This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IK8rxF0fNpLSKD9Dqm0lXn3gA78.roa
File:                     IK8rxF0fNpLSKD9Dqm0lXn3gA78.roa (raw, json)
Hash identifier:          727Jxwhi3j4ZaKKaAIMgbayUGpDpki6NjCGsamcTESU=
Subject key identifier:   20:AF:2B:C4:5D:1F:36:92:D2:28:3F:43:AA:6D:25:5E:7D:E0:03:BF
Certificate issuer:       /CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Certificate serial:       019B7B35BF2BA60344BD657F91B859E51358
Authority key identifier: 68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IK8rxF0fNpLSKD9Dqm0lXn3gA78.roa
Signing time:             Thu 01 Jan 2026 20:17:58 +0000
ROA not before:           Thu 01 Jan 2026 20:17:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     14618
IP address blocks:        46.18.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 Jan 2026 15:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:bf:2b:a6:03:44:bd:65:7f:91:b8:59:e5:13:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
        Validity
            Not Before: Jan  1 20:17:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=20af2bc45d1f3692d2283f43aa6d255e7de003bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:71:72:1c:cb:bb:db:79:e6:4a:d3:74:81:08:
                    68:16:7b:1f:a6:52:f5:35:fb:c6:9a:81:81:e2:4a:
                    45:71:7c:98:88:56:0b:e5:97:35:de:16:6c:81:4e:
                    b6:0e:a9:0f:16:a3:ac:75:61:f2:05:12:08:1b:d9:
                    66:a7:81:e1:77:e4:28:cd:58:cd:69:0f:a4:92:fe:
                    c1:c3:b7:d5:82:8c:47:09:f4:5a:75:75:29:4f:7c:
                    e3:a5:9d:05:43:d6:7a:06:33:14:8f:b8:e3:7e:f0:
                    7b:c5:e2:9b:43:c7:67:d9:ba:52:39:c2:47:56:91:
                    7b:b3:8f:e3:a4:a1:cc:23:34:99:29:32:dd:47:f5:
                    f7:f6:14:f3:d2:f3:ee:4f:3f:c5:b9:d2:f6:c9:96:
                    b1:f9:fe:d7:48:94:ec:cf:11:19:12:18:40:91:11:
                    6c:18:ac:50:4d:a2:44:f7:f5:44:8b:be:cb:01:29:
                    14:20:b5:92:39:2b:15:92:da:7c:52:cc:54:2c:54:
                    e5:4c:1a:65:ae:20:20:72:1f:5d:05:55:fa:f8:9a:
                    32:eb:45:18:85:64:0e:f0:2a:60:6c:30:56:ea:d4:
                    25:73:d6:2f:78:0a:8a:34:bb:b6:90:a6:51:75:f5:
                    fd:7b:0b:35:02:55:37:2f:00:21:7c:ba:1c:2f:55:
                    39:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:AF:2B:C4:5D:1F:36:92:D2:28:3F:43:AA:6D:25:5E:7D:E0:03:BF
            X509v3 Authority Key Identifier:
                keyid:68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IK8rxF0fNpLSKD9Dqm0lXn3gA78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.18.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:e2:60:6e:17:51:7d:eb:95:25:3e:56:d1:e2:34:f3:69:3b:
         7b:59:23:68:c7:f8:67:4c:d2:7b:4c:0e:b3:1c:3f:d5:e3:34:
         67:96:59:43:a7:96:71:f3:76:e1:45:ef:d7:59:b3:bf:11:9b:
         bd:1e:d8:90:ab:9e:64:c7:b9:14:49:dd:78:ec:07:9e:b1:83:
         38:16:51:89:9d:ba:16:c0:74:ca:72:95:d4:eb:1c:be:e2:01:
         fd:e4:af:b0:e5:cd:5f:5c:d4:1f:78:95:43:3c:ee:e3:fe:69:
         46:03:01:9f:94:d2:28:68:1b:87:1f:21:33:89:75:44:00:25:
         37:c8:2b:74:b8:41:f2:7f:68:17:fd:94:69:1e:d8:7b:44:35:
         c4:c6:aa:84:72:71:3b:77:2f:dd:c7:13:63:20:77:d9:65:e1:
         7d:6f:b5:c4:f1:ae:f0:b8:ee:c9:c0:4f:4d:8b:04:77:01:fb:
         f5:48:4b:3d:df:19:c0:85:bf:fe:52:b5:cd:46:0b:1b:4d:a8:
         75:ac:3c:46:73:ad:20:52:3f:ac:e8:9d:44:b9:0d:1f:69:eb:
         69:34:6f:28:b1:43:6a:bd:fa:97:a7:b2:e7:d9:75:7c:56:95:
         78:a2:5b:90:e6:f9:f0:9f:6f:19:4b:e3:9f:1e:6a:4f:20:7e:
         ec:2d:37:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7Nb8rpgNEvWV/kbhZ5RNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzZhZGY4ZWVjYWJjMTA1MmUxZjc4M2QzYmNlNGExYzVk
YjU0MTAwHhcNMjYwMTAxMjAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFmMmJjNDVkMWYzNjkyZDIyODNmNDNhYTZkMjU1ZTdkZTAwM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HFyHMu723nmStN0gQhoFnsfplL1
NfvGmoGB4kpFcXyYiFYL5Zc13hZsgU62DqkPFqOsdWHyBRIIG9lmp4Hhd+QozVjN
aQ+kkv7Bw7fVgoxHCfRadXUpT3zjpZ0FQ9Z6BjMUj7jjfvB7xeKbQ8dn2bpSOcJH
VpF7s4/jpKHMIzSZKTLdR/X39hTz0vPuTz/FudL2yZax+f7XSJTszxEZEhhAkRFs
GKxQTaJE9/VEi77LASkUILWSOSsVktp8UsxULFTlTBplriAgch9dBVX6+Joy60UY
hWQO8CpgbDBW6tQlc9YveAqKNLu2kKZRdfX9ews1AlU3LwAhfLocL1U5RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCvK8RdHzaS0ig/Q6ptJV594AO/MB8GA1UdIwQY
MBaAFGjGrfjuyrwQUuH3g9O85KHF21QQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYt
NDc3M2I2NjY5NzE2LzEvSUs4cnhGMGZOcExTS0Q5RHFtMGxYbjNnQTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2
LzEvYU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhL1MA0G
CSqGSIb3DQEBCwUAA4IBAQCG4mBuF1F965UlPlbR4jTzaTt7WSNox/hnTNJ7TA6z
HD/V4zRnlllDp5Zx83bhRe/XWbO/EZu9HtiQq55kx7kUSd147AeesYM4FlGJnboW
wHTKcpXU6xy+4gH95K+w5c1fXNQfeJVDPO7j/mlGAwGflNIoaBuHHyEziXVEACU3
yCt0uEHyf2gX/ZRpHth7RDXExqqEcnE7dy/dxxNjIHfZZeF9b7XE8a7wuO7JwE9N
iwR3Afv1SEs93xnAhb/+UrXNRgsbTah1rDxGc60gUj+s6J1EuQ0faetpNG8osUNq
vfqXp7Ln2XV8VpV4oluQ5vnwn28ZS+OfHmpPIH7sLTcC
-----END CERTIFICATE-----