This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/StMbJtvRlQO14wUNmurXIGj_dCc.roa
File:                     StMbJtvRlQO14wUNmurXIGj_dCc.roa (raw, json)
Hash identifier:          nRl9T6KCGuQWggl4v4cSteE2c3YQrGkaeT7wlEMK0FI=
Subject key identifier:   4A:D3:1B:26:DB:D1:95:03:B5:E3:05:0D:9A:EA:D7:20:68:FF:74:27
Certificate issuer:       /CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Certificate serial:       019B7B35C74E5E0B5B8D7E48A3B4807AFD00
Authority key identifier: 52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/StMbJtvRlQO14wUNmurXIGj_dCc.roa
Signing time:             Thu 01 Jan 2026 20:18:00 +0000
ROA not before:           Thu 01 Jan 2026 20:18:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211632
IP address blocks:        185.190.24.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Jan 2026 08:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:c7:4e:5e:0b:5b:8d:7e:48:a3:b4:80:7a:fd:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
        Validity
            Not Before: Jan  1 20:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4ad31b26dbd19503b5e3050d9aead72068ff7427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e0:07:96:aa:c2:c6:c6:21:b7:04:da:f1:39:
                    6d:be:4d:d0:6a:87:3c:80:ed:0e:ac:18:5c:76:6d:
                    db:b4:f2:83:5f:6f:fd:ed:76:8a:0d:3b:66:6b:9a:
                    31:a4:93:b7:62:19:68:05:57:2d:a8:c0:81:ef:21:
                    54:24:6b:55:6f:ce:63:5e:7a:20:58:e7:16:7a:97:
                    bb:01:b7:60:cd:a3:62:3e:91:75:bf:ba:d1:4b:06:
                    08:75:97:0d:9c:8e:f0:45:ac:6f:1b:12:ec:d7:74:
                    85:29:c1:39:94:61:62:d6:97:3a:bc:20:d5:fe:0a:
                    70:df:f6:c8:55:25:34:5f:42:18:89:2d:9a:5c:e5:
                    5c:ba:2b:c3:07:77:3a:dc:0f:42:a1:3b:4b:1a:06:
                    1d:a7:71:08:c3:c4:3c:94:95:08:b6:7a:ee:59:95:
                    51:a7:cd:7f:d5:c0:b0:4b:e6:d3:5e:3c:b5:2a:e6:
                    15:92:c2:15:be:c2:fe:79:a1:9d:9d:5d:05:8e:46:
                    a1:59:5d:61:f1:9c:12:f5:91:03:c3:fd:5f:50:c2:
                    06:11:03:62:40:3a:9b:dd:d4:77:3b:ba:a5:78:b3:
                    8a:09:be:d4:d1:e2:c7:34:07:7a:7a:44:1e:71:01:
                    9f:e2:2c:7b:3b:ce:32:fa:d1:12:2f:6f:b4:82:51:
                    17:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D3:1B:26:DB:D1:95:03:B5:E3:05:0D:9A:EA:D7:20:68:FF:74:27
            X509v3 Authority Key Identifier:
                keyid:52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/StMbJtvRlQO14wUNmurXIGj_dCc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.190.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:24:63:3c:ef:2e:68:94:92:8d:7f:6a:12:c0:c3:8e:c7:9b:
         ad:05:f0:a9:e2:55:c7:b4:10:ff:8d:08:26:6d:78:81:ac:a3:
         05:eb:7f:82:e6:ac:48:96:11:c9:58:18:c8:0c:3d:7d:31:e9:
         29:95:7c:76:89:44:08:b0:68:c2:ce:96:a7:e9:2f:52:a8:fd:
         ce:c1:81:52:d1:96:69:53:a8:ea:7e:5a:67:81:43:3e:0e:3b:
         a8:92:08:97:9d:71:3e:b6:f0:07:e4:b7:ce:f0:83:f4:0b:c6:
         16:f1:93:4f:a3:8c:fd:a6:cb:33:2d:2b:c6:4c:c0:49:b3:25:
         4d:39:d3:53:ac:ef:09:42:06:f2:f4:ee:3e:9a:1b:86:4c:14:
         2a:28:35:bd:4f:dd:3d:bd:4f:d2:fc:eb:c5:01:b1:a6:bd:d2:
         bb:08:3a:c8:ab:cb:22:ff:30:a6:10:35:27:f3:99:2d:e8:bb:
         c5:08:db:3f:05:50:9a:db:4e:fa:39:0c:61:17:86:8f:f2:43:
         12:68:b1:e7:bf:13:bc:e2:3a:e9:52:5f:3a:23:e5:78:dd:11:
         3a:b8:6c:09:fd:93:c3:51:7e:68:cc:46:d4:82:ca:87:f7:d0:
         f5:12:1d:95:87:2c:67:b8:1b:84:b4:48:91:4b:8d:12:d5:84:
         7e:25:26:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NcdOXgtbjX5Io7SAev0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTE2NWRjM2FhZmJlMmM2MmUyNjVmZjEwNDMyN2EzZTY3
NWY4OWYwHhcNMjYwMTAxMjAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQzMWIyNmRiZDE5NTAzYjVlMzA1MGQ5YWVhZDcyMDY4ZmY3NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveAHlqrCxsYhtwTa8Tltvk3Qaoc8
gO0OrBhcdm3btPKDX2/97XaKDTtma5oxpJO3YhloBVctqMCB7yFUJGtVb85jXnog
WOcWepe7AbdgzaNiPpF1v7rRSwYIdZcNnI7wRaxvGxLs13SFKcE5lGFi1pc6vCDV
/gpw3/bIVSU0X0IYiS2aXOVcuivDB3c63A9CoTtLGgYdp3EIw8Q8lJUItnruWZVR
p81/1cCwS+bTXjy1KuYVksIVvsL+eaGdnV0FjkahWV1h8ZwS9ZEDw/1fUMIGEQNi
QDqb3dR3O7qleLOKCb7U0eLHNAd6ekQecQGf4ix7O84y+tESL2+0glEXcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErTGybb0ZUDteMFDZrq1yBo/3QnMB8GA1UdIwQY
MBaAFFKhZdw6r74sYuJl/xBDJ6PmdfifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTIt
ZTI5OGI0MWI2YzgxLzEvU3RNYkp0dlJsUU8xNHdVTm11clhJR2pfZENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTItZTI5OGI0MWI2Yzgx
LzEvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub4YMA0G
CSqGSIb3DQEBCwUAA4IBAQCuJGM87y5olJKNf2oSwMOOx5utBfCp4lXHtBD/jQgm
bXiBrKMF63+C5qxIlhHJWBjIDD19MekplXx2iUQIsGjCzpan6S9SqP3OwYFS0ZZp
U6jqflpngUM+DjuokgiXnXE+tvAH5LfO8IP0C8YW8ZNPo4z9psszLSvGTMBJsyVN
OdNTrO8JQgby9O4+mhuGTBQqKDW9T909vU/S/OvFAbGmvdK7CDrIq8si/zCmEDUn
85kt6LvFCNs/BVCa2076OQxhF4aP8kMSaLHnvxO84jrpUl86I+V43RE6uGwJ/ZPD
UX5ozEbUgsqH99D1Eh2VhyxnuBuEtEiRS40S1YR+JSaF
-----END CERTIFICATE-----