This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/d2sssZgiWQxoiwpeGhpD4-ZdyBc.roa
File:                     d2sssZgiWQxoiwpeGhpD4-ZdyBc.roa (raw, json)
Hash identifier:          eiBlGU6Gm1VLOcjq2l2JBGaaGY93PAF3cSre6J4TW8k=
Subject key identifier:   77:6B:2C:B1:98:22:59:0C:68:8B:0A:5E:1A:1A:43:E3:E6:5D:C8:17
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       019B7C806E92AF3FD8DBE6970938A7C9F099
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/d2sssZgiWQxoiwpeGhpD4-ZdyBc.roa
Signing time:             Fri 02 Jan 2026 02:19:10 +0000
ROA not before:           Fri 02 Jan 2026 02:19:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     9087
IP address blocks:        77.74.231.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:6e:92:af:3f:d8:db:e6:97:09:38:a7:c9:f0:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 02:19:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=776b2cb19822590c688b0a5e1a1a43e3e65dc817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d8:c6:65:90:18:00:40:14:17:2c:ef:05:e3:
                    c5:78:d4:86:7a:e5:b6:66:00:60:37:2c:7c:89:2b:
                    eb:93:01:26:b3:4e:7f:ee:47:eb:0b:89:4f:34:40:
                    69:81:31:eb:54:4f:87:04:51:95:0e:d2:6d:90:53:
                    74:6e:57:39:31:71:36:44:5a:54:e4:5e:65:46:f0:
                    1c:95:8b:07:82:70:33:42:25:36:41:b9:7e:3e:a9:
                    c8:bb:6e:a7:c2:72:0a:0b:a7:57:26:ed:6e:f6:45:
                    b5:93:1a:4b:23:c3:0f:05:e9:08:23:cd:cd:66:4c:
                    c1:81:93:a1:98:27:a5:cb:bb:72:d6:e6:ec:71:26:
                    b5:3f:9b:68:f8:33:2a:a0:4c:78:3b:73:2e:a2:a7:
                    f9:ea:60:50:11:0e:d0:27:ce:2f:04:26:6d:21:98:
                    49:01:18:e9:14:02:45:a8:78:ad:0c:da:85:e1:16:
                    00:d1:99:5b:c8:11:f0:3c:e2:2a:2d:71:2c:7e:ec:
                    a2:88:5c:f6:f2:50:e6:fd:ae:77:bf:c1:05:5c:aa:
                    86:fa:c3:81:ab:6d:31:52:5a:12:49:95:d9:b3:e2:
                    18:f6:85:8a:f7:fd:1e:05:a1:a1:0c:4d:f4:2e:b0:
                    d7:1c:2b:20:43:e0:c6:79:c1:8d:f7:21:ad:8f:27:
                    09:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6B:2C:B1:98:22:59:0C:68:8B:0A:5E:1A:1A:43:E3:E6:5D:C8:17
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/d2sssZgiWQxoiwpeGhpD4-ZdyBc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:e1:e3:87:53:d4:ae:77:ce:07:69:c2:e3:85:c0:c0:e8:e9:
         84:43:be:85:0d:d2:5f:7e:bd:03:aa:b4:83:73:44:a1:82:fb:
         a0:fa:0d:1d:c6:65:d4:86:09:86:04:4c:b0:9a:90:d7:ab:98:
         eb:18:fc:ac:82:36:d5:62:06:d0:63:c6:4b:48:1b:29:61:cb:
         12:8b:16:cf:95:9a:69:10:aa:39:39:f3:13:91:62:93:6b:bb:
         c0:e9:e2:13:27:4c:b6:24:87:84:89:8e:4d:64:09:6b:6d:4d:
         22:9a:fb:01:1d:5a:d2:d9:d7:f0:21:92:dd:9d:a3:9b:a2:b9:
         36:38:15:dc:a8:3d:ad:ec:64:03:3d:63:93:8d:46:41:15:2e:
         7e:a7:b0:78:ac:70:89:78:04:d4:41:93:21:8a:a6:ce:27:e9:
         7c:70:63:80:d7:c0:06:19:b2:4d:8d:17:74:8a:53:c3:2e:36:
         94:3c:de:40:f9:71:20:fa:30:8a:6d:28:53:86:40:a4:bc:29:
         a9:42:21:ad:e9:c1:19:94:e2:f0:32:5f:02:71:cb:1d:36:80:
         71:e8:ab:4d:4d:1a:62:3a:21:8a:65:80:fa:7b:9c:98:8a:7b:
         5a:7e:d0:d8:92:3b:fe:ac:ae:15:cd:00:01:e9:b7:48:57:82:
         be:1f:54:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gG6Srz/Y2+aXCTinyfCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjYwMTAyMDIxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZiMmNiMTk4MjI1OTBjNjg4YjBhNWUxYTFhNDNlM2U2NWRjODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtjGZZAYAEAUFyzvBePFeNSGeuW2
ZgBgNyx8iSvrkwEms05/7kfrC4lPNEBpgTHrVE+HBFGVDtJtkFN0blc5MXE2RFpU
5F5lRvAclYsHgnAzQiU2Qbl+PqnIu26nwnIKC6dXJu1u9kW1kxpLI8MPBekII83N
ZkzBgZOhmCely7ty1ubscSa1P5to+DMqoEx4O3Muoqf56mBQEQ7QJ84vBCZtIZhJ
ARjpFAJFqHitDNqF4RYA0ZlbyBHwPOIqLXEsfuyiiFz28lDm/a53v8EFXKqG+sOB
q20xUloSSZXZs+IY9oWK9/0eBaGhDE30LrDXHCsgQ+DGecGN9yGtjycJZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdrLLGYIlkMaIsKXhoaQ+PmXcgXMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvZDJzc3NaZ2lXUXhvaXdwZUdocEQ0LVpkeUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUrnMA0G
CSqGSIb3DQEBCwUAA4IBAQAr4eOHU9Sud84HacLjhcDA6OmEQ76FDdJffr0DqrSD
c0Shgvug+g0dxmXUhgmGBEywmpDXq5jrGPysgjbVYgbQY8ZLSBspYcsSixbPlZpp
EKo5OfMTkWKTa7vA6eITJ0y2JIeEiY5NZAlrbU0imvsBHVrS2dfwIZLdnaObork2
OBXcqD2t7GQDPWOTjUZBFS5+p7B4rHCJeATUQZMhiqbOJ+l8cGOA18AGGbJNjRd0
ilPDLjaUPN5A+XEg+jCKbShThkCkvCmpQiGt6cEZlOLwMl8CccsdNoBx6KtNTRpi
OiGKZYD6e5yYintaftDYkjv+rK4VzQAB6bdIV4K+H1RU
-----END CERTIFICATE-----