This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dJbljEfTrhv5f8S809pNG3dVMtE.roa
File:                     dJbljEfTrhv5f8S809pNG3dVMtE.roa (raw, json)
Hash identifier:          YycJNdOZWofL50FAkP6ZSpG0Fe+dZ36XwKRb7tucKx8=
Subject key identifier:   74:96:E5:8C:47:D3:AE:1B:F9:7F:C4:BC:D3:DA:4D:1B:77:55:32:D1
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       019B797E3E4BFA1502D59C7FA1B25AFD5F11
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dJbljEfTrhv5f8S809pNG3dVMtE.roa
Signing time:             Thu 01 Jan 2026 12:17:55 +0000
ROA not before:           Thu 01 Jan 2026 12:17:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211041
IP address blocks:        185.172.167.0/24 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 12:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:3e:4b:fa:15:02:d5:9c:7f:a1:b2:5a:fd:5f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 12:17:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7496e58c47d3ae1bf97fc4bcd3da4d1b775532d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b3:e8:fc:de:a3:af:c0:7b:a9:cf:5e:04:41:
                    36:47:3a:1e:20:3f:15:26:60:81:eb:f4:73:f2:c4:
                    74:e1:03:21:ee:ec:3b:57:64:2c:29:d2:af:e8:23:
                    55:c7:58:cc:eb:cf:9d:a2:e6:c8:36:b3:e5:fe:af:
                    a9:47:06:95:ca:e5:00:09:54:9a:0f:83:a0:c5:c7:
                    25:87:6a:8f:b4:52:7c:47:50:34:7b:d9:dd:c5:08:
                    09:58:f8:a8:a4:68:07:50:a5:9e:db:fb:6b:50:39:
                    85:2a:ce:46:f5:b4:a6:8d:8d:e1:60:cf:00:8d:97:
                    98:ca:c4:ae:6e:bf:3a:15:80:1f:69:aa:e2:a9:7c:
                    6a:8b:8b:d9:d5:e9:9c:a3:87:a3:8c:a9:7f:c7:b3:
                    88:ae:fb:cd:25:ec:d6:3e:93:d1:83:22:a4:01:0b:
                    ac:62:03:98:18:c0:70:50:24:f3:55:d4:82:bb:24:
                    d1:e6:a7:19:63:6d:2a:58:ce:91:ed:22:d7:1f:96:
                    b3:e8:96:7f:04:6c:19:76:25:5d:83:64:9b:f3:9a:
                    0c:66:1d:c7:d5:3a:04:19:de:58:7e:cc:4b:7b:d1:
                    23:56:ad:c0:2c:92:80:47:4d:cf:c7:fb:37:33:c8:
                    fe:40:28:c1:e2:17:5e:e6:48:a7:17:fc:0d:2f:a7:
                    09:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:96:E5:8C:47:D3:AE:1B:F9:7F:C4:BC:D3:DA:4D:1B:77:55:32:D1
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dJbljEfTrhv5f8S809pNG3dVMtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:3f:b7:ff:20:d5:ad:f7:8e:0a:9f:aa:7a:a1:f7:bb:00:12:
         6c:a5:c7:7c:73:fe:99:bd:0e:d2:dd:e5:8c:ec:2d:53:83:df:
         45:f1:c3:d7:99:72:1d:40:38:0b:08:7c:91:09:d6:bb:6f:5b:
         cb:5e:e5:99:7b:59:a0:25:d3:cd:c9:1e:84:55:1a:9c:16:f2:
         cb:e7:7f:5d:a9:13:be:db:b7:88:c8:da:85:78:92:d9:63:fa:
         0a:af:0c:58:66:c5:12:06:ce:62:a7:27:ea:9d:6a:1d:9e:d9:
         29:19:b8:4d:10:ed:77:13:23:ab:ed:5e:33:cd:ad:ec:3e:48:
         e4:48:85:79:1e:b2:d1:47:73:05:5a:c4:6c:1e:26:ab:ba:d3:
         62:81:1d:69:c5:33:9f:1c:5e:e3:4a:36:5b:28:1f:e0:e7:93:
         7a:32:3a:02:54:d6:5c:7c:4a:84:ca:b3:80:6b:90:6f:c1:96:
         96:46:56:f6:c4:78:88:7d:0a:f7:e6:b4:8c:f3:d0:0d:ca:43:
         ce:51:4d:92:cf:82:01:f8:f5:98:b3:ed:bc:87:3a:55:98:d6:
         80:03:78:ef:d7:a4:9b:e6:c1:49:b7:a4:cd:34:1e:1e:e6:20:
         3e:3e:17:46:7f:1f:cd:04:06:e9:ae:bc:d1:bb:81:af:9f:f1:
         44:25:be:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fj5L+hUC1Zx/obJa/V8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMTAxMTIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDk2ZTU4YzQ3ZDNhZTFiZjk3ZmM0YmNkM2RhNGQxYjc3NTUzMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7Po/N6jr8B7qc9eBEE2RzoeID8V
JmCB6/Rz8sR04QMh7uw7V2QsKdKv6CNVx1jM68+doubINrPl/q+pRwaVyuUACVSa
D4Ogxcclh2qPtFJ8R1A0e9ndxQgJWPiopGgHUKWe2/trUDmFKs5G9bSmjY3hYM8A
jZeYysSubr86FYAfaariqXxqi4vZ1emco4ejjKl/x7OIrvvNJezWPpPRgyKkAQus
YgOYGMBwUCTzVdSCuyTR5qcZY20qWM6R7SLXH5az6JZ/BGwZdiVdg2Sb85oMZh3H
1ToEGd5YfsxLe9EjVq3ALJKAR03Px/s3M8j+QCjB4hde5kinF/wNL6cJEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSW5YxH064b+X/EvNPaTRt3VTLRMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZEpibGpFZlRyaHY1ZjhTODA5cE5HM2RWTXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaynMA0G
CSqGSIb3DQEBCwUAA4IBAQADP7f/INWt944Kn6p6ofe7ABJspcd8c/6ZvQ7S3eWM
7C1Tg99F8cPXmXIdQDgLCHyRCda7b1vLXuWZe1mgJdPNyR6EVRqcFvLL539dqRO+
27eIyNqFeJLZY/oKrwxYZsUSBs5ipyfqnWodntkpGbhNEO13EyOr7V4zza3sPkjk
SIV5HrLRR3MFWsRsHiarutNigR1pxTOfHF7jSjZbKB/g55N6MjoCVNZcfEqEyrOA
a5BvwZaWRlb2xHiIfQr35rSM89ANykPOUU2Sz4IB+PWYs+28hzpVmNaAA3jv16Sb
5sFJt6TNNB4e5iA+PhdGfx/NBAbprrzRu4Gvn/FEJb7E
-----END CERTIFICATE-----