This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/DyBrkSK4a6M3RlwftQhSDaHeKfM.roa
File:                     DyBrkSK4a6M3RlwftQhSDaHeKfM.roa (raw, json)
Hash identifier:          h4xKh81GTCFolaSYT7/bVgNQm45KFUeIOt1K9PqX3Yc=
Subject key identifier:   0F:20:6B:91:22:B8:6B:A3:37:46:5C:1F:B5:08:52:0D:A1:DE:29:F3
Certificate issuer:       /CN=d44bd5653013fa7ca34f52284309a688b249e7a0
Certificate serial:       019B77C768503E8503C0546A00A556F99146
Authority key identifier: D4:4B:D5:65:30:13:FA:7C:A3:4F:52:28:43:09:A6:88:B2:49:E7:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1EvVZTAT-nyjT1IoQwmmiLJJ56A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/DyBrkSK4a6M3RlwftQhSDaHeKfM.roa
Signing time:             Thu 01 Jan 2026 04:18:35 +0000
ROA not before:           Thu 01 Jan 2026 04:18:35 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44858
IP address blocks:        77.241.68.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/1EvVZTAT-nyjT1IoQwmmiLJJ56A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/1EvVZTAT-nyjT1IoQwmmiLJJ56A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1EvVZTAT-nyjT1IoQwmmiLJJ56A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:68:50:3e:85:03:c0:54:6a:00:a5:56:f9:91:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d44bd5653013fa7ca34f52284309a688b249e7a0
        Validity
            Not Before: Jan  1 04:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0f206b9122b86ba337465c1fb508520da1de29f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:32:d0:7f:e4:9b:ea:65:e8:24:2a:c0:e0:88:
                    dd:6d:6b:df:a1:8e:9b:f4:56:0d:b4:e8:ff:c0:98:
                    3a:70:6c:3d:e3:f2:97:f2:85:28:27:25:83:ae:2f:
                    77:47:0c:ac:59:1e:8f:fb:aa:57:d1:39:39:15:83:
                    21:b5:a8:19:8e:58:c4:90:6d:9c:71:2f:0a:00:87:
                    30:16:d6:c1:36:fb:32:f0:a2:9e:3e:2f:94:46:8f:
                    44:ce:28:b0:33:76:d4:02:6d:6f:32:e2:ac:03:5c:
                    9c:91:ba:d8:e9:7a:c4:03:48:f1:fa:12:01:d8:e9:
                    07:51:1a:3f:18:89:aa:4e:f0:43:e5:02:89:8e:8f:
                    ec:f9:12:26:8c:76:d0:8b:f9:e0:c8:fa:3a:78:44:
                    7a:6f:73:7c:44:6d:37:82:41:a7:16:35:68:6b:e9:
                    a3:52:66:24:06:26:13:55:65:e9:a2:d2:6e:e8:92:
                    7b:2c:d3:c2:e9:bf:c7:c2:ec:a0:2c:b3:57:2e:db:
                    f5:9a:ab:6e:97:8c:00:46:37:22:68:14:45:a2:23:
                    5b:2a:9e:0a:e9:92:87:f3:43:db:44:58:4a:d0:73:
                    e0:8f:b0:63:a1:69:5d:56:3b:19:83:a9:d4:de:ea:
                    fa:2a:04:03:6d:cf:9a:b2:b6:31:f6:37:eb:f4:07:
                    f8:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:20:6B:91:22:B8:6B:A3:37:46:5C:1F:B5:08:52:0D:A1:DE:29:F3
            X509v3 Authority Key Identifier:
                keyid:D4:4B:D5:65:30:13:FA:7C:A3:4F:52:28:43:09:A6:88:B2:49:E7:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EvVZTAT-nyjT1IoQwmmiLJJ56A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/DyBrkSK4a6M3RlwftQhSDaHeKfM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a3f9b-1b87-4855-ba3c-b5012662020d/1/1EvVZTAT-nyjT1IoQwmmiLJJ56A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.241.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e2:30:fc:dc:64:ea:04:92:ff:df:65:f0:7d:a3:dd:28:19:27:
         97:3d:f1:b4:6e:2a:37:4b:60:0e:96:b1:10:cc:e9:e1:72:45:
         ac:fe:ad:5e:31:af:74:a5:b2:76:c6:88:cd:99:40:c0:0f:2e:
         58:35:e0:4c:73:8f:c0:a2:26:f9:b3:2d:b4:b5:5b:bd:0e:c1:
         b4:4d:c2:23:0c:2f:b7:ec:ca:10:9d:1a:8e:2a:c0:0c:f4:9d:
         a1:0c:8c:0a:93:0f:0f:8f:de:05:9b:7a:22:6f:b1:42:ee:b4:
         f0:e1:96:94:93:43:51:aa:d1:b9:7d:fc:de:f6:c1:00:62:b0:
         76:79:9e:16:b9:37:fd:b8:14:89:6e:98:62:06:eb:2e:fe:35:
         d5:ef:14:d4:e9:c8:c2:3d:7e:f0:3e:ba:79:06:94:e9:b7:d1:
         1c:d4:84:8a:9c:1a:27:fc:bd:0d:1e:6a:9e:f7:1a:74:ef:e6:
         69:37:eb:1a:3a:15:ce:ec:ff:26:19:e9:0a:89:6d:59:3c:27:
         e4:2e:41:99:36:f0:f3:fa:25:43:63:b0:cb:37:ab:cf:a6:0a:
         43:14:0d:d7:71:2f:c8:dd:ce:c2:34:0a:87:f4:b0:43:c4:96:
         32:49:16:ba:a3:3c:fa:a7:d0:0d:d0:04:51:ad:4a:5f:c1:ae:
         b0:26:37:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x2hQPoUDwFRqAKVW+ZFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGJkNTY1MzAxM2ZhN2NhMzRmNTIyODQzMDlhNjg4YjI0
OWU3YTAwHhcNMjYwMTAxMDQxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIwNmI5MTIyYjg2YmEzMzc0NjVjMWZiNTA4NTIwZGExZGUyOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TLQf+Sb6mXoJCrA4IjdbWvfoY6b
9FYNtOj/wJg6cGw94/KX8oUoJyWDri93RwysWR6P+6pX0Tk5FYMhtagZjljEkG2c
cS8KAIcwFtbBNvsy8KKePi+URo9EziiwM3bUAm1vMuKsA1yckbrY6XrEA0jx+hIB
2OkHURo/GImqTvBD5QKJjo/s+RImjHbQi/ngyPo6eER6b3N8RG03gkGnFjVoa+mj
UmYkBiYTVWXpotJu6JJ7LNPC6b/HwuygLLNXLtv1mqtul4wARjciaBRFoiNbKp4K
6ZKH80PbRFhK0HPgj7BjoWldVjsZg6nU3ur6KgQDbc+asrYx9jfr9Af45wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8ga5EiuGujN0ZcH7UIUg2h3inzMB8GA1UdIwQY
MBaAFNRL1WUwE/p8o09SKEMJpoiySeegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUV2VlpUQVQtbnlqVDFJb1F3bW1pTEpKNTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YTNmOWItMWI4Ny00ODU1LWJhM2Mt
YjUwMTI2NjIwMjBkLzEvRHlCcmtTSzRhNk0zUmx3ZnRRaFNEYUhlS2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YTNmOWItMWI4Ny00ODU1LWJhM2MtYjUwMTI2NjIwMjBk
LzEvMUV2VlpUQVQtbnlqVDFJb1F3bW1pTEpKNTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTfFEMA0G
CSqGSIb3DQEBCwUAA4IBAQDiMPzcZOoEkv/fZfB9o90oGSeXPfG0bio3S2AOlrEQ
zOnhckWs/q1eMa90pbJ2xojNmUDADy5YNeBMc4/Aoib5sy20tVu9DsG0TcIjDC+3
7MoQnRqOKsAM9J2hDIwKkw8Pj94Fm3oib7FC7rTw4ZaUk0NRqtG5ffze9sEAYrB2
eZ4WuTf9uBSJbphiBusu/jXV7xTU6cjCPX7wPrp5BpTpt9Ec1ISKnBon/L0NHmqe
9xp07+ZpN+saOhXO7P8mGekKiW1ZPCfkLkGZNvDz+iVDY7DLN6vPpgpDFA3XcS/I
3c7CNAqH9LBDxJYySRa6ozz6p9AN0ARRrUpfwa6wJjf6
-----END CERTIFICATE-----