This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Bzo_d6zW3tj-cs4yT8d3sKOXlfg.roa
File:                     Bzo_d6zW3tj-cs4yT8d3sKOXlfg.roa (raw, json)
Hash identifier:          sB4IjXQ2q1JliT65t5pMashaLGv9OdpiFjT65GllIOg=
Subject key identifier:   07:3A:3F:77:AC:D6:DE:D8:FE:72:CE:32:4F:C7:77:B0:A3:97:95:F8
Certificate issuer:       /CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
Certificate serial:       019B797F189CCAC80374C09DC76396F3FC73
Authority key identifier: 0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Bzo_d6zW3tj-cs4yT8d3sKOXlfg.roa
Signing time:             Thu 01 Jan 2026 12:18:51 +0000
ROA not before:           Thu 01 Jan 2026 12:18:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        193.227.246.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7f:18:9c:ca:c8:03:74:c0:9d:c7:63:96:f3:fc:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
        Validity
            Not Before: Jan  1 12:18:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=073a3f77acd6ded8fe72ce324fc777b0a39795f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:46:69:3d:a9:24:5e:77:8a:36:ab:0f:f2:ad:
                    cc:0f:3a:b1:05:a8:db:54:c6:91:bd:e2:af:7b:80:
                    ca:ab:e6:cc:c5:27:24:e9:cc:78:85:d1:76:83:65:
                    80:4a:d6:93:7c:56:10:e1:66:ad:85:cf:9e:25:6c:
                    20:e8:e9:e4:95:1b:3e:9d:70:2f:81:b8:81:b2:ae:
                    b5:4f:9d:d1:cf:4a:d9:99:f4:8c:18:86:70:6f:a9:
                    3d:2b:69:0d:c1:1d:2f:8b:09:75:d7:18:b9:15:00:
                    74:fe:87:06:ef:cc:8b:8b:43:f9:09:7d:27:9c:2a:
                    99:62:ef:2b:40:b1:69:51:06:4f:bf:6b:81:16:20:
                    cc:30:01:d0:61:ba:05:1c:0e:18:a9:fd:a9:ca:94:
                    49:4f:9c:e7:c3:89:ad:a4:76:ed:b1:c5:49:fb:ba:
                    ea:2a:0f:c3:1d:80:b9:92:0f:38:78:7b:56:55:08:
                    94:6e:96:1f:77:fd:6a:20:2a:79:98:76:70:ed:52:
                    aa:eb:bb:da:f1:81:ba:30:84:68:d3:00:ac:a9:49:
                    40:16:bc:41:52:53:fc:fb:2f:a0:48:96:e1:43:39:
                    32:2c:07:2f:21:28:82:13:46:f6:21:f8:8e:74:8a:
                    1e:77:45:a2:77:37:e6:3e:15:15:aa:21:df:93:1a:
                    ec:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3A:3F:77:AC:D6:DE:D8:FE:72:CE:32:4F:C7:77:B0:A3:97:95:F8
            X509v3 Authority Key Identifier:
                keyid:0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Bzo_d6zW3tj-cs4yT8d3sKOXlfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.227.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         63:08:6d:62:99:a4:3e:e2:ae:dd:c4:34:37:ad:cb:a9:5e:c2:
         9f:f3:d0:d7:97:c3:1e:ac:7e:40:9a:0f:ae:d7:22:8a:7d:34:
         92:b8:19:51:db:ee:9f:48:b6:34:be:50:2c:97:97:0c:34:e0:
         ce:7e:29:bd:56:ab:75:05:d6:8d:89:39:f7:22:44:30:0b:fe:
         b3:9b:be:54:d0:83:f2:6b:00:81:07:ca:20:53:25:e2:b5:c8:
         41:73:81:82:72:88:33:e5:e5:ae:c2:51:40:79:36:d8:7a:67:
         66:2d:c3:68:8a:21:e1:6e:41:5a:ce:54:ce:0f:14:c8:d4:88:
         bf:2e:ab:cc:53:22:48:0a:02:08:bc:a3:b0:d6:9f:8c:ec:bc:
         7d:bb:ee:3a:54:51:ed:44:43:30:0b:f5:bb:70:94:8b:c4:97:
         2c:44:5e:26:00:eb:fb:54:60:84:f6:76:cc:e5:44:e6:4e:04:
         24:10:ee:40:02:2b:86:18:f8:c2:76:ff:79:68:a3:3d:20:aa:
         e9:61:8a:3d:c4:c4:06:cf:90:ee:4f:32:c6:b2:26:3b:6d:70:
         f9:71:5c:06:a9:3d:27:6a:82:22:e8:52:2a:a1:1c:19:08:de:
         a9:a3:b8:c4:c3:65:a3:51:3c:c8:13:cd:df:a6:ed:9e:49:23:
         46:2c:d4:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fxicysgDdMCdx2OW8/xzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmU0ZmQyMTlmNWI3N2NlODBjZGZhZjllM2E2NDQxZGVj
NTAwNDIwHhcNMjYwMTAxMTIxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzNhM2Y3N2FjZDZkZWQ4ZmU3MmNlMzI0ZmM3NzdiMGEzOTc5NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEZpPakkXneKNqsP8q3MDzqxBajb
VMaRveKve4DKq+bMxSck6cx4hdF2g2WAStaTfFYQ4Wathc+eJWwg6OnklRs+nXAv
gbiBsq61T53Rz0rZmfSMGIZwb6k9K2kNwR0viwl11xi5FQB0/ocG78yLi0P5CX0n
nCqZYu8rQLFpUQZPv2uBFiDMMAHQYboFHA4Yqf2pypRJT5znw4mtpHbtscVJ+7rq
Kg/DHYC5kg84eHtWVQiUbpYfd/1qICp5mHZw7VKq67va8YG6MIRo0wCsqUlAFrxB
UlP8+y+gSJbhQzkyLAcvISiCE0b2IfiOdIoed0WidzfmPhUVqiHfkxrsvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAc6P3es1t7Y/nLOMk/Hd7Cjl5X4MB8GA1UdIwQY
MBaAFA4uT9IZ9bd86Azfr546ZEHexQBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTkt
MjM4ZmVlNjkyNDMwLzEvQnpvX2Q2elczdGotY3M0eVQ4ZDNzS09YbGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTktMjM4ZmVlNjkyNDMw
LzEvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBweP2MA0G
CSqGSIb3DQEBCwUAA4IBAQBjCG1imaQ+4q7dxDQ3rcupXsKf89DXl8MerH5Amg+u
1yKKfTSSuBlR2+6fSLY0vlAsl5cMNODOfim9Vqt1BdaNiTn3IkQwC/6zm75U0IPy
awCBB8ogUyXitchBc4GCcogz5eWuwlFAeTbYemdmLcNoiiHhbkFazlTODxTI1Ii/
LqvMUyJICgIIvKOw1p+M7Lx9u+46VFHtREMwC/W7cJSLxJcsRF4mAOv7VGCE9nbM
5UTmTgQkEO5AAiuGGPjCdv95aKM9IKrpYYo9xMQGz5DuTzLGsiY7bXD5cVwGqT0n
aoIi6FIqoRwZCN6po7jEw2WjUTzIE83fpu2eSSNGLNSY
-----END CERTIFICATE-----