa:e4:aa:01:64:41:87:3c:47:bf:bd:a5:
         cb:11:05:86:7f:fa:40:88:f5:78:5e:bc:3d:74:83:25:14:74:
         e0:df:e2:15:4e:55:b1:46:20:97:e2:23:ad:b3:d5:ab:c2:8f:
         bf:d8:a2:23:18:59:3e:c8:f3:1f:27:40:1d:11:02:d4:6d:ba:
         3c:e7:3f:3f:04:44:f9:2a:9d:b6:5e:15:5b:fd:60:5a:42:09:
         48:f9:94:0c:55:01:68:61:3e:8a:04:cb:e7:91:29:4b:67:42:
         a5:0d:33:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pENmpuCJUtMAbomLJOIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjYwMTAxMjIxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA1ZDI0MGM1NTFlNWVkY2YwMzdkZDM2ZGVkNjM1MDUwNjIwNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iXTVDManxYAXos+l3So8fHG4EZ8
x2PxqbHnyvMZ4aezcFPtq3prlU55+8UOBe+IWVnThuYAjxVFydfpcpdVCNKV3Ekz
7ul9BMlfP4a+ycR/sBd2nifGf3HpviqtVEhxByWEwe/a9wYXmcYsyKl1r2NHW7Bp
jsDHxccoc2uvt7/BnIuC+0kyaATHdPa6h5n5/tksZKnh2MFUjlNs9eZ2jTpPG1qY
WI8FxphY5M/AF5szKKSAWWFSHAlC21I26HUQI83tGm3y+C43A/x0Zgi8GIRovaQ4
cowlt3/fgNEB0cyWijgWQ2XQtFoPPteifz3QwCaaH3hvZXWw1mNmvutACwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0F0kDFUeXtzwN9023tY1BQYgbVMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvN1FYU1FNVlI1ZTNQQTMzVGJlMWpVRkJpQnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ESgMA0G
CSqGSIb3DQEBCwUAA4IBAQB871R5CvrtnO6zpIclDzs2Xt6+5TSCsHI/G97ms+D1
SEFFBpZFSZi1YStYZsytfFq20dHpDdqr4bI1nvl1rV0WKrGuWrnjhChZS6MXSDw0
cx7iPur+GRURLmSAZu2jTp010Emvnw2bQdf/csn81XIXMm1dW0t9xnrVRwLBLKDH
a2Ri2hgzisiWAeSHhijZnrTZsir63dz65KoBZEGHPEe/vaXLEQWGf/pAiPV4Xrw9
dIMlFHTg3+IVTlWxRiCX4iOts9Wrwo+/2KIjGFk+yPMfJ0AdEQLUbbo85z8/BET5
Kp22XhVb/WBaQglI+ZQMVQFoYT6KBMvnkSlLZ0KlDTNA
-----END CERTIFICATE-----