This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/e5m_nqdKosSzqhulF5N30TVDKIo.roa
File:                     e5m_nqdKosSzqhulF5N30TVDKIo.roa (raw, json)
Hash identifier:          1YFkHyzQNc03KuJoIz1DI1dCLrqvCUz3jG4fnw+3h8o=
Subject key identifier:   7B:99:BF:9E:A7:4A:A2:C4:B3:AA:1B:A5:17:93:77:D1:35:43:28:8A
Certificate issuer:       /CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Certificate serial:       019B77C6D4543E56C3A9D5355779B249B616
Authority key identifier: D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/e5m_nqdKosSzqhulF5N30TVDKIo.roa
Signing time:             Thu 01 Jan 2026 04:17:57 +0000
ROA not before:           Thu 01 Jan 2026 04:17:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208436
IP address blocks:        2a0e:9f40::/29 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 10:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:d4:54:3e:56:c3:a9:d5:35:57:79:b2:49:b6:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
        Validity
            Not Before: Jan  1 04:17:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7b99bf9ea74aa2c4b3aa1ba5179377d13543288a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ad:13:33:ef:0a:06:52:21:bd:ad:51:35:af:
                    16:70:02:cd:51:ed:c5:a9:7b:4f:4e:1a:f1:a1:e3:
                    da:3d:41:22:a8:43:53:ba:08:41:82:33:66:65:df:
                    cc:20:ba:c2:f7:06:29:1f:9f:ad:5b:ad:95:e8:f8:
                    a5:f4:4f:59:2f:96:5f:84:ba:33:bc:b5:52:70:b7:
                    78:6a:9a:59:54:1c:3c:21:01:5c:f1:ab:41:0a:55:
                    cd:24:8c:c7:32:77:01:65:59:d7:6d:85:31:a6:84:
                    19:b5:a3:39:09:03:45:a6:8b:34:03:c1:17:e7:76:
                    c9:d4:bb:be:28:8e:a2:32:85:de:70:e6:45:1f:19:
                    62:08:bb:14:91:98:bf:a6:39:8f:ee:cf:b9:70:8d:
                    6b:9f:1a:f5:6c:72:de:84:14:12:8f:eb:77:3b:2e:
                    c8:2a:d3:03:dc:82:e8:da:6f:7f:41:29:c6:fc:20:
                    a9:59:dd:a5:4b:4c:66:a0:37:81:9a:6c:73:74:81:
                    65:d9:1d:6f:ea:61:0b:03:ab:6f:53:e1:b4:73:af:
                    ef:50:3c:d3:82:09:a7:6e:a6:cf:4f:18:6d:b8:c7:
                    c1:e1:6c:d8:08:34:a2:58:b4:44:1b:98:6a:ee:ca:
                    72:23:8d:f1:b7:99:42:26:bb:6f:fd:90:f1:c9:b9:
                    62:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:99:BF:9E:A7:4A:A2:C4:B3:AA:1B:A5:17:93:77:D1:35:43:28:8A
            X509v3 Authority Key Identifier:
                keyid:D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/e5m_nqdKosSzqhulF5N30TVDKIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:9f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         85:8e:71:de:e6:4e:6b:55:c1:03:ed:e7:26:1a:ab:15:ec:88:
         e1:7a:5e:9b:bf:37:4b:0b:31:47:b7:15:4d:76:0d:93:10:76:
         99:9c:1c:a7:f2:11:cc:35:d9:9a:a4:b9:9d:b4:79:b6:41:c9:
         5e:14:7b:9f:24:e1:89:7b:6c:a8:30:a3:50:1c:3d:fe:62:ac:
         fb:ec:1e:b4:39:1c:35:7b:71:f7:19:69:26:68:ae:d9:a3:2c:
         68:20:3c:99:36:17:cf:35:07:14:87:44:da:b4:a4:40:d5:0c:
         4b:d7:d2:d2:94:63:a5:f8:5f:60:58:de:da:d6:2d:a2:cf:fe:
         b8:b9:80:b2:93:a3:e9:61:d8:be:31:9d:2e:43:50:e2:4e:63:
         f6:7d:51:6e:cc:ee:95:cf:fa:d3:6d:9a:cf:01:39:9c:1c:96:
         a6:bf:91:e9:fc:d0:35:34:9d:b3:42:14:a3:ad:93:45:f9:37:
         97:34:44:76:e5:65:24:f7:13:88:67:41:8b:87:41:4f:5b:8a:
         6e:f0:3c:a5:6f:b6:f6:02:32:52:35:42:ce:6d:d6:37:2a:e4:
         ab:d9:6d:d7:d8:cb:e9:ba:26:6b:9b:2b:94:ff:f9:a0:73:7f:
         4b:61:03:29:d7:ff:b9:d5:8f:a9:e4:ff:f7:98:72:71:92:61:
         8b:1a:ad:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt3xtRUPlbDqdU1V3mySbYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTVmYTcwZTNmN2RmMzYxMTUxZDU1Mzc5ZDRkOWI4NWRh
ZGZkM2QwHhcNMjYwMTAxMDQxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjk5YmY5ZWE3NGFhMmM0YjNhYTFiYTUxNzkzNzdkMTM1NDMyODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy60TM+8KBlIhva1RNa8WcALNUe3F
qXtPThrxoePaPUEiqENTughBgjNmZd/MILrC9wYpH5+tW62V6Pil9E9ZL5ZfhLoz
vLVScLd4appZVBw8IQFc8atBClXNJIzHMncBZVnXbYUxpoQZtaM5CQNFpos0A8EX
53bJ1Lu+KI6iMoXecOZFHxliCLsUkZi/pjmP7s+5cI1rnxr1bHLehBQSj+t3Oy7I
KtMD3ILo2m9/QSnG/CCpWd2lS0xmoDeBmmxzdIFl2R1v6mELA6tvU+G0c6/vUDzT
ggmnbqbPTxhtuMfB4WzYCDSiWLREG5hq7spyI43xt5lCJrtv/ZDxybliuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHuZv56nSqLEs6obpReTd9E1QyiKMB8GA1UdIwQY
MBaAFNiV+nDj9982EVHVU3nU2bhdrf09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUt
ZjQ1YjhkYmUyZjk3LzEvZTVtX25xZEtvc1N6cWh1bEY1TjMwVFZES0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUtZjQ1YjhkYmUyZjk3
LzEvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6fQDAN
BgkqhkiG9w0BAQsFAAOCAQEAhY5x3uZOa1XBA+3nJhqrFeyI4Xpem783SwsxR7cV
TXYNkxB2mZwcp/IRzDXZmqS5nbR5tkHJXhR7nyThiXtsqDCjUBw9/mKs++wetDkc
NXtx9xlpJmiu2aMsaCA8mTYXzzUHFIdE2rSkQNUMS9fS0pRjpfhfYFje2tYtos/+
uLmAspOj6WHYvjGdLkNQ4k5j9n1Rbszulc/6022azwE5nByWpr+R6fzQNTSds0IU
o62TRfk3lzREduVlJPcTiGdBi4dBT1uKbvA8pW+29gIyUjVCzm3WNyrkq9lt19jL
6boma5srlP/5oHN/S2EDKdf/udWPqeT/95hycZJhixqtFg==
-----END CERTIFICATE-----