This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/De_n5gWs77mFUbESDcEhMP4Zgu4.roa
File:                     De_n5gWs77mFUbESDcEhMP4Zgu4.roa (raw, json)
Hash identifier:          6EezXySVgGXz55sVzTpFqjj+QzByDEb/wr63m1U01ek=
Subject key identifier:   0D:EF:E7:E6:05:AC:EF:B9:85:51:B1:12:0D:C1:21:30:FE:19:82:EE
Certificate issuer:       /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial:       019B7B367839C003A3AE28279681853BC1C4
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/De_n5gWs77mFUbESDcEhMP4Zgu4.roa
Signing time:             Thu 01 Jan 2026 20:18:45 +0000
ROA not before:           Thu 01 Jan 2026 20:18:45 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     174
IP address blocks:        185.253.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 14:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:78:39:c0:03:a3:ae:28:27:96:81:85:3b:c1:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
        Validity
            Not Before: Jan  1 20:18:45 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0defe7e605acefb98551b1120dc12130fe1982ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:10:2f:5d:f2:5d:93:16:96:af:1f:b8:ee:a5:
                    7f:8d:bb:41:e3:7c:1e:ab:61:74:c9:8e:f8:58:0d:
                    cf:bc:79:45:c9:ec:8b:76:6c:90:25:a9:3c:e6:e9:
                    db:00:33:48:e8:89:64:da:35:3a:84:a9:d2:7f:05:
                    46:54:3b:10:20:d3:26:36:e9:2c:41:bf:4b:50:e2:
                    b5:b0:9a:50:9d:e5:be:9a:e8:10:37:68:05:fb:7d:
                    64:05:35:33:f5:35:78:da:f4:06:f3:a3:f8:a7:6b:
                    b4:bc:b1:2a:30:aa:c1:95:13:76:0e:18:72:bd:92:
                    9b:8b:7f:9d:8c:14:c0:fa:2f:95:f8:1f:84:7f:b3:
                    b3:64:c4:3d:21:7b:24:af:a6:ae:28:21:39:6d:d7:
                    f4:1e:72:12:eb:d7:ca:4a:64:ae:05:54:a6:07:3b:
                    6e:e8:39:e7:87:37:19:10:8a:65:22:47:2f:6e:fd:
                    a9:5f:28:e7:de:40:f3:cf:9d:2a:1c:9d:ad:84:98:
                    00:e8:26:b3:78:97:1c:56:72:e4:4a:77:bb:0d:47:
                    eb:09:e8:05:1a:99:d6:a7:df:62:1c:5e:94:90:ee:
                    3f:bc:b1:9e:d4:d5:5a:f0:cc:67:69:67:e6:18:3c:
                    63:e6:e7:f7:87:d3:62:47:91:28:b2:2a:37:62:f2:
                    f3:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:EF:E7:E6:05:AC:EF:B9:85:51:B1:12:0D:C1:21:30:FE:19:82:EE
            X509v3 Authority Key Identifier:
                keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/De_n5gWs77mFUbESDcEhMP4Zgu4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:3b:fd:24:0f:59:ff:75:95:b6:fe:d8:2e:e7:91:9a:b4:65:
         83:1c:58:81:7d:59:38:90:1f:f4:85:bc:8c:5d:4d:13:5e:a9:
         94:ad:52:a3:02:73:6c:fa:0e:e4:35:50:04:bc:19:16:a7:fc:
         0c:a5:81:a8:cc:a6:d0:78:36:b2:5b:38:8e:23:ae:e3:5c:f8:
         9e:3c:56:4a:bc:93:80:57:a6:f0:19:55:c2:f5:00:40:4d:1d:
         88:5b:78:ba:a4:93:1f:91:ac:9a:d2:58:3b:16:7b:4b:55:2c:
         c8:88:4d:2e:d3:dd:7c:52:13:ac:7a:a2:31:29:f5:f9:25:98:
         d4:de:32:01:9a:a8:38:f1:8e:e7:a1:74:d7:e4:72:4c:ef:af:
         26:3b:a2:2c:ed:84:74:23:16:43:a5:b5:86:18:ee:de:49:9d:
         42:00:98:7f:a5:27:b3:b9:ad:50:f8:c9:a1:ba:b8:75:a7:0f:
         b2:65:b2:93:d9:cb:76:d1:03:af:96:ca:cc:7d:18:6d:4d:1a:
         92:04:28:16:40:81:7a:74:ee:91:6e:d7:fd:a0:05:21:97:cd:
         75:b5:bf:d9:bc:0b:15:70:af:3c:1a:8c:b9:7a:87:3a:99:51:
         3a:b8:8d:31:4f:93:64:eb:5c:cc:28:cb:ad:0d:55:86:16:b0:
         c3:4c:0a:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7Nng5wAOjrignloGFO8HEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjYwMTAxMjAxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGVmZTdlNjA1YWNlZmI5ODU1MWIxMTIwZGMxMjEzMGZlMTk4MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphAvXfJdkxaWrx+47qV/jbtB43we
q2F0yY74WA3PvHlFyeyLdmyQJak85unbADNI6Ilk2jU6hKnSfwVGVDsQINMmNuks
Qb9LUOK1sJpQneW+mugQN2gF+31kBTUz9TV42vQG86P4p2u0vLEqMKrBlRN2Dhhy
vZKbi3+djBTA+i+V+B+Ef7OzZMQ9IXskr6auKCE5bdf0HnIS69fKSmSuBVSmBztu
6DnnhzcZEIplIkcvbv2pXyjn3kDzz50qHJ2thJgA6CazeJccVnLkSne7DUfrCegF
GpnWp99iHF6UkO4/vLGe1NVa8MxnaWfmGDxj5uf3h9NiR5Eosio3YvLz6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3v5+YFrO+5hVGxEg3BITD+GYLuMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvRGVfbjVnV3M3N21GVWJFU0RjRWhNUDRaZ3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0BMA0G
CSqGSIb3DQEBCwUAA4IBAQBWO/0kD1n/dZW2/tgu55GatGWDHFiBfVk4kB/0hbyM
XU0TXqmUrVKjAnNs+g7kNVAEvBkWp/wMpYGozKbQeDayWziOI67jXPiePFZKvJOA
V6bwGVXC9QBATR2IW3i6pJMfkaya0lg7FntLVSzIiE0u0918UhOseqIxKfX5JZjU
3jIBmqg48Y7noXTX5HJM768mO6Is7YR0IxZDpbWGGO7eSZ1CAJh/pSezua1Q+Mmh
urh1pw+yZbKT2ct20QOvlsrMfRhtTRqSBCgWQIF6dO6Rbtf9oAUhl811tb/ZvAsV
cK88Goy5eoc6mVE6uI0xT5Nk61zMKMutDVWGFrDDTAqQ
-----END CERTIFICATE-----