This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dA2Jbjq7KUPyMf04bqo1Ac2SyqM.roa
File:                     dA2Jbjq7KUPyMf04bqo1Ac2SyqM.roa (raw, json)
Hash identifier:          sVCWyP//+625xKw+SIx+l7nvHfvltExlSIipxwGN2+8=
Subject key identifier:   74:0D:89:6E:3A:BB:29:43:F2:31:FD:38:6E:AA:35:01:CD:92:CA:A3
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B357361679368548E928046E815AFD9
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dA2Jbjq7KUPyMf04bqo1Ac2SyqM.roa
Signing time:             Thu 01 Jan 2026 20:17:39 +0000
ROA not before:           Thu 01 Jan 2026 20:17:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44271
IP address blocks:        85.121.182.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:73:61:67:93:68:54:8e:92:80:46:e8:15:af:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=740d896e3abb2943f231fd386eaa3501cd92caa3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cc:25:1e:7a:b4:fd:75:a8:33:c1:e5:3f:35:
                    5e:62:f1:6f:08:66:44:fe:64:38:f8:aa:76:74:87:
                    c5:b1:9c:2f:f9:bd:32:17:3a:ac:bd:70:44:40:4b:
                    ca:57:e6:dd:ca:66:59:63:8f:6d:a9:18:e8:fe:e3:
                    72:6c:7d:38:ba:9c:d0:9f:d1:b7:fd:e4:30:3e:26:
                    a3:b5:52:8f:83:1e:e4:cf:2f:54:45:f3:a1:e5:59:
                    a6:8c:e1:f3:da:90:38:77:78:e3:ca:70:c3:b6:0f:
                    b5:fc:2d:11:a6:17:73:af:3b:f4:2f:bb:3d:0a:be:
                    99:01:66:ed:dd:cd:46:91:5d:a8:98:67:d5:96:43:
                    01:af:4c:58:32:aa:1c:67:48:1a:e5:44:79:d2:1c:
                    02:55:f4:ce:5b:05:0e:d6:de:3b:bf:10:4f:6e:31:
                    51:72:a1:99:96:21:4f:88:50:f7:1b:d1:f7:8e:35:
                    25:ec:49:31:8c:e6:15:42:8f:af:c0:ed:7d:b1:82:
                    e4:ab:3a:c5:64:7a:34:97:71:e1:bf:02:7e:1f:93:
                    e2:91:f6:c1:af:b5:c6:9a:84:53:aa:6c:d6:7c:53:
                    c9:45:b9:c8:80:40:52:20:08:54:ae:fa:2c:e5:f8:
                    2c:82:85:32:97:1a:23:9a:4a:d0:bb:e1:5c:fd:f7:
                    f9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:0D:89:6E:3A:BB:29:43:F2:31:FD:38:6E:AA:35:01:CD:92:CA:A3
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dA2Jbjq7KUPyMf04bqo1Ac2SyqM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.121.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:cd:bc:58:cd:7d:9f:fc:07:78:b0:76:74:84:5e:bf:1d:e2:
         4c:c2:4c:aa:c2:bd:49:f7:69:11:e2:63:9b:c2:ac:36:99:0e:
         c9:3f:ab:2d:5b:11:38:f7:36:71:85:5a:77:bc:c4:2b:90:c0:
         38:34:ff:fe:fc:de:8e:f1:63:76:92:56:15:5a:ee:39:72:dc:
         ac:06:f2:45:9e:8a:7d:61:9f:d7:92:2d:d3:95:17:9e:b6:25:
         1e:20:8a:39:07:ca:8b:6e:60:59:05:e2:9c:9a:0a:bb:61:7a:
         ca:24:11:a1:30:3f:6b:2e:ba:72:ce:68:17:fe:9e:fb:30:e3:
         5d:36:e8:fb:f7:d8:d3:31:cb:84:91:c3:3a:18:a5:70:e3:e1:
         1b:9b:44:db:b4:31:71:70:a1:07:e1:32:47:e6:86:a0:dc:28:
         46:bb:a8:8e:0b:63:c8:4d:d3:e3:fa:6d:9c:f7:06:1c:1c:34:
         8d:f6:f9:4d:22:2b:67:d9:d1:40:c5:63:f8:bb:78:d5:c7:2f:
         8d:87:94:c7:23:f6:f4:6f:92:ed:3d:40:3c:59:92:47:4a:24:
         c6:0e:6d:f1:d2:08:9c:4f:6c:3c:c9:13:1c:9f:a8:3b:a8:c2:
         35:d7:e1:e4:b6:36:a5:96:b6:dd:fe:03:d8:82:11:39:70:16:
         48:99:c7:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NXNhZ5NoVI6SgEboFa/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBkODk2ZTNhYmIyOTQzZjIzMWZkMzg2ZWFhMzUwMWNkOTJjYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcwlHnq0/XWoM8HlPzVeYvFvCGZE
/mQ4+Kp2dIfFsZwv+b0yFzqsvXBEQEvKV+bdymZZY49tqRjo/uNybH04upzQn9G3
/eQwPiajtVKPgx7kzy9URfOh5VmmjOHz2pA4d3jjynDDtg+1/C0Rphdzrzv0L7s9
Cr6ZAWbt3c1GkV2omGfVlkMBr0xYMqocZ0ga5UR50hwCVfTOWwUO1t47vxBPbjFR
cqGZliFPiFD3G9H3jjUl7EkxjOYVQo+vwO19sYLkqzrFZHo0l3HhvwJ+H5PikfbB
r7XGmoRTqmzWfFPJRbnIgEBSIAhUrvos5fgsgoUylxojmkrQu+Fc/ff5pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQNiW46uylD8jH9OG6qNQHNksqjMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZEEySmJqcTdLVVB5TWYwNGJxbzFBYzJTeXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXm2MA0G
CSqGSIb3DQEBCwUAA4IBAQAhzbxYzX2f/Ad4sHZ0hF6/HeJMwkyqwr1J92kR4mOb
wqw2mQ7JP6stWxE49zZxhVp3vMQrkMA4NP/+/N6O8WN2klYVWu45ctysBvJFnop9
YZ/Xki3TlReetiUeIIo5B8qLbmBZBeKcmgq7YXrKJBGhMD9rLrpyzmgX/p77MONd
Nuj799jTMcuEkcM6GKVw4+Ebm0TbtDFxcKEH4TJH5oag3ChGu6iOC2PITdPj+m2c
9wYcHDSN9vlNIitn2dFAxWP4u3jVxy+Nh5THI/b0b5LtPUA8WZJHSiTGDm3x0gic
T2w8yRMcn6g7qMI11+Hktjallrbd/gPYghE5cBZImcfq
-----END CERTIFICATE-----