This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/STPdIX6CrYyfr1vohrww-wRb0C0.roa
File:                     STPdIX6CrYyfr1vohrww-wRb0C0.roa (raw, json)
Hash identifier:          0wlU1vJs00Ncb+MXC6wTTIKtW/iGTwibj2nEn68ZdBM=
Subject key identifier:   49:33:DD:21:7E:82:AD:8C:9F:AF:5B:E8:86:BC:30:FB:04:5B:D0:2D
Certificate issuer:       /CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Certificate serial:       019B7E38751CFFF8BF67947716CE16C805A7
Authority key identifier: 78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/STPdIX6CrYyfr1vohrww-wRb0C0.roa
Signing time:             Fri 02 Jan 2026 10:19:47 +0000
ROA not before:           Fri 02 Jan 2026 10:19:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     198518
IP address blocks:        185.238.60.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 19:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:75:1c:ff:f8:bf:67:94:77:16:ce:16:c8:05:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
        Validity
            Not Before: Jan  2 10:19:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4933dd217e82ad8c9faf5be886bc30fb045bd02d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:25:c8:c2:4d:ca:ea:e2:c4:06:e3:f1:24:bf:
                    a0:ab:fc:27:a8:71:03:2a:41:b7:6f:f2:05:93:57:
                    3d:01:ce:a9:02:ed:1d:19:1a:4f:5d:a4:76:e9:32:
                    64:de:1f:f2:f6:37:3b:67:89:a8:be:c7:5c:3f:fd:
                    16:2f:65:87:d5:4a:d4:53:59:c3:27:42:29:43:7a:
                    3a:1f:9f:65:49:71:7e:65:ca:ca:c6:39:e7:72:46:
                    bd:14:a7:86:7b:ae:78:48:28:81:ae:9a:fc:a8:b2:
                    0a:7f:cc:57:37:4b:a1:65:c6:7e:50:a7:47:ae:48:
                    29:cf:07:c9:ec:26:54:d2:ac:f3:e2:17:d4:4e:7c:
                    3c:5e:9c:75:cb:28:89:74:fa:f7:e2:b9:80:5e:fd:
                    83:3c:f2:27:e0:2d:89:87:6d:bd:70:c3:bf:17:31:
                    de:2a:e4:06:74:6c:1d:5e:d5:e6:1a:f6:5c:5d:5e:
                    48:56:10:c3:24:b4:97:39:d9:3d:09:ab:7c:07:cf:
                    2c:77:c4:e5:cd:89:72:a8:d1:1b:97:d3:e9:7c:72:
                    c9:9a:dd:cf:3a:bf:cd:f3:49:83:b0:d7:12:bf:a6:
                    bc:af:67:38:cb:c9:4e:4d:c7:f2:e8:d6:2e:9e:82:
                    55:6b:b3:71:4e:5d:64:cf:2b:4f:70:1d:0f:10:f5:
                    5e:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:33:DD:21:7E:82:AD:8C:9F:AF:5B:E8:86:BC:30:FB:04:5B:D0:2D
            X509v3 Authority Key Identifier:
                keyid:78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/STPdIX6CrYyfr1vohrww-wRb0C0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:2f:e5:7b:50:e3:fd:54:58:fe:7d:c8:e6:54:6a:12:91:8c:
         d0:cb:d5:9c:55:63:c3:28:74:66:2a:7e:09:1a:19:fa:5c:59:
         e8:31:16:a5:20:ed:00:1e:96:14:91:00:11:fc:15:eb:85:97:
         c8:0a:3b:c4:db:92:45:59:64:f1:e1:bc:50:63:5f:cd:ce:28:
         2b:bd:ff:10:37:d6:b9:1e:66:e2:00:d6:20:af:36:9b:a8:12:
         1d:76:68:f0:67:53:55:80:29:21:4d:e3:8e:4b:3d:29:92:33:
         6b:a6:b1:fa:a9:a6:83:5a:64:46:d7:6e:9d:93:25:7e:43:29:
         e4:2e:05:2b:7c:dd:b9:b4:76:9b:15:05:9b:9d:90:56:f9:f5:
         25:5b:cd:3f:2e:22:0e:4c:e3:d1:d9:d0:2c:51:3d:40:32:28:
         20:5b:e6:8b:c0:09:7f:ca:09:1b:19:f9:19:3a:37:28:e2:ef:
         30:bf:f1:83:b5:c0:81:3e:6b:ec:29:ce:87:c2:36:eb:57:92:
         33:8e:72:e6:37:be:cb:53:50:8c:ea:17:cd:ae:42:f9:c6:da:
         2e:1a:99:16:68:e7:1f:48:fb:b6:b1:4d:eb:c3:fd:0a:6b:18:
         44:8d:71:9a:45:4e:36:19:6e:c5:7c:ff:f4:03:45:53:12:ce:
         ad:25:1e:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OHUc//i/Z5R3Fs4WyAWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGY1YjIxMGYzYzNlYjQyMDY1OTYwZTg1ZDA2MWU5ZDlk
NjNhYjgwHhcNMjYwMTAyMTAxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMzZGQyMTdlODJhZDhjOWZhZjViZTg4NmJjMzBmYjA0NWJkMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyXIwk3K6uLEBuPxJL+gq/wnqHED
KkG3b/IFk1c9Ac6pAu0dGRpPXaR26TJk3h/y9jc7Z4movsdcP/0WL2WH1UrUU1nD
J0IpQ3o6H59lSXF+ZcrKxjnncka9FKeGe654SCiBrpr8qLIKf8xXN0uhZcZ+UKdH
rkgpzwfJ7CZU0qzz4hfUTnw8Xpx1yyiJdPr34rmAXv2DPPIn4C2Jh229cMO/FzHe
KuQGdGwdXtXmGvZcXV5IVhDDJLSXOdk9Cat8B88sd8TlzYlyqNEbl9PpfHLJmt3P
Or/N80mDsNcSv6a8r2c4y8lOTcfy6NYunoJVa7NxTl1kzytPcB0PEPVe8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkz3SF+gq2Mn69b6Ia8MPsEW9AtMB8GA1UdIwQY
MBaAFHiPWyEPPD60IGWWDoXQYenZ1jq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmIt
YzRhY2I4OTY5YzQ5LzEvU1RQZElYNkNyWXlmcjF2b2hyd3ctd1JiMEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmItYzRhY2I4OTY5YzQ5
LzEvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue48MA0G
CSqGSIb3DQEBCwUAA4IBAQCfL+V7UOP9VFj+fcjmVGoSkYzQy9WcVWPDKHRmKn4J
Ghn6XFnoMRalIO0AHpYUkQAR/BXrhZfICjvE25JFWWTx4bxQY1/Nzigrvf8QN9a5
HmbiANYgrzabqBIddmjwZ1NVgCkhTeOOSz0pkjNrprH6qaaDWmRG126dkyV+Qynk
LgUrfN25tHabFQWbnZBW+fUlW80/LiIOTOPR2dAsUT1AMiggW+aLwAl/ygkbGfkZ
Ojco4u8wv/GDtcCBPmvsKc6HwjbrV5IzjnLmN77LU1CM6hfNrkL5xtouGpkWaOcf
SPu2sU3rw/0KaxhEjXGaRU42GW7FfP/0A0VTEs6tJR6l
-----END CERTIFICATE-----