This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/ZlWEEzGYFVqbln14VFTl7vY0xlM.roa
File:                     ZlWEEzGYFVqbln14VFTl7vY0xlM.roa (raw, json)
Hash identifier:          4+sTiTIEM7Q8B0+aFICyPTm4dchReZ/Z4NBsp9md7hs=
Subject key identifier:   66:55:84:13:31:98:15:5A:9B:96:7D:78:54:54:E5:EE:F6:34:C6:53
Certificate issuer:       /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial:       019B7DCA27A80C6051AE51B36B7EDB7B8EC7
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/ZlWEEzGYFVqbln14VFTl7vY0xlM.roa
Signing time:             Fri 02 Jan 2026 08:19:18 +0000
ROA not before:           Fri 02 Jan 2026 08:19:18 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     49066
IP address blocks:        95.215.136.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 08:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:27:a8:0c:60:51:ae:51:b3:6b:7e:db:7b:8e:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
        Validity
            Not Before: Jan  2 08:19:18 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=665584133198155a9b967d785454e5eef634c653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:89:60:a5:8e:25:f3:0a:93:fb:2f:c2:20:8b:
                    36:e7:fa:18:c8:ae:51:8d:ca:0a:8a:91:9a:50:63:
                    d0:d5:0e:4b:f7:27:e0:86:b0:4e:d0:aa:96:26:ef:
                    6c:81:bf:34:da:bd:9a:dd:be:e1:fe:fd:05:05:2d:
                    5c:0f:6f:01:23:e6:db:00:41:7c:6a:5b:b2:f6:19:
                    33:de:e6:5c:a9:2d:07:5f:91:cf:d1:6e:54:02:cc:
                    21:f2:4e:76:6b:28:3b:92:40:fd:e6:ac:36:59:a3:
                    f6:8e:ad:6d:38:96:23:cd:c4:86:8e:41:37:24:9d:
                    c6:13:a5:1f:f5:a3:70:cc:9d:c9:88:cc:77:8a:f9:
                    91:65:f6:50:c3:83:e6:b9:1b:9f:b6:9b:e7:d2:a9:
                    b7:a5:83:c7:81:fb:0c:00:05:29:d9:40:e7:39:39:
                    dc:35:33:33:1e:dd:7f:e8:50:8b:6e:f5:52:ec:ec:
                    de:fe:56:e0:b2:d8:3e:c0:5e:f0:33:f0:8a:84:18:
                    24:c2:72:83:25:2c:58:e5:91:4b:cc:69:e5:fb:b9:
                    3d:1b:32:78:6f:85:e9:26:35:86:b1:1e:6a:6a:03:
                    7c:33:35:d3:1c:18:a6:d6:a1:05:5f:c0:f3:58:52:
                    ed:0c:fc:57:3a:7a:0e:b6:f5:41:90:0e:20:9d:c5:
                    e2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:55:84:13:31:98:15:5A:9B:96:7D:78:54:54:E5:EE:F6:34:C6:53
            X509v3 Authority Key Identifier:
                keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/ZlWEEzGYFVqbln14VFTl7vY0xlM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3d:29:c3:54:3c:0b:21:9c:9c:7d:1f:ae:45:ff:5d:f9:54:a3:
         02:3a:de:a2:e5:74:ea:b7:8d:b6:62:ee:2a:64:8b:59:d3:94:
         dc:29:07:be:31:ba:c4:4e:2e:0c:ab:c2:cf:c3:a8:77:36:56:
         cd:42:0e:64:a6:af:03:d7:5a:d7:41:96:b3:fe:c7:10:75:63:
         f3:5f:96:c2:62:3e:29:7e:8d:91:21:39:73:9f:12:c4:4f:05:
         3a:01:03:c4:7c:90:b5:ee:08:03:84:54:29:7e:ed:ed:e7:59:
         fc:d0:10:ff:0c:9c:e1:9a:b7:16:f0:e3:bc:af:b8:2e:23:1d:
         2c:39:57:48:00:46:d7:33:0f:04:ca:b0:44:0c:06:60:79:e0:
         ba:2e:93:4d:9d:e3:b0:16:36:a1:03:99:15:d2:29:9f:77:ed:
         ec:df:cc:d1:cb:fa:cb:14:6c:66:44:9e:74:fa:51:e1:aa:06:
         87:27:64:d8:b2:7f:f4:0c:0e:ad:5a:51:15:6e:f9:56:51:16:
         49:f6:d0:07:0b:c2:0f:47:19:90:d9:fa:a8:20:86:ae:51:6c:
         cc:45:2f:65:6b:97:e9:73:4b:e5:2c:ce:08:e2:af:72:d9:02:
         0f:6b:69:07:ff:63:5d:c0:08:f0:f7:23:a6:02:93:b2:a5:7e:
         cd:13:32:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yieoDGBRrlGza37be47HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjYwMTAyMDgxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjU1ODQxMzMxOTgxNTVhOWI5NjdkNzg1NDU0ZTVlZWY2MzRjNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYlgpY4l8wqT+y/CIIs25/oYyK5R
jcoKipGaUGPQ1Q5L9yfghrBO0KqWJu9sgb802r2a3b7h/v0FBS1cD28BI+bbAEF8
aluy9hkz3uZcqS0HX5HP0W5UAswh8k52ayg7kkD95qw2WaP2jq1tOJYjzcSGjkE3
JJ3GE6Uf9aNwzJ3JiMx3ivmRZfZQw4PmuRuftpvn0qm3pYPHgfsMAAUp2UDnOTnc
NTMzHt1/6FCLbvVS7Oze/lbgstg+wF7wM/CKhBgkwnKDJSxY5ZFLzGnl+7k9GzJ4
b4XpJjWGsR5qagN8MzXTHBim1qEFX8DzWFLtDPxXOnoOtvVBkA4gncXixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZVhBMxmBVam5Z9eFRU5e72NMZTMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvWmxXRUV6R1lGVnFibG4xNFZGVGw3dlkweGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9eIMA0G
CSqGSIb3DQEBCwUAA4IBAQA9KcNUPAshnJx9H65F/135VKMCOt6i5XTqt422Yu4q
ZItZ05TcKQe+MbrETi4Mq8LPw6h3NlbNQg5kpq8D11rXQZaz/scQdWPzX5bCYj4p
fo2RITlznxLETwU6AQPEfJC17ggDhFQpfu3t51n80BD/DJzhmrcW8OO8r7guIx0s
OVdIAEbXMw8EyrBEDAZgeeC6LpNNneOwFjahA5kV0imfd+3s38zRy/rLFGxmRJ50
+lHhqgaHJ2TYsn/0DA6tWlEVbvlWURZJ9tAHC8IPRxmQ2fqoIIauUWzMRS9la5fp
c0vlLM4I4q9y2QIPa2kH/2NdwAjw9yOmApOypX7NEzIC
-----END CERTIFICATE-----
Generated at Mon Jan 26 16:23:24 2026 by rpki-client