This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/VHsD8aL1vap6NAd4VLOWJjjdFBw.roa
File:                     VHsD8aL1vap6NAd4VLOWJjjdFBw.roa (raw, json)
Hash identifier:          Agb4+5pAbO8W2wpY0iP++EYhU8rZOrnE7m9i9w0XK+o=
Subject key identifier:   54:7B:03:F1:A2:F5:BD:AA:7A:34:07:78:54:B3:96:26:38:DD:14:1C
Certificate issuer:       /CN=6150ca1baf9f9f6fe13d89e2664470493fe65e65
Certificate serial:       019B77C6D93EDF1E15A1AD20301F43C1B2C1
Authority key identifier: 61:50:CA:1B:AF:9F:9F:6F:E1:3D:89:E2:66:44:70:49:3F:E6:5E:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YVDKG6-fn2_hPYniZkRwST_mXmU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/VHsD8aL1vap6NAd4VLOWJjjdFBw.roa
Signing time:             Thu 01 Jan 2026 04:17:59 +0000
ROA not before:           Thu 01 Jan 2026 04:17:59 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207945
IP address blocks:        78.156.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/YVDKG6-fn2_hPYniZkRwST_mXmU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/YVDKG6-fn2_hPYniZkRwST_mXmU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YVDKG6-fn2_hPYniZkRwST_mXmU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 01:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:d9:3e:df:1e:15:a1:ad:20:30:1f:43:c1:b2:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6150ca1baf9f9f6fe13d89e2664470493fe65e65
        Validity
            Not Before: Jan  1 04:17:59 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=547b03f1a2f5bdaa7a34077854b3962638dd141c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b1:d5:a7:1d:13:30:af:af:9c:7e:c8:33:f6:
                    18:c9:e0:05:c9:9d:4f:1b:38:d5:60:d8:3f:e5:4b:
                    ad:9f:b4:dc:20:50:a0:08:e5:a4:9f:7f:da:8e:b6:
                    ec:c4:2c:af:ac:be:27:09:7a:a6:84:5a:db:af:33:
                    f8:08:1c:bb:6f:85:cf:15:83:45:6c:be:3e:8a:b7:
                    78:1b:57:6e:ba:80:1f:e6:81:a6:e8:a6:82:ce:dd:
                    a8:46:ab:87:93:60:e3:bf:c5:4f:0a:c7:ed:fd:7a:
                    05:0b:8a:b9:d7:d3:b6:dc:3b:c6:fd:18:e1:85:2a:
                    98:52:fd:c1:8f:41:9d:ef:1f:94:84:69:68:41:5e:
                    98:de:e3:f2:cf:a6:25:b9:f3:ae:db:99:87:45:90:
                    a8:47:c1:bd:13:bc:0f:ea:02:75:62:95:e1:d5:79:
                    84:ff:18:7c:6e:ff:e5:f2:f5:69:75:4d:35:0b:64:
                    a8:1f:87:fe:dc:d6:b5:79:95:73:7a:e3:03:d7:af:
                    21:34:71:87:a2:36:9b:98:e0:65:48:c7:6b:38:13:
                    7b:78:f2:21:60:15:ee:a5:fb:6e:46:cc:0c:5f:52:
                    45:42:c7:d8:91:0c:3c:ff:b4:d2:78:b9:73:6d:e7:
                    0f:58:70:12:56:cf:a7:a0:4d:d7:c8:65:62:f1:f1:
                    89:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:7B:03:F1:A2:F5:BD:AA:7A:34:07:78:54:B3:96:26:38:DD:14:1C
            X509v3 Authority Key Identifier:
                keyid:61:50:CA:1B:AF:9F:9F:6F:E1:3D:89:E2:66:44:70:49:3F:E6:5E:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YVDKG6-fn2_hPYniZkRwST_mXmU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/VHsD8aL1vap6NAd4VLOWJjjdFBw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/551437-987f-48d4-aa0e-947ead9f14ed/1/YVDKG6-fn2_hPYniZkRwST_mXmU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.156.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:f6:4f:57:ed:35:83:f1:15:44:05:d2:9c:f3:54:d7:09:2f:
         ad:24:8b:92:83:3d:05:09:3c:69:ac:17:c7:62:de:d4:9c:89:
         c9:b1:e4:5a:25:9c:57:6e:07:4d:fa:9b:dc:6f:51:06:77:16:
         96:c2:12:00:03:3a:04:1f:cf:fb:f6:e0:ad:63:6b:d8:c5:c7:
         f4:56:17:bd:de:a8:59:f9:ba:e8:a4:03:88:92:0b:ff:bc:fb:
         ab:1f:ab:e9:e7:79:74:5c:09:76:52:b5:ef:0e:4b:e5:c5:fe:
         8e:28:0b:ab:60:e8:a9:8f:08:88:66:d2:6b:00:44:30:63:b1:
         23:9a:52:44:31:f6:05:56:3e:0b:ff:94:00:b2:ae:6a:8a:ea:
         fa:fe:2e:b8:bc:da:28:a7:fe:54:c6:32:ef:a5:4e:92:76:29:
         78:88:f0:d2:2a:b6:b9:79:98:cc:38:c0:d8:3c:1f:ba:d9:07:
         07:f1:15:de:65:26:94:fd:07:2e:ab:cf:3e:4d:4d:72:e4:5b:
         01:63:95:a4:ab:fa:23:2d:82:b4:6a:1b:f7:14:95:d9:c4:e7:
         9e:19:51:ed:04:8c:a8:4f:fb:37:14:7a:40:76:5f:0f:8e:01:
         23:78:f8:b0:12:a6:6a:ad:42:d9:a7:48:4f:db:f9:f3:68:5f:
         45:d0:08:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xtk+3x4Voa0gMB9DwbLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNTBjYTFiYWY5ZjlmNmZlMTNkODllMjY2NDQ3MDQ5M2Zl
NjVlNjUwHhcNMjYwMTAxMDQxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDdiMDNmMWEyZjViZGFhN2EzNDA3Nzg1NGIzOTYyNjM4ZGQxNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrHVpx0TMK+vnH7IM/YYyeAFyZ1P
GzjVYNg/5Uutn7TcIFCgCOWkn3/ajrbsxCyvrL4nCXqmhFrbrzP4CBy7b4XPFYNF
bL4+ird4G1duuoAf5oGm6KaCzt2oRquHk2Djv8VPCsft/XoFC4q519O23DvG/Rjh
hSqYUv3Bj0Gd7x+UhGloQV6Y3uPyz6YlufOu25mHRZCoR8G9E7wP6gJ1YpXh1XmE
/xh8bv/l8vVpdU01C2SoH4f+3Na1eZVzeuMD168hNHGHojabmOBlSMdrOBN7ePIh
YBXupftuRswMX1JFQsfYkQw8/7TSeLlzbecPWHASVs+noE3XyGVi8fGJQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFR7A/Gi9b2qejQHeFSzliY43RQcMB8GA1UdIwQY
MBaAFGFQyhuvn59v4T2J4mZEcEk/5l5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVZES0c2LWZuMl9oUFluaVprUndTVF9tWG1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC81NTE0MzctOTg3Zi00OGQ0LWFhMGUt
OTQ3ZWFkOWYxNGVkLzEvVkhzRDhhTDF2YXA2TkFkNFZMT1dKampkRkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC81NTE0MzctOTg3Zi00OGQ0LWFhMGUtOTQ3ZWFkOWYxNGVk
LzEvWVZES0c2LWZuMl9oUFluaVprUndTVF9tWG1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATpyMMA0G
CSqGSIb3DQEBCwUAA4IBAQCI9k9X7TWD8RVEBdKc81TXCS+tJIuSgz0FCTxprBfH
Yt7UnInJseRaJZxXbgdN+pvcb1EGdxaWwhIAAzoEH8/79uCtY2vYxcf0Vhe93qhZ
+bropAOIkgv/vPurH6vp53l0XAl2UrXvDkvlxf6OKAurYOipjwiIZtJrAEQwY7Ej
mlJEMfYFVj4L/5QAsq5qiur6/i64vNoop/5UxjLvpU6Sdil4iPDSKra5eZjMOMDY
PB+62QcH8RXeZSaU/Qcuq88+TU1y5FsBY5Wkq/ojLYK0ahv3FJXZxOeeGVHtBIyo
T/s3FHpAdl8PjgEjePiwEqZqrULZp0hP2/nzaF9F0Ahj
-----END CERTIFICATE-----