This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/BOEi7NrSCNnbOJagz6PacwPyCow.roa
File:                     BOEi7NrSCNnbOJagz6PacwPyCow.roa (raw, json)
Hash identifier:          gcJkZ8tsvtRiMSl8JsUfBFpQEizMhx1qFKi60dWgXD0=
Subject key identifier:   04:E1:22:EC:DA:D2:08:D9:DB:38:96:A0:CF:A3:DA:73:03:F2:0A:8C
Certificate issuer:       /CN=626d24d6bf353963fe5afa25b0a59667152a86d0
Certificate serial:       019B76EB71763F757AF36EDC8BD1D43EF946
Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/BOEi7NrSCNnbOJagz6PacwPyCow.roa
Signing time:             Thu 01 Jan 2026 00:18:20 +0000
ROA not before:           Thu 01 Jan 2026 00:18:20 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     5518
IP address blocks:        195.10.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 20:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:71:76:3f:75:7a:f3:6e:dc:8b:d1:d4:3e:f9:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0
        Validity
            Not Before: Jan  1 00:18:20 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=04e122ecdad208d9db3896a0cfa3da7303f20a8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:94:72:31:00:7e:56:d7:2b:97:2b:84:64:e9:
                    d8:89:45:c8:c6:30:f1:c0:d5:a3:e1:b9:71:99:e2:
                    61:b4:77:44:f5:7c:01:e9:0c:4f:0a:15:53:21:35:
                    2c:51:3e:74:03:e8:5d:ac:8b:0b:8c:5d:4c:01:26:
                    08:5b:f8:ab:c4:67:04:ed:33:b6:a4:45:49:b3:29:
                    25:f9:4f:ea:33:4e:e7:f6:3d:e3:03:36:27:55:42:
                    db:1c:5f:ce:49:b5:74:84:f3:c9:0e:d0:46:92:27:
                    81:16:4f:f2:fb:43:5a:f6:16:cf:d9:13:66:d7:07:
                    5a:03:a9:d1:e5:ff:24:f3:8f:6a:ee:21:f1:7c:09:
                    b4:2a:25:0c:6e:c5:1e:5c:67:1e:f7:96:d0:7d:ec:
                    13:5c:be:4d:94:7a:3f:6d:22:22:86:02:d0:cb:b7:
                    e5:f5:78:dd:cc:67:62:9a:f7:78:2b:3c:83:7c:8d:
                    1b:45:0a:3c:46:55:17:79:e1:c6:88:b1:6b:f8:6f:
                    e3:ee:f2:42:0b:60:0d:f9:b0:a7:d6:4d:68:44:73:
                    e4:72:99:e0:fb:27:b0:7f:69:f2:aa:27:ca:a9:71:
                    59:da:4f:8c:41:87:43:33:ee:9d:5d:30:7d:1b:db:
                    0f:14:4d:09:35:24:86:5c:1d:83:af:d4:41:c2:e8:
                    c4:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E1:22:EC:DA:D2:08:D9:DB:38:96:A0:CF:A3:DA:73:03:F2:0A:8C
            X509v3 Authority Key Identifier:
                keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/BOEi7NrSCNnbOJagz6PacwPyCow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:82:1b:d7:36:c9:eb:a0:68:b5:09:62:6d:21:bc:b4:0a:2c:
         af:11:b0:b3:3a:3b:6b:7f:c0:bd:75:38:23:8f:d8:53:96:65:
         dc:41:7d:80:a2:c8:9c:26:28:fe:b6:d6:07:4e:21:ce:3f:be:
         ee:25:27:fb:61:13:14:8c:2f:5f:73:d0:4a:61:fc:92:8c:0a:
         d4:13:47:4a:76:5a:7a:76:a0:48:ee:a8:8e:2e:25:e9:6d:5a:
         22:b0:20:4e:80:64:bc:fa:db:6e:03:fa:e5:aa:9b:d2:ed:e3:
         8c:49:39:40:24:c4:dd:95:d9:8d:0c:05:9a:50:3e:37:84:5d:
         b8:14:0d:42:ff:d3:35:13:62:85:5b:c5:0a:d0:37:5f:4f:82:
         1d:c6:23:19:41:50:fc:d0:ce:b8:8b:1d:16:4b:11:09:28:40:
         83:be:74:12:83:fb:0c:32:5b:bd:9e:0b:8d:5e:8f:65:e8:a4:
         72:fc:c9:ea:f6:36:a4:f8:99:fc:cc:8d:2e:91:db:c6:80:ed:
         19:be:86:d6:38:35:53:25:8d:5b:04:73:f0:2c:ca:5f:2d:9a:
         5f:c5:50:1b:4a:ef:f8:03:4c:b6:eb:e6:28:8e:35:64:30:3b:
         07:ec:fa:8c:59:d1:ff:21:c6:30:34:28:ac:8b:3d:1f:e8:1a:
         76:86:e2:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt263F2P3V6827ci9HUPvlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmQyNGQ2YmYzNTM5NjNmZTVhZmEyNWIwYTU5NjY3MTUy
YTg2ZDAwHhcNMjYwMTAxMDAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUxMjJlY2RhZDIwOGQ5ZGIzODk2YTBjZmEzZGE3MzAzZjIwYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5RyMQB+VtcrlyuEZOnYiUXIxjDx
wNWj4blxmeJhtHdE9XwB6QxPChVTITUsUT50A+hdrIsLjF1MASYIW/irxGcE7TO2
pEVJsykl+U/qM07n9j3jAzYnVULbHF/OSbV0hPPJDtBGkieBFk/y+0Na9hbP2RNm
1wdaA6nR5f8k849q7iHxfAm0KiUMbsUeXGce95bQfewTXL5NlHo/bSIihgLQy7fl
9XjdzGdimvd4KzyDfI0bRQo8RlUXeeHGiLFr+G/j7vJCC2AN+bCn1k1oRHPkcpng
+yewf2nyqifKqXFZ2k+MQYdDM+6dXTB9G9sPFE0JNSSGXB2Dr9RBwujEdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAThIuza0gjZ2ziWoM+j2nMD8gqMMB8GA1UdIwQY
MBaAFGJtJNa/NTlj/lr6JbCllmcVKobQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEt
YWM4MDliYmFlNzM3LzEvQk9FaTdOclNDTm5iT0phZ3o2UGFjd1B5Q293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEtYWM4MDliYmFlNzM3
LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrYMA0G
CSqGSIb3DQEBCwUAA4IBAQDgghvXNsnroGi1CWJtIby0CiyvEbCzOjtrf8C9dTgj
j9hTlmXcQX2AosicJij+ttYHTiHOP77uJSf7YRMUjC9fc9BKYfySjArUE0dKdlp6
dqBI7qiOLiXpbVoisCBOgGS8+ttuA/rlqpvS7eOMSTlAJMTdldmNDAWaUD43hF24
FA1C/9M1E2KFW8UK0DdfT4IdxiMZQVD80M64ix0WSxEJKECDvnQSg/sMMlu9nguN
Xo9l6KRy/Mnq9jak+Jn8zI0ukdvGgO0ZvobWODVTJY1bBHPwLMpfLZpfxVAbSu/4
A0y26+YojjVkMDsH7PqMWdH/IcYwNCisiz0f6Bp2huJw
-----END CERTIFICATE-----