This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/yhvjZUqxn_FUY-Mlri4ogZjyLBM.roa
File:                     yhvjZUqxn_FUY-Mlri4ogZjyLBM.roa (raw, json)
Hash identifier:          L0ywjyagm2bruEE3Ewodq3fXEbUNJSk+4fnvkwsHn6s=
Subject key identifier:   CA:1B:E3:65:4A:B1:9F:F1:54:63:E3:25:AE:2E:28:81:98:F2:2C:13
Certificate issuer:       /CN=833e0e480411b9c88e916def90fc3a901026394a
Certificate serial:       019B79105122AD157D04550882364EA386AC
Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/yhvjZUqxn_FUY-Mlri4ogZjyLBM.roa
Signing time:             Thu 01 Jan 2026 10:17:51 +0000
ROA not before:           Thu 01 Jan 2026 10:17:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     14618
IP address blocks:        185.7.73.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 Jan 2026 15:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:51:22:ad:15:7d:04:55:08:82:36:4e:a3:86:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a
        Validity
            Not Before: Jan  1 10:17:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ca1be3654ab19ff15463e325ae2e288198f22c13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:0d:4d:f4:9e:46:e8:3d:52:e1:bd:aa:52:e8:
                    50:59:a1:b9:c0:27:a9:f2:8b:d9:ee:35:72:87:7b:
                    22:ad:8f:42:0e:d9:e3:5d:17:1c:96:b1:b8:d4:95:
                    bb:76:6b:68:85:ff:f4:9a:87:d4:3f:65:76:bf:43:
                    85:85:b6:59:ca:16:93:99:4e:82:24:e9:e7:78:3e:
                    d2:d9:69:5b:1d:f2:07:b5:0f:6e:28:14:7b:82:32:
                    29:43:62:ec:cc:e1:03:85:da:c9:4f:d6:1f:34:ff:
                    5f:ff:a4:73:df:a4:41:05:80:d2:1c:99:fc:eb:b1:
                    d5:b6:4c:35:13:5b:a2:b3:ac:60:b4:34:13:da:74:
                    be:a2:c5:71:9f:7e:df:3b:7e:30:2f:ed:c4:a7:72:
                    78:28:84:8f:6a:50:da:4d:a2:71:01:52:98:b0:13:
                    ba:ef:4d:1a:73:86:1d:95:dd:eb:f3:90:6d:aa:cb:
                    55:16:c5:65:04:d6:08:32:41:48:95:47:b2:36:ba:
                    f4:08:7f:42:a0:1a:b6:d6:df:57:5d:91:47:c3:ec:
                    dd:13:9b:69:80:80:fd:02:a5:c5:6a:bb:0b:55:74:
                    70:b3:04:46:d0:7a:dd:5b:fe:a0:1c:b9:d9:1b:1b:
                    80:af:c4:0f:e5:d8:49:5d:41:c1:f4:a1:f3:7b:48:
                    90:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:1B:E3:65:4A:B1:9F:F1:54:63:E3:25:AE:2E:28:81:98:F2:2C:13
            X509v3 Authority Key Identifier:
                keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/yhvjZUqxn_FUY-Mlri4ogZjyLBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.7.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:55:69:76:31:23:9f:78:6c:89:16:7f:ce:e1:d1:1c:52:83:
         dd:eb:1f:3d:c8:26:73:77:3b:38:ff:85:1e:96:eb:e3:c4:f0:
         1d:c9:d8:70:dd:8f:67:6a:c9:25:c2:fe:b8:98:d7:bc:06:1d:
         21:d4:3e:84:28:17:09:d5:b8:0c:e9:a0:f6:5b:27:35:66:09:
         c1:6b:0c:67:3a:b0:3b:79:c2:5a:9b:7e:51:b0:0f:78:13:9b:
         59:f4:9a:e8:99:bf:78:58:b7:66:d8:ba:c9:89:e9:f2:7a:04:
         fe:c9:76:55:f8:14:3e:8e:04:02:20:28:30:03:de:0e:ad:c3:
         dd:d1:d7:f4:7a:c9:1c:70:ee:80:67:a4:46:58:1d:6d:47:45:
         95:1c:d4:4f:1c:35:ff:42:75:cb:ee:21:f3:77:2a:b6:a0:3e:
         97:08:17:7f:b8:1a:ab:12:8a:73:59:64:a9:5b:f5:fc:43:12:
         9d:4d:7a:e3:f4:64:17:e9:54:e6:e1:65:68:fb:65:f8:b0:47:
         fe:b6:6a:ea:7f:82:fc:97:ed:af:d4:9f:02:f5:48:00:e1:ab:
         aa:bd:80:ff:2f:fc:e8:74:6d:44:3c:ad:30:68:59:5e:21:7a:
         b3:c1:d1:30:11:7c:73:1e:76:58:d1:14:ca:a3:7d:83:67:4a:
         c9:41:de:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EFEirRV9BFUIgjZOo4asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UwZTQ4MDQxMWI5Yzg4ZTkxNmRlZjkwZmMzYTkwMTAy
NjM5NGEwHhcNMjYwMTAxMTAxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFiZTM2NTRhYjE5ZmYxNTQ2M2UzMjVhZTJlMjg4MTk4ZjIyYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g1N9J5G6D1S4b2qUuhQWaG5wCep
8ovZ7jVyh3sirY9CDtnjXRcclrG41JW7dmtohf/0mofUP2V2v0OFhbZZyhaTmU6C
JOnneD7S2WlbHfIHtQ9uKBR7gjIpQ2LszOEDhdrJT9YfNP9f/6Rz36RBBYDSHJn8
67HVtkw1E1uis6xgtDQT2nS+osVxn37fO34wL+3Ep3J4KISPalDaTaJxAVKYsBO6
700ac4Ydld3r85BtqstVFsVlBNYIMkFIlUeyNrr0CH9CoBq21t9XXZFHw+zdE5tp
gID9AqXFarsLVXRwswRG0HrdW/6gHLnZGxuAr8QP5dhJXUHB9KHze0iQuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMob42VKsZ/xVGPjJa4uKIGY8iwTMB8GA1UdIwQY
MBaAFIM+DkgEEbnIjpFt75D8OpAQJjlKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMt
NmMyMGViYWYzMGE5LzEveWh2alpVcXhuX0ZVWS1NbHJpNG9nWmp5TEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMtNmMyMGViYWYzMGE5
LzEvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdJMA0G
CSqGSIb3DQEBCwUAA4IBAQBPVWl2MSOfeGyJFn/O4dEcUoPd6x89yCZzdzs4/4Ue
luvjxPAdydhw3Y9nasklwv64mNe8Bh0h1D6EKBcJ1bgM6aD2Wyc1ZgnBawxnOrA7
ecJam35RsA94E5tZ9Jromb94WLdm2LrJienyegT+yXZV+BQ+jgQCICgwA94OrcPd
0df0eskccO6AZ6RGWB1tR0WVHNRPHDX/QnXL7iHzdyq2oD6XCBd/uBqrEopzWWSp
W/X8QxKdTXrj9GQX6VTm4WVo+2X4sEf+tmrqf4L8l+2v1J8C9UgA4auqvYD/L/zo
dG1EPK0waFleIXqzwdEwEXxzHnZY0RTKo32DZ0rJQd7y
-----END CERTIFICATE-----