This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/svfbdlsbXDjgA-A5NXKRbfvSSU0.roa
File:                     svfbdlsbXDjgA-A5NXKRbfvSSU0.roa (raw, json)
Hash identifier:          S4K6rQ06DpmFLzmXdsKn8rYW01MHbvPxeo9PGG/tM+4=
Subject key identifier:   B2:F7:DB:76:5B:1B:5C:38:E0:03:E0:39:35:72:91:6D:FB:D2:49:4D
Certificate issuer:       /CN=f32ca4df32dc71f411104f94b51ac14b6675824b
Certificate serial:       019B77C70BE74A22C5E1B925BB5BAC9A7744
Authority key identifier: F3:2C:A4:DF:32:DC:71:F4:11:10:4F:94:B5:1A:C1:4B:66:75:82:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/svfbdlsbXDjgA-A5NXKRbfvSSU0.roa
Signing time:             Thu 01 Jan 2026 04:18:11 +0000
ROA not before:           Thu 01 Jan 2026 04:18:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     33915
IP address blocks:        144.2.252.0/22 maxlen: 22
                          144.2.254.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 15:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:0b:e7:4a:22:c5:e1:b9:25:bb:5b:ac:9a:77:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f32ca4df32dc71f411104f94b51ac14b6675824b
        Validity
            Not Before: Jan  1 04:18:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b2f7db765b1b5c38e003e0393572916dfbd2494d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:cb:29:d1:32:f2:f6:12:79:d0:ca:46:51:1c:
                    80:fa:4b:2e:10:60:77:88:2b:6a:78:0d:74:60:1b:
                    57:58:21:67:de:0b:94:28:00:8f:e2:23:50:36:84:
                    42:25:6e:94:ed:f0:5c:3b:89:c1:13:13:75:9d:94:
                    16:c6:69:ea:96:22:fb:01:f2:8e:e0:b5:93:1b:90:
                    f6:f6:fb:e8:99:40:a9:a6:ec:4e:54:c2:b7:a4:41:
                    9d:0c:29:24:14:f0:72:f0:0d:f0:a4:ac:60:d7:6f:
                    55:d3:b0:f4:56:5c:ce:13:b0:70:f8:44:56:c3:f9:
                    c5:01:c5:6d:a2:c5:9f:7d:84:3b:15:84:17:90:c4:
                    d6:1e:7e:85:e7:da:6b:e7:52:f1:27:db:d5:f5:97:
                    51:c1:1c:82:03:fd:c6:7b:75:df:d1:ef:32:96:c5:
                    8f:24:ae:5e:a5:13:c1:46:87:46:6c:91:97:63:3e:
                    22:73:fb:2c:24:86:37:56:bb:48:9f:b4:bd:33:1a:
                    0c:9d:22:67:23:89:e2:60:ea:33:f1:de:cc:18:b3:
                    c4:41:3f:9e:98:9d:2b:7c:63:e1:bd:0f:75:0b:13:
                    79:41:a5:2a:9f:08:12:03:34:68:31:ad:3b:72:37:
                    5f:a5:81:15:45:db:e0:93:77:53:03:f8:0c:37:ce:
                    c8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F7:DB:76:5B:1B:5C:38:E0:03:E0:39:35:72:91:6D:FB:D2:49:4D
            X509v3 Authority Key Identifier:
                keyid:F3:2C:A4:DF:32:DC:71:F4:11:10:4F:94:B5:1A:C1:4B:66:75:82:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/svfbdlsbXDjgA-A5NXKRbfvSSU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.2.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:3c:c4:fc:9b:44:de:67:64:ae:6a:69:db:53:5c:10:27:c6:
         ea:63:a7:81:af:ad:d8:cd:e7:0a:7b:dd:5f:ac:9f:d2:4e:83:
         92:d9:a6:44:d4:39:20:14:ba:91:7b:c6:70:df:08:3a:46:67:
         0d:b8:5d:17:23:3b:c5:2d:23:c3:ea:8a:89:8d:23:5f:82:48:
         61:17:3e:cd:c5:66:39:ec:e6:9f:e4:99:82:9d:70:da:14:b6:
         c2:ca:54:5d:aa:f8:aa:94:f7:1d:05:82:0f:78:b3:1f:53:63:
         ec:a8:28:57:5b:bf:ef:92:f7:08:f0:9c:09:cc:53:c3:d6:8f:
         16:7a:47:0f:6d:a6:64:d3:14:69:7a:6e:de:30:91:dc:a4:50:
         20:01:e1:3a:b4:15:23:ae:da:08:2a:08:ae:e8:a5:a1:fd:9c:
         a2:7e:2c:4f:0b:8d:c2:8b:b1:18:dc:37:ae:b9:de:79:19:30:
         9a:cf:66:e7:23:62:ce:2e:d3:ea:7b:7c:32:f9:f8:9a:5b:4f:
         d5:8c:e3:c8:56:ce:96:4b:4f:80:f1:ab:c2:ac:5f:df:7e:8c:
         98:2e:33:50:0e:04:cd:84:10:25:e0:29:0e:15:99:95:9a:ff:
         12:35:04:aa:a9:9b:dd:a5:cd:29:28:62:5d:e4:80:af:93:b8:
         b1:69:f1:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xwvnSiLF4bklu1usmndEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMmNhNGRmMzJkYzcxZjQxMTEwNGY5NGI1MWFjMTRiNjY3
NTgyNGIwHhcNMjYwMTAxMDQxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmY3ZGI3NjViMWI1YzM4ZTAwM2UwMzkzNTcyOTE2ZGZiZDI0OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ssp0TLy9hJ50MpGURyA+ksuEGB3
iCtqeA10YBtXWCFn3guUKACP4iNQNoRCJW6U7fBcO4nBExN1nZQWxmnqliL7AfKO
4LWTG5D29vvomUCppuxOVMK3pEGdDCkkFPBy8A3wpKxg129V07D0VlzOE7Bw+ERW
w/nFAcVtosWffYQ7FYQXkMTWHn6F59pr51LxJ9vV9ZdRwRyCA/3Ge3Xf0e8ylsWP
JK5epRPBRodGbJGXYz4ic/ssJIY3VrtIn7S9MxoMnSJnI4niYOoz8d7MGLPEQT+e
mJ0rfGPhvQ91CxN5QaUqnwgSAzRoMa07cjdfpYEVRdvgk3dTA/gMN87IUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLL323ZbG1w44APgOTVykW370klNMB8GA1UdIwQY
MBaAFPMspN8y3HH0ERBPlLUawUtmdYJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHl5azN6TGNjZlFSRUUtVXRSckJTMloxZ2tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS80ZWRiZWMtZmZlYS00MDYyLTg5Y2It
NjU2NjAwYzllNDQwLzEvc3ZmYmRsc2JYRGpnQS1BNU5YS1JiZnZTU1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS80ZWRiZWMtZmZlYS00MDYyLTg5Y2ItNjU2NjAwYzllNDQw
LzEvOHl5azN6TGNjZlFSRUUtVXRSckJTMloxZ2tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkAL8MA0G
CSqGSIb3DQEBCwUAA4IBAQB6PMT8m0TeZ2SuamnbU1wQJ8bqY6eBr63YzecKe91f
rJ/SToOS2aZE1DkgFLqRe8Zw3wg6RmcNuF0XIzvFLSPD6oqJjSNfgkhhFz7NxWY5
7Oaf5JmCnXDaFLbCylRdqviqlPcdBYIPeLMfU2PsqChXW7/vkvcI8JwJzFPD1o8W
ekcPbaZk0xRpem7eMJHcpFAgAeE6tBUjrtoIKgiu6KWh/ZyifixPC43Ci7EY3Deu
ud55GTCaz2bnI2LOLtPqe3wy+fiaW0/VjOPIVs6WS0+A8avCrF/ffoyYLjNQDgTN
hBAl4CkOFZmVmv8SNQSqqZvdpc0pKGJd5ICvk7ixafE/
-----END CERTIFICATE-----