This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/OyeMYVp5OvrkmRrNy1af0fPKfIs.roa
File:                     OyeMYVp5OvrkmRrNy1af0fPKfIs.roa (raw, json)
Hash identifier:          47ed5gKnSBsJcBinRPWYBPdrDfTOHB8tg9qJU58BIJY=
Subject key identifier:   3B:27:8C:61:5A:79:3A:FA:E4:99:1A:CD:CB:56:9F:D1:F3:CA:7C:8B
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       019B78A270F87A00F37D258250D718279A89
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/OyeMYVp5OvrkmRrNy1af0fPKfIs.roa
Signing time:             Thu 01 Jan 2026 08:17:50 +0000
ROA not before:           Thu 01 Jan 2026 08:17:50 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     1239
IP address blocks:        162.218.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 12:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:70:f8:7a:00:f3:7d:25:82:50:d7:18:27:9a:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  1 08:17:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3b278c615a793afae4991acdcb569fd1f3ca7c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:77:2f:01:59:77:55:1d:45:ec:31:9e:2c:d0:
                    38:16:1c:3d:11:56:b2:d4:a2:51:3a:61:b2:bf:1a:
                    dc:0e:c8:b4:b1:d6:d9:6f:a1:a7:8c:00:f4:a9:f6:
                    3e:2a:50:f0:01:97:6e:87:19:2e:b2:c3:37:74:2f:
                    3f:d6:2b:99:a3:f5:df:04:ab:63:2b:f6:bf:47:e8:
                    4f:67:bc:fe:48:ec:d7:4a:82:59:f9:5c:c4:32:68:
                    a2:4f:dc:97:d6:3f:c0:f1:3d:3d:1c:f3:0d:a9:61:
                    7c:5c:3a:99:d0:01:25:38:93:2a:5f:53:b5:5f:ec:
                    eb:61:30:53:91:37:3e:ec:94:a9:a2:18:1a:9c:59:
                    a3:f9:c3:3a:94:25:53:b7:a0:64:a9:84:12:6f:e3:
                    15:e7:b2:d2:be:03:42:bf:ed:91:65:52:53:b0:f6:
                    4a:aa:cc:f2:01:28:60:d1:ef:a3:b9:77:d2:75:55:
                    e7:21:f6:a7:92:22:3c:1f:6a:ff:ac:a9:72:9d:e1:
                    fa:82:f5:65:a9:04:7e:91:9f:d5:47:d6:28:dc:6c:
                    d9:4a:d0:93:77:ad:29:dd:c8:75:32:49:76:0c:fe:
                    d4:f3:eb:8c:85:fb:40:0d:f0:2e:2a:42:03:98:8d:
                    7d:01:ba:fc:f3:c2:d4:3c:ac:02:06:46:1d:74:a6:
                    96:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:27:8C:61:5A:79:3A:FA:E4:99:1A:CD:CB:56:9F:D1:F3:CA:7C:8B
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/OyeMYVp5OvrkmRrNy1af0fPKfIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.218.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:22:b2:59:78:43:75:a8:14:ec:f0:1b:a9:1a:b2:18:ed:32:
         b1:a7:84:26:4c:b6:a6:30:2e:78:78:4e:bc:bb:d5:17:35:da:
         d9:56:74:5d:af:bf:54:54:f4:be:3f:64:7b:a6:44:d8:4d:52:
         6e:15:b9:e7:7d:f8:f7:f0:4a:44:59:07:d5:81:e0:d5:00:fc:
         9e:40:11:3e:c0:90:15:a8:6a:2f:23:2f:9d:1d:4b:11:87:1f:
         63:4e:6b:4c:15:7a:7a:ed:8c:d6:80:8d:d5:4d:3b:8c:5b:15:
         7e:5a:44:01:74:b9:96:dd:35:a3:b2:17:64:59:b2:91:5d:33:
         b3:5c:37:b2:1f:ec:74:14:0d:1b:d2:82:be:e2:43:b0:f7:a6:
         52:7e:03:1b:d1:76:02:b1:64:ee:19:03:7b:0f:55:93:b1:3b:
         86:d9:d7:ea:07:a3:28:0d:0e:0d:70:c7:ba:c3:87:84:61:a6:
         ce:91:3c:84:8e:f6:a2:81:f2:8d:93:2a:96:2d:0f:e6:8d:5d:
         12:08:07:2a:22:b3:08:f1:7b:2e:ef:c1:dc:d4:e4:d4:c3:16:
         0b:2b:45:2a:cb:8a:9b:bd:29:6e:39:ba:11:98:e1:41:1d:be:
         a1:ff:86:e9:37:90:a7:3d:39:74:2a:ea:8f:e4:69:bd:6c:4c:
         5c:ca:cf:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4onD4egDzfSWCUNcYJ5qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI3OGM2MTVhNzkzYWZhZTQ5OTFhY2RjYjU2OWZkMWYzY2E3YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXcvAVl3VR1F7DGeLNA4Fhw9EVay
1KJROmGyvxrcDsi0sdbZb6GnjAD0qfY+KlDwAZduhxkussM3dC8/1iuZo/XfBKtj
K/a/R+hPZ7z+SOzXSoJZ+VzEMmiiT9yX1j/A8T09HPMNqWF8XDqZ0AElOJMqX1O1
X+zrYTBTkTc+7JSpohganFmj+cM6lCVTt6BkqYQSb+MV57LSvgNCv+2RZVJTsPZK
qszyAShg0e+juXfSdVXnIfankiI8H2r/rKlyneH6gvVlqQR+kZ/VR9Yo3GzZStCT
d60p3ch1Mkl2DP7U8+uMhftADfAuKkIDmI19Abr888LUPKwCBkYddKaWHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsnjGFaeTr65JkazctWn9HzynyLMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvT3llTVlWcDVPdnJrbVJyTnkxYWYwZlBLZklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAotpfMA0G
CSqGSIb3DQEBCwUAA4IBAQATIrJZeEN1qBTs8BupGrIY7TKxp4QmTLamMC54eE68
u9UXNdrZVnRdr79UVPS+P2R7pkTYTVJuFbnnffj38EpEWQfVgeDVAPyeQBE+wJAV
qGovIy+dHUsRhx9jTmtMFXp67YzWgI3VTTuMWxV+WkQBdLmW3TWjshdkWbKRXTOz
XDeyH+x0FA0b0oK+4kOw96ZSfgMb0XYCsWTuGQN7D1WTsTuG2dfqB6MoDQ4NcMe6
w4eEYabOkTyEjvaigfKNkyqWLQ/mjV0SCAcqIrMI8Xsu78Hc1OTUwxYLK0Uqy4qb
vSluOboRmOFBHb6h/4bpN5CnPTl0KuqP5Gm9bExcys/9
-----END CERTIFICATE-----