This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/d50ryNf7AouleyVkV0KoPCj3Vbs.roa
File:                     d50ryNf7AouleyVkV0KoPCj3Vbs.roa (raw, json)
Hash identifier:          8cb301Zu+uM5+wsIG5dakaifCIJcNQE2p9LiFv/55dU=
Subject key identifier:   77:9D:2B:C8:D7:FB:02:8B:A5:7B:25:64:57:42:A8:3C:28:F7:55:BB
Certificate issuer:       /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial:       019B7F8437FD976E6E7FF85B0E6CD1B4EA7B
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/d50ryNf7AouleyVkV0KoPCj3Vbs.roa
Signing time:             Fri 02 Jan 2026 16:22:10 +0000
ROA not before:           Fri 02 Jan 2026 16:22:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213373
IP address blocks:        109.205.187.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:84:37:fd:97:6e:6e:7f:f8:5b:0e:6c:d1:b4:ea:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
        Validity
            Not Before: Jan  2 16:22:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=779d2bc8d7fb028ba57b25645742a83c28f755bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fe:25:6d:f1:8c:06:f7:f5:1c:9a:94:1e:b0:
                    d6:81:24:e3:57:08:df:89:ce:fc:d6:35:41:ca:62:
                    7d:8d:84:f5:40:ef:3e:f7:7c:08:46:fe:7e:ee:27:
                    93:39:c7:bf:ba:ba:a3:eb:bc:34:6e:57:62:b3:04:
                    94:f2:5d:f5:1b:e9:e6:78:d5:00:53:22:bc:2c:66:
                    0f:f3:07:d8:a6:f6:6b:81:a3:42:74:61:a9:2a:6c:
                    93:33:23:1f:4c:cf:c0:43:f9:28:c4:db:78:87:ad:
                    44:f4:b6:0c:4b:51:17:50:f1:6d:ab:c6:a7:66:0e:
                    b8:34:7d:86:37:a2:50:39:f1:33:d6:9b:b9:2f:d7:
                    73:d1:e0:34:65:f0:0f:34:71:42:d6:87:b8:97:c6:
                    4d:6e:cc:c4:8a:e8:99:90:98:1d:16:ab:28:3e:cc:
                    49:2f:55:56:aa:f4:de:c2:0e:aa:b8:01:5d:a0:52:
                    df:5d:55:0f:80:b1:19:0b:fa:46:3e:28:78:05:b4:
                    13:f0:de:f8:2f:56:01:b2:5b:87:ee:31:12:bd:21:
                    52:c4:41:64:de:8a:c5:9c:3c:2e:4a:b4:81:9c:d2:
                    71:48:53:58:f0:8a:dd:43:86:0a:a0:67:e5:e1:7a:
                    98:7d:12:98:86:13:d3:97:67:1d:f2:b7:d7:f7:ac:
                    ca:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:9D:2B:C8:D7:FB:02:8B:A5:7B:25:64:57:42:A8:3C:28:F7:55:BB
            X509v3 Authority Key Identifier:
                keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/d50ryNf7AouleyVkV0KoPCj3Vbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.205.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:ea:09:01:6b:35:29:a3:fa:78:c0:32:cc:28:13:65:9b:3b:
         ac:e2:a6:e9:c6:b7:6a:49:c6:26:af:61:84:6a:63:3a:af:ae:
         9d:dd:9d:21:01:35:7d:c5:a2:95:3a:e5:71:00:8f:d3:6c:18:
         db:6b:9c:99:00:4f:d7:4c:66:bd:30:4d:2c:74:7d:1c:af:2f:
         1e:c4:a3:3d:df:48:a5:c6:7b:a1:dd:d6:b9:e2:11:10:43:42:
         e4:9d:c8:a6:b7:9a:de:74:b3:41:9c:e5:4b:8e:4d:d2:bf:0e:
         94:80:be:24:9a:5f:e8:a3:30:58:17:23:4f:98:0c:b9:bf:f9:
         3f:87:ae:8f:6b:bc:5f:08:8b:bd:e1:0c:e8:92:48:38:61:c8:
         b4:4e:b5:22:3f:b3:00:63:fd:d1:04:1c:62:b7:11:8d:23:38:
         98:47:e0:c6:ff:23:22:da:a3:40:5d:58:72:b1:86:2b:cf:1b:
         06:c9:a7:d6:4c:b2:fd:85:2d:d0:5b:a9:7f:e6:72:ee:b4:fd:
         65:55:a6:c2:9d:8e:11:21:a5:d2:26:e1:3c:ab:d2:b9:b8:9d:
         23:61:26:4f:7f:ab:aa:58:1e:74:d4:e3:b5:7e:60:a1:c8:35:
         10:02:45:03:37:43:fa:d9:85:6f:5c:30:0e:57:73:c4:e2:fd:
         e4:27:6b:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hDf9l25uf/hbDmzRtOp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjYwMTAyMTYyMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzlkMmJjOGQ3ZmIwMjhiYTU3YjI1NjQ1NzQyYTgzYzI4Zjc1NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/4lbfGMBvf1HJqUHrDWgSTjVwjf
ic781jVBymJ9jYT1QO8+93wIRv5+7ieTOce/urqj67w0bldiswSU8l31G+nmeNUA
UyK8LGYP8wfYpvZrgaNCdGGpKmyTMyMfTM/AQ/koxNt4h61E9LYMS1EXUPFtq8an
Zg64NH2GN6JQOfEz1pu5L9dz0eA0ZfAPNHFC1oe4l8ZNbszEiuiZkJgdFqsoPsxJ
L1VWqvTewg6quAFdoFLfXVUPgLEZC/pGPih4BbQT8N74L1YBsluH7jESvSFSxEFk
3orFnDwuSrSBnNJxSFNY8IrdQ4YKoGfl4XqYfRKYhhPTl2cd8rfX96zKjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHedK8jX+wKLpXslZFdCqDwo91W7MB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvZDUwcnlOZjdBb3VsZXlWa1YwS29QQ2ozVmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc27MA0G
CSqGSIb3DQEBCwUAA4IBAQAt6gkBazUpo/p4wDLMKBNlmzus4qbpxrdqScYmr2GE
amM6r66d3Z0hATV9xaKVOuVxAI/TbBjba5yZAE/XTGa9ME0sdH0cry8exKM930il
xnuh3da54hEQQ0Lkncimt5redLNBnOVLjk3Svw6UgL4kml/oozBYFyNPmAy5v/k/
h66Pa7xfCIu94Qzokkg4Yci0TrUiP7MAY/3RBBxitxGNIziYR+DG/yMi2qNAXVhy
sYYrzxsGyafWTLL9hS3QW6l/5nLutP1lVabCnY4RIaXSJuE8q9K5uJ0jYSZPf6uq
WB501OO1fmChyDUQAkUDN0P62YVvXDAOV3PE4v3kJ2tq
-----END CERTIFICATE-----