This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4fzXGdx-cnGIypwx_wiW4y8J7cc.roa
File:                     4fzXGdx-cnGIypwx_wiW4y8J7cc.roa (raw, json)
Hash identifier:          YeRwCVbWqAMww2yMJqp8anIZxMI7aOmo+nJRpbg6OOE=
Subject key identifier:   E1:FC:D7:19:DC:7E:72:71:88:CA:9C:31:FF:08:96:E3:2F:09:ED:C7
Certificate issuer:       /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial:       019B7EA76D7603C6A884F1A594198D95EBB6
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4fzXGdx-cnGIypwx_wiW4y8J7cc.roa
Signing time:             Fri 02 Jan 2026 12:21:00 +0000
ROA not before:           Fri 02 Jan 2026 12:21:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34291
IP address blocks:        195.54.10.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 00:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a7:6d:76:03:c6:a8:84:f1:a5:94:19:8d:95:eb:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
        Validity
            Not Before: Jan  2 12:21:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e1fcd719dc7e727188ca9c31ff0896e32f09edc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:81:e6:26:db:a5:6b:02:41:48:e6:95:54:fc:
                    35:41:a1:ff:dc:af:41:c7:30:ee:42:5a:71:50:47:
                    ba:13:9e:40:a8:37:ee:1b:6d:30:a8:ea:b8:a9:c8:
                    3e:cc:d4:34:0f:8f:ca:78:e0:03:44:45:e1:00:3f:
                    f9:92:8b:4c:39:96:cc:bc:0a:b7:0e:88:4b:96:e4:
                    5c:56:80:af:54:81:9b:fd:a4:07:99:7c:21:6f:28:
                    83:c5:cf:d1:48:a3:9c:c4:b3:b4:94:60:20:5d:90:
                    83:82:22:f6:0c:75:e3:70:ab:16:df:45:ec:31:8a:
                    af:9e:90:73:f4:16:49:0d:36:9b:39:53:51:a1:de:
                    6b:ba:8e:1e:de:e2:3d:0d:52:e1:6b:b3:a8:18:9e:
                    5a:6d:77:30:6c:8e:31:bb:c5:4c:9f:09:81:53:f0:
                    83:42:c4:e2:5d:5c:df:fe:aa:8c:06:b2:2c:be:9d:
                    a1:14:12:8c:41:bd:11:98:f0:b9:11:dc:b9:fc:23:
                    ec:89:b1:c1:95:8f:42:53:a8:c4:2d:ff:9c:04:d2:
                    0f:72:1c:32:35:61:6e:9f:b8:56:29:6d:2f:ec:39:
                    63:04:6b:4b:bd:fc:d5:db:76:d7:d3:a1:31:d7:b0:
                    11:50:a9:36:96:95:5b:8f:28:4a:96:0b:54:fc:88:
                    c0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:FC:D7:19:DC:7E:72:71:88:CA:9C:31:FF:08:96:E3:2F:09:ED:C7
            X509v3 Authority Key Identifier:
                keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4fzXGdx-cnGIypwx_wiW4y8J7cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.54.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:49:3d:58:89:3b:f6:b9:0a:fc:be:1c:76:ed:1e:2d:3f:a9:
         fb:10:33:56:09:53:f2:d4:8d:b4:ab:7b:0f:50:a0:b9:a2:12:
         2a:a0:b4:6d:5c:5b:4a:3f:32:1e:bc:04:2a:52:7b:9b:7a:07:
         2b:fb:63:e5:b2:1b:f8:94:b5:5e:2f:eb:4f:c2:9a:c0:d2:a0:
         4c:02:5e:a9:b0:e9:0c:7f:d5:8e:83:68:a8:6b:eb:d3:b9:5c:
         46:26:73:55:64:a0:d9:0c:cd:86:7a:e0:10:6e:5f:96:46:01:
         16:67:af:b2:68:84:eb:b7:9b:31:19:23:c2:92:a8:be:80:14:
         0d:64:a5:44:41:33:05:01:a1:6d:18:57:11:70:47:36:2c:ee:
         78:0e:c9:dd:23:33:d5:ce:09:18:79:69:c6:81:ca:ca:6e:23:
         9f:26:c0:d8:97:12:80:6a:37:4e:f3:ba:57:48:e5:8e:b5:e6:
         63:07:70:d8:0f:57:da:1f:c6:dc:d0:22:24:42:90:4c:fd:8f:
         43:d1:a9:e4:68:28:9f:dc:b4:11:3f:3d:f8:eb:8e:86:5c:36:
         9c:97:c6:14:cd:9c:6f:bc:31:57:c3:2a:45:7c:ca:59:57:a0:
         9a:d9:a1:d6:23:45:32:f1:86:3d:40:4c:b4:c0:89:b8:49:7f:
         4c:21:00:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+p212A8aohPGllBmNleu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwMTAyMTIyMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZjZDcxOWRjN2U3MjcxODhjYTljMzFmZjA4OTZlMzJmMDllZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oHmJtulawJBSOaVVPw1QaH/3K9B
xzDuQlpxUEe6E55AqDfuG20wqOq4qcg+zNQ0D4/KeOADREXhAD/5kotMOZbMvAq3
DohLluRcVoCvVIGb/aQHmXwhbyiDxc/RSKOcxLO0lGAgXZCDgiL2DHXjcKsW30Xs
MYqvnpBz9BZJDTabOVNRod5ruo4e3uI9DVLha7OoGJ5abXcwbI4xu8VMnwmBU/CD
QsTiXVzf/qqMBrIsvp2hFBKMQb0RmPC5Edy5/CPsibHBlY9CU6jELf+cBNIPchwy
NWFun7hWKW0v7DljBGtLvfzV23bX06Ex17ARUKk2lpVbjyhKlgtU/IjAXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOH81xncfnJxiMqcMf8IluMvCe3HMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNGZ6WEdkeC1jbkdJeXB3eF93aVc0eThKN2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzYKMA0G
CSqGSIb3DQEBCwUAA4IBAQAdST1YiTv2uQr8vhx27R4tP6n7EDNWCVPy1I20q3sP
UKC5ohIqoLRtXFtKPzIevAQqUnubegcr+2Plshv4lLVeL+tPwprA0qBMAl6psOkM
f9WOg2ioa+vTuVxGJnNVZKDZDM2GeuAQbl+WRgEWZ6+yaITrt5sxGSPCkqi+gBQN
ZKVEQTMFAaFtGFcRcEc2LO54DsndIzPVzgkYeWnGgcrKbiOfJsDYlxKAajdO87pX
SOWOteZjB3DYD1faH8bc0CIkQpBM/Y9D0ankaCif3LQRPz34646GXDacl8YUzZxv
vDFXwypFfMpZV6Ca2aHWI0Uy8YY9QEy0wIm4SX9MIQAD
-----END CERTIFICATE-----