This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/UsG3baUGIxj41J_YNnv0F0uvJ9g.roa
File:                     UsG3baUGIxj41J_YNnv0F0uvJ9g.roa (raw, json)
Hash identifier:          Ou9qv1YwHjFroWI++/0y93X1Q7gw8mUqZv7cZxbQ++U=
Subject key identifier:   52:C1:B7:6D:A5:06:23:18:F8:D4:9F:D8:36:7B:F4:17:4B:AF:27:D8
Certificate issuer:       /CN=bab232c1d72dc1cabbda16c870ec941d458a9fdc
Certificate serial:       019B7EA74AD67E2CE46449ADB1A02F58D083
Authority key identifier: BA:B2:32:C1:D7:2D:C1:CA:BB:DA:16:C8:70:EC:94:1D:45:8A:9F:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/UsG3baUGIxj41J_YNnv0F0uvJ9g.roa
Signing time:             Fri 02 Jan 2026 12:20:51 +0000
ROA not before:           Fri 02 Jan 2026 12:20:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        185.214.82.0/24 maxlen: 24
                          185.214.83.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 Jan 2026 02:03:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a7:4a:d6:7e:2c:e4:64:49:ad:b1:a0:2f:58:d0:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab232c1d72dc1cabbda16c870ec941d458a9fdc
        Validity
            Not Before: Jan  2 12:20:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=52c1b76da5062318f8d49fd8367bf4174baf27d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7c:a0:3b:5b:37:11:e4:b4:c7:a4:03:54:5d:
                    81:32:cc:ca:e3:99:b5:b2:e2:74:05:a1:d4:9b:6a:
                    85:db:ae:01:ee:9b:ee:00:77:66:39:a2:9b:25:f4:
                    17:40:ff:6a:ad:95:23:8d:16:f4:76:ab:a6:e0:e9:
                    71:dc:8d:74:fa:6b:4c:39:2f:e3:6f:06:2f:d8:7f:
                    f9:6d:65:e7:5c:04:25:8e:ab:5d:eb:a1:c3:e9:59:
                    6e:57:9c:ed:ba:88:89:6e:ce:1e:2f:46:81:d4:6a:
                    2b:f3:46:43:7e:54:98:f7:ea:23:66:11:f7:e7:48:
                    97:00:93:8b:1b:e4:fd:36:e0:b8:2a:b0:35:f8:6d:
                    7c:32:7a:47:0c:58:e0:b0:ff:03:7e:33:09:f3:3d:
                    bf:4b:9d:80:51:c8:8e:11:a6:b0:38:11:0d:3f:28:
                    a2:ba:95:f2:5f:f6:24:75:af:f0:f4:af:94:d7:cb:
                    88:9f:66:2c:86:93:43:a3:21:7a:16:9c:b9:e3:87:
                    c5:d0:44:b1:12:6f:75:68:71:b1:76:b0:13:1b:fb:
                    5f:11:76:ee:bc:62:59:cc:74:9d:f5:5c:fa:5a:6f:
                    c8:1b:c5:35:48:06:26:76:33:9c:07:ab:17:8b:2f:
                    48:ee:00:70:01:5a:b9:de:cd:48:06:81:8d:0d:ff:
                    2c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C1:B7:6D:A5:06:23:18:F8:D4:9F:D8:36:7B:F4:17:4B:AF:27:D8
            X509v3 Authority Key Identifier:
                keyid:BA:B2:32:C1:D7:2D:C1:CA:BB:DA:16:C8:70:EC:94:1D:45:8A:9F:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/UsG3baUGIxj41J_YNnv0F0uvJ9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:7f:1c:4c:20:ea:0d:87:05:03:20:f4:67:52:1b:75:2c:71:
         86:f3:7d:7d:d0:88:45:3a:54:fb:a2:90:52:c0:03:77:be:d9:
         5f:12:52:2a:23:45:9e:73:bb:9e:ec:18:6a:99:03:c3:e7:55:
         b9:70:85:0b:06:fd:1c:24:ba:10:87:12:57:88:70:91:bd:8b:
         93:6e:f7:f5:54:a8:00:9c:5a:20:fe:79:68:03:06:1d:7f:ad:
         e1:39:c8:ae:70:d1:43:f9:bb:2d:61:a2:6c:b6:71:74:d9:09:
         56:88:ba:93:9c:6f:50:98:a8:3f:81:5b:04:ba:d6:7a:1a:f7:
         05:85:6e:e0:b1:a0:e5:c6:d5:c0:7e:11:aa:21:98:2f:dc:7f:
         8b:74:6f:69:31:49:6f:c7:8b:88:72:af:a8:21:e4:f2:a5:3c:
         85:23:b0:a3:61:2c:d5:e7:97:10:da:e3:92:20:c5:1e:c4:61:
         d2:87:da:cd:e8:e8:55:ea:df:61:fa:73:ad:24:9e:6f:ab:f1:
         04:ce:c7:39:bd:91:65:1b:9f:b2:7d:a2:71:d1:b1:6b:51:50:
         3b:c1:60:ef:d5:75:01:59:08:2a:c7:59:4b:44:ca:25:3a:ac:
         39:bc:4e:9f:9c:a6:38:76:b3:63:e0:7e:14:23:4a:44:96:44:
         8b:c6:0f:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+p0rWfizkZEmtsaAvWNCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjIzMmMxZDcyZGMxY2FiYmRhMTZjODcwZWM5NDFkNDU4
YTlmZGMwHhcNMjYwMTAyMTIyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMxYjc2ZGE1MDYyMzE4ZjhkNDlmZDgzNjdiZjQxNzRiYWYyN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXygO1s3EeS0x6QDVF2BMszK45m1
suJ0BaHUm2qF264B7pvuAHdmOaKbJfQXQP9qrZUjjRb0dqum4Olx3I10+mtMOS/j
bwYv2H/5bWXnXAQljqtd66HD6VluV5ztuoiJbs4eL0aB1Gor80ZDflSY9+ojZhH3
50iXAJOLG+T9NuC4KrA1+G18MnpHDFjgsP8DfjMJ8z2/S52AUciOEaawOBENPyii
upXyX/Ykda/w9K+U18uIn2YshpNDoyF6Fpy544fF0ESxEm91aHGxdrATG/tfEXbu
vGJZzHSd9Vz6Wm/IG8U1SAYmdjOcB6sXiy9I7gBwAVq53s1IBoGNDf8sRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLBt22lBiMY+NSf2DZ79BdLryfYMB8GA1UdIwQY
MBaAFLqyMsHXLcHKu9oWyHDslB1Fip/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJJeXdkY3R3Y3E3MmhiSWNPeVVIVVdLbjl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83OTU3NzQtZmI5ZS00MTNmLTlmNzAt
N2QzZWZiNGE2YTdmLzEvVXNHM2JhVUdJeGo0MUpfWU5udjBGMHV2SjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83OTU3NzQtZmI5ZS00MTNmLTlmNzAtN2QzZWZiNGE2YTdm
LzEvdXJJeXdkY3R3Y3E3MmhiSWNPeVVIVVdLbjl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudZSMA0G
CSqGSIb3DQEBCwUAA4IBAQASfxxMIOoNhwUDIPRnUht1LHGG83190IhFOlT7opBS
wAN3vtlfElIqI0Wec7ue7BhqmQPD51W5cIULBv0cJLoQhxJXiHCRvYuTbvf1VKgA
nFog/nloAwYdf63hOciucNFD+bstYaJstnF02QlWiLqTnG9QmKg/gVsEutZ6GvcF
hW7gsaDlxtXAfhGqIZgv3H+LdG9pMUlvx4uIcq+oIeTypTyFI7CjYSzV55cQ2uOS
IMUexGHSh9rN6OhV6t9h+nOtJJ5vq/EEzsc5vZFlG5+yfaJx0bFrUVA7wWDv1XUB
WQgqx1lLRMolOqw5vE6fnKY4drNj4H4UI0pElkSLxg/3
-----END CERTIFICATE-----