This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/DBdmcuzJA5EDAtOoACaSFGmDW9c.roa
File:                     DBdmcuzJA5EDAtOoACaSFGmDW9c.roa (raw, json)
Hash identifier:          u5C0lrPpVUxYr5UektHNiniMSvjMcYM6DlOSyRv5xcQ=
Subject key identifier:   0C:17:66:72:EC:C9:03:91:03:02:D3:A8:00:26:92:14:69:83:5B:D7
Certificate issuer:       /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial:       019B7910885D3D460895D52D5C9A4EF2FDE9
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/DBdmcuzJA5EDAtOoACaSFGmDW9c.roa
Signing time:             Thu 01 Jan 2026 10:18:05 +0000
ROA not before:           Thu 01 Jan 2026 10:18:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215027
IP address blocks:        45.131.3.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 07:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:88:5d:3d:46:08:95:d5:2d:5c:9a:4e:f2:fd:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
        Validity
            Not Before: Jan  1 10:18:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0c176672ecc903910302d3a80026921469835bd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:43:d3:14:c3:c9:2b:b4:c1:73:30:cc:0b:30:
                    ae:6f:d1:bc:6f:ee:1a:7b:33:86:1f:12:1b:c9:27:
                    d1:22:7e:ac:a6:a8:e8:07:fc:70:89:58:2f:81:f2:
                    49:66:dd:28:67:0c:c4:ee:b0:df:fc:da:2b:3b:d5:
                    7c:5b:3d:f9:6b:b2:a6:01:1e:17:60:b5:6e:26:bb:
                    56:32:34:a0:a6:38:3b:41:cc:23:09:cd:f9:26:69:
                    89:18:b1:b3:9c:f9:72:58:27:83:96:47:a9:39:4e:
                    7c:97:1a:34:c9:61:8f:e2:a0:33:bd:77:ea:4f:6f:
                    7f:c2:9f:6b:6f:36:2e:4b:eb:11:66:8b:b7:7d:0b:
                    ed:b1:c7:72:11:73:52:4a:33:05:d9:45:15:ba:66:
                    74:93:ca:8e:bb:a6:49:4a:2b:0a:21:ef:ac:df:72:
                    4b:b4:57:4a:d6:1e:3c:c6:f0:8a:96:f3:99:fd:85:
                    b4:72:71:34:9e:01:06:2d:3a:5d:60:f9:2d:42:c6:
                    ec:47:4d:9b:cf:09:9a:f3:57:ec:10:85:46:8d:90:
                    e2:37:d3:a6:76:83:54:f7:c9:9d:2a:65:d1:19:7f:
                    b8:42:8a:97:1b:9a:a2:1a:31:d3:cd:32:b4:8a:e4:
                    3e:53:ce:b8:e8:05:13:de:b5:e5:c3:9d:68:07:4f:
                    bc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:17:66:72:EC:C9:03:91:03:02:D3:A8:00:26:92:14:69:83:5B:D7
            X509v3 Authority Key Identifier:
                keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/DBdmcuzJA5EDAtOoACaSFGmDW9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:6f:82:19:bb:aa:39:76:dd:4f:c6:11:67:7b:54:b6:65:c1:
         80:c1:30:05:b4:f6:5f:19:43:9b:96:ff:38:cb:a2:fa:76:c0:
         14:78:a8:41:bd:b6:d9:29:01:de:0e:85:62:08:59:8f:41:66:
         30:87:4a:d7:e3:62:72:03:81:74:9d:38:95:23:95:71:39:a2:
         d5:8c:88:f2:ae:bc:5d:23:fd:54:8c:8a:67:a2:df:b4:ad:28:
         39:c9:fa:49:3d:c5:2b:aa:54:2d:f4:c8:3e:7a:8f:1a:b7:f4:
         09:a6:45:fa:0d:88:b0:33:8f:34:7c:27:e1:56:21:12:c3:5b:
         8a:6d:46:43:80:7c:51:16:17:dd:0a:d0:fb:ba:e1:50:d6:0f:
         94:3e:f9:77:17:68:f1:2f:99:2b:2f:d2:d7:76:6e:52:a7:79:
         20:31:f3:3a:03:0f:8d:54:76:48:47:42:10:24:a5:0e:61:27:
         50:53:f9:65:b0:20:2a:06:fd:7b:7a:9f:74:fd:b2:4e:b2:08:
         ed:24:d3:4f:5a:7f:b9:90:93:ea:16:68:c8:b5:71:48:b2:75:
         b3:97:22:94:8c:d3:5c:8f:c4:d7:3f:ae:46:e8:ba:23:b5:df:
         8e:aa:c6:20:88:e3:9d:ef:43:e3:5b:ef:dc:05:49:f3:b8:f1:
         74:a8:6f:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EIhdPUYIldUtXJpO8v3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMTAxMTAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE3NjY3MmVjYzkwMzkxMDMwMmQzYTgwMDI2OTIxNDY5ODM1YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0PTFMPJK7TBczDMCzCub9G8b+4a
ezOGHxIbySfRIn6spqjoB/xwiVgvgfJJZt0oZwzE7rDf/NorO9V8Wz35a7KmAR4X
YLVuJrtWMjSgpjg7QcwjCc35JmmJGLGznPlyWCeDlkepOU58lxo0yWGP4qAzvXfq
T29/wp9rbzYuS+sRZou3fQvtscdyEXNSSjMF2UUVumZ0k8qOu6ZJSisKIe+s33JL
tFdK1h48xvCKlvOZ/YW0cnE0ngEGLTpdYPktQsbsR02bzwma81fsEIVGjZDiN9Om
doNU98mdKmXRGX+4QoqXG5qiGjHTzTK0iuQ+U8646AUT3rXlw51oB0+8ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwXZnLsyQORAwLTqAAmkhRpg1vXMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvREJkbWN1ekpBNUVEQXRPb0FDYVNGR21EVzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYMDMA0G
CSqGSIb3DQEBCwUAA4IBAQACb4IZu6o5dt1PxhFne1S2ZcGAwTAFtPZfGUOblv84
y6L6dsAUeKhBvbbZKQHeDoViCFmPQWYwh0rX42JyA4F0nTiVI5VxOaLVjIjyrrxd
I/1UjIpnot+0rSg5yfpJPcUrqlQt9Mg+eo8at/QJpkX6DYiwM480fCfhViESw1uK
bUZDgHxRFhfdCtD7uuFQ1g+UPvl3F2jxL5krL9LXdm5Sp3kgMfM6Aw+NVHZIR0IQ
JKUOYSdQU/llsCAqBv17ep90/bJOsgjtJNNPWn+5kJPqFmjItXFIsnWzlyKUjNNc
j8TXP65G6Lojtd+OqsYgiOOd70PjW+/cBUnzuPF0qG/r
-----END CERTIFICATE-----