This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/1S7wmC7UNi7YklqSCZbK-q4l2aw.roa
File:                     1S7wmC7UNi7YklqSCZbK-q4l2aw.roa (raw, json)
Hash identifier:          grflm2PbIIqM2mq6/myyrNwOE3qgPal6r2qF/DPaHSs=
Subject key identifier:   D5:2E:F0:98:2E:D4:36:2E:D8:92:5A:92:09:96:CA:FA:AE:25:D9:AC
Certificate issuer:       /CN=b960b14746c5875244ae3b694162ec6d8c63255e
Certificate serial:       019B76EB623C63FF9CA96288D7E8966CD1CE
Authority key identifier: B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/1S7wmC7UNi7YklqSCZbK-q4l2aw.roa
Signing time:             Thu 01 Jan 2026 00:18:16 +0000
ROA not before:           Thu 01 Jan 2026 00:18:16 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     41960
IP address blocks:        45.135.211.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 15:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:62:3c:63:ff:9c:a9:62:88:d7:e8:96:6c:d1:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b960b14746c5875244ae3b694162ec6d8c63255e
        Validity
            Not Before: Jan  1 00:18:16 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d52ef0982ed4362ed8925a920996cafaae25d9ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b2:03:a9:8b:a0:53:0e:03:03:e8:b4:05:73:
                    07:ab:20:2b:fc:e2:f4:3e:f9:bf:7c:64:d7:4d:5b:
                    98:77:6d:07:58:a7:94:c0:33:50:51:1b:b9:89:97:
                    02:a7:52:53:5b:a8:28:e6:26:a9:91:18:52:39:33:
                    af:9b:ee:65:72:ed:53:e2:54:5a:85:b5:27:e3:d6:
                    ae:d1:f1:b1:87:14:23:f1:cd:6d:50:fc:88:58:d4:
                    23:9d:2f:be:a5:bf:8f:a2:6d:f6:cd:4d:75:f1:d5:
                    61:04:72:8a:fd:83:12:78:1b:e1:94:4c:7c:e8:b6:
                    b6:43:ca:95:58:dc:32:2f:f8:c0:af:3c:94:31:0e:
                    b1:ab:58:36:c7:ff:d5:63:d8:ee:ed:bc:9c:34:51:
                    bb:61:fe:ed:59:84:51:19:dd:e9:f3:53:d2:41:3f:
                    82:bd:4f:31:44:be:53:b6:16:7a:ec:d6:d9:d4:1d:
                    c8:f3:d0:b8:33:58:bd:69:f6:70:2d:27:10:b9:f8:
                    9c:02:63:c7:1c:b2:d8:54:89:70:f6:92:00:8e:f9:
                    9e:be:73:70:d8:86:c3:d4:0b:26:d2:94:57:e4:f9:
                    2e:24:f8:dc:0d:ea:33:19:cb:85:11:41:c8:1e:d8:
                    70:1d:ac:42:b3:06:15:72:a9:92:48:96:21:54:ca:
                    43:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:2E:F0:98:2E:D4:36:2E:D8:92:5A:92:09:96:CA:FA:AE:25:D9:AC
            X509v3 Authority Key Identifier:
                keyid:B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/1S7wmC7UNi7YklqSCZbK-q4l2aw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:e2:2a:b4:dd:29:04:5d:3c:6a:96:69:6f:e0:22:31:7d:88:
         6a:ee:2a:e0:f0:27:28:65:5a:f8:ab:36:05:94:5b:3c:e2:09:
         6c:7e:aa:ef:3b:90:01:e8:21:dc:e1:fd:a8:64:7f:c5:e5:28:
         3d:69:8d:57:ff:43:3f:d0:80:9a:44:fb:8e:84:88:2a:66:2a:
         29:48:14:3a:43:a9:c1:1b:47:3f:a3:1d:69:ec:c4:88:16:d4:
         3c:64:ec:3c:1e:c7:ed:c6:c7:ae:5a:e4:c1:20:ac:ad:c4:fa:
         9a:81:e0:8b:bc:09:78:ba:12:cd:37:58:da:af:e2:2b:a6:69:
         ea:04:69:02:6c:0a:ac:e3:1c:e1:d9:6f:88:f5:a3:19:45:d5:
         b2:94:b3:b6:a6:1b:64:2d:f9:1e:df:1c:0d:63:6b:47:f7:78:
         e9:a6:38:a2:d5:1d:a4:62:fa:9a:79:a6:19:e8:17:ea:c0:d9:
         aa:ae:59:4e:21:26:80:17:59:6b:96:25:32:63:30:cc:6e:8d:
         d3:25:30:a2:65:76:49:ee:20:ce:1b:a1:56:6f:78:8b:f4:bf:
         56:6a:e9:d0:29:36:4a:4d:29:b8:8f:0c:4c:3d:29:11:05:26:
         6b:3f:f8:60:bc:d5:f7:c1:68:5f:a2:e0:be:ca:21:81:53:83:
         06:76:66:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt262I8Y/+cqWKI1+iWbNHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NjBiMTQ3NDZjNTg3NTI0NGFlM2I2OTQxNjJlYzZkOGM2
MzI1NWUwHhcNMjYwMTAxMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJlZjA5ODJlZDQzNjJlZDg5MjVhOTIwOTk2Y2FmYWFlMjVkOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbIDqYugUw4DA+i0BXMHqyAr/OL0
Pvm/fGTXTVuYd20HWKeUwDNQURu5iZcCp1JTW6go5iapkRhSOTOvm+5lcu1T4lRa
hbUn49au0fGxhxQj8c1tUPyIWNQjnS++pb+Pom32zU118dVhBHKK/YMSeBvhlEx8
6La2Q8qVWNwyL/jArzyUMQ6xq1g2x//VY9ju7bycNFG7Yf7tWYRRGd3p81PSQT+C
vU8xRL5TthZ67NbZ1B3I89C4M1i9afZwLScQuficAmPHHLLYVIlw9pIAjvmevnNw
2IbD1Asm0pRX5PkuJPjcDeozGcuFEUHIHthwHaxCswYVcqmSSJYhVMpDIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUu8Jgu1DYu2JJakgmWyvquJdmsMB8GA1UdIwQY
MBaAFLlgsUdGxYdSRK47aUFi7G2MYyVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTkt
MTg4ODJhMjgwOWIyLzEvMVM3d21DN1VOaTdZa2xxU0NaYkstcTRsMmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTktMTg4ODJhMjgwOWIy
LzEvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfTMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ4iq03SkEXTxqlmlv4CIxfYhq7irg8CcoZVr4qzYF
lFs84glsfqrvO5AB6CHc4f2oZH/F5Sg9aY1X/0M/0ICaRPuOhIgqZiopSBQ6Q6nB
G0c/ox1p7MSIFtQ8ZOw8HsftxseuWuTBIKytxPqageCLvAl4uhLNN1jar+Irpmnq
BGkCbAqs4xzh2W+I9aMZRdWylLO2phtkLfke3xwNY2tH93jppjii1R2kYvqaeaYZ
6BfqwNmqrllOISaAF1lrliUyYzDMbo3TJTCiZXZJ7iDOG6FWb3iL9L9WaunQKTZK
TSm4jwxMPSkRBSZrP/hgvNX3wWhfouC+yiGBU4MGdmb6
-----END CERTIFICATE-----