This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/dVMqcvXursPYfDYSCDAE4DhRFlc.roa
File:                     dVMqcvXursPYfDYSCDAE4DhRFlc.roa (raw, json)
Hash identifier:          Yq3X9779TMJZn56pp7FdF+bqg71vRgvQymxrtb6IBFY=
Subject key identifier:   75:53:2A:72:F5:EE:AE:C3:D8:7C:36:12:08:30:04:E0:38:51:16:57
Certificate issuer:       /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial:       019B78A2B44CACA1652F35F308DCA58513F8
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/dVMqcvXursPYfDYSCDAE4DhRFlc.roa
Signing time:             Thu 01 Jan 2026 08:18:07 +0000
ROA not before:           Thu 01 Jan 2026 08:18:07 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     680
IP address blocks:        141.53.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Jan 2026 00:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:b4:4c:ac:a1:65:2f:35:f3:08:dc:a5:85:13:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
        Validity
            Not Before: Jan  1 08:18:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=75532a72f5eeaec3d87c3612083004e038511657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ae:fb:65:fa:11:d1:5e:1a:6a:48:6c:cd:1f:
                    87:95:61:c9:31:b9:a2:80:5a:c6:61:67:34:53:0c:
                    31:24:47:41:0b:08:58:91:43:33:eb:47:48:d6:5d:
                    af:fc:21:49:e0:10:a1:d8:96:22:9a:44:60:81:dd:
                    d4:e4:ba:1d:7a:36:7d:0c:0e:14:73:ec:44:8d:19:
                    35:ec:1e:5f:35:33:37:f8:b1:c9:04:b2:0a:db:90:
                    52:9d:6e:f3:a6:5b:dd:99:55:92:53:f0:91:ba:f5:
                    16:fb:00:d9:7f:fe:20:ae:b3:e8:23:7d:4c:fd:5e:
                    06:a8:f4:cd:66:b7:40:9c:12:9a:29:4d:78:5f:0d:
                    d3:bd:d0:1b:ed:00:09:cf:a1:22:45:f0:0f:76:13:
                    51:0d:24:45:77:48:3c:1c:54:67:df:f9:eb:eb:47:
                    5c:db:20:13:82:20:12:b6:35:ab:6e:e6:ff:c8:b4:
                    b6:b8:70:d4:f7:6a:3b:f5:1b:3d:b2:2c:db:ec:af:
                    a1:65:8c:cb:47:ed:6c:99:8d:e7:e3:2a:4f:9a:96:
                    ef:37:c3:3b:a5:70:3a:2c:58:6d:57:6e:c2:0b:1c:
                    56:be:ff:94:c0:f3:b4:1b:76:cd:69:59:ab:09:58:
                    32:85:db:dc:a5:10:cc:a5:af:20:1d:d5:6e:ed:a9:
                    0b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:53:2A:72:F5:EE:AE:C3:D8:7C:36:12:08:30:04:E0:38:51:16:57
            X509v3 Authority Key Identifier:
                keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/dVMqcvXursPYfDYSCDAE4DhRFlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         30:26:64:72:fb:08:a9:dc:e2:5c:51:69:3a:65:dd:3f:41:bd:
         c7:32:85:23:fa:2a:3c:9b:1a:45:1f:a9:c1:12:8a:81:81:33:
         92:b4:b2:60:b6:16:9b:99:ee:50:67:4f:0d:6d:4e:39:0f:a8:
         92:97:4b:d7:5f:e1:98:a6:97:ef:1f:6b:ee:c4:09:f9:53:ae:
         92:fe:a8:ab:b1:8e:3d:79:43:9f:17:08:5f:98:ad:6b:b1:b8:
         bc:30:c3:3d:f3:2a:1c:46:2f:3e:e7:f5:d5:b2:8b:af:42:02:
         be:3d:03:6a:5b:94:70:e8:fb:b0:04:8b:e6:73:ce:52:a7:2e:
         a1:1b:04:93:b8:4f:9f:01:4c:c0:2b:fb:93:f3:65:56:f7:7b:
         53:59:90:fa:59:e3:21:20:e4:c6:98:6a:3f:1f:83:13:0c:4c:
         46:b2:8b:f3:17:a9:db:ca:b7:80:03:e3:ec:2e:ed:3f:66:fb:
         93:41:8e:60:5a:05:73:ff:00:0f:e8:5f:0b:31:ea:9e:e6:b0:
         4f:5f:51:d8:fc:37:47:79:6f:bf:f5:66:c3:e7:a0:87:84:7b:
         61:11:38:12:31:52:11:20:c1:a7:5a:b3:8e:3a:c8:20:9a:8e:
         4e:10:81:8c:1d:b4:94:40:c8:f5:bf:a0:aa:cb:a8:68:49:26:
         d5:c4:48:85
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZt4orRMrKFlLzXzCNylhRP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjYwMTAxMDgxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUzMmE3MmY1ZWVhZWMzZDg3YzM2MTIwODMwMDRlMDM4NTExNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia77ZfoR0V4aakhszR+HlWHJMbmi
gFrGYWc0UwwxJEdBCwhYkUMz60dI1l2v/CFJ4BCh2JYimkRggd3U5LodejZ9DA4U
c+xEjRk17B5fNTM3+LHJBLIK25BSnW7zplvdmVWSU/CRuvUW+wDZf/4grrPoI31M
/V4GqPTNZrdAnBKaKU14Xw3TvdAb7QAJz6EiRfAPdhNRDSRFd0g8HFRn3/nr60dc
2yATgiAStjWrbub/yLS2uHDU92o79Rs9sizb7K+hZYzLR+1smY3n4ypPmpbvN8M7
pXA6LFhtV27CCxxWvv+UwPO0G3bNaVmrCVgyhdvcpRDMpa8gHdVu7akL+QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFHVTKnL17q7D2Hw2EggwBOA4URZXMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvZFZNcWN2WHVyc1BZZkRZU0NEQUU0RGhSRmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjTUwDQYJ
KoZIhvcNAQELBQADggEBADAmZHL7CKnc4lxRaTpl3T9BvccyhSP6KjybGkUfqcES
ioGBM5K0smC2FpuZ7lBnTw1tTjkPqJKXS9df4Ziml+8fa+7ECflTrpL+qKuxjj15
Q58XCF+YrWuxuLwwwz3zKhxGLz7n9dWyi69CAr49A2pblHDo+7AEi+ZzzlKnLqEb
BJO4T58BTMAr+5PzZVb3e1NZkPpZ4yEg5MaYaj8fgxMMTEayi/MXqdvKt4AD4+wu
7T9m+5NBjmBaBXP/AA/oXwsx6p7msE9fUdj8N0d5b7/1ZsPnoIeEe2EROBIxUhEg
wadas446yCCajk4QgYwdtJRAyPW/oKrLqGhJJtXESIU=
-----END CERTIFICATE-----