This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_YrGQaV-xv0pIG914t75tY-lgq4.roa
File:                     _YrGQaV-xv0pIG914t75tY-lgq4.roa (raw, json)
Hash identifier:          mceOdmff8pDALeUaOfa99NehQO4QsbAd1TsnHGDmlpY=
Subject key identifier:   FD:8A:C6:41:A5:7E:C6:FD:29:20:6F:75:E2:DE:F9:B5:8F:A5:82:AE
Certificate issuer:       /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial:       019B76EAF9B534398E273454868CE16D32CE
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_YrGQaV-xv0pIG914t75tY-lgq4.roa
Signing time:             Thu 01 Jan 2026 00:17:49 +0000
ROA not before:           Thu 01 Jan 2026 00:17:49 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204331
IP address blocks:        185.253.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 20:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:ea:f9:b5:34:39:8e:27:34:54:86:8c:e1:6d:32:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
        Validity
            Not Before: Jan  1 00:17:49 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fd8ac641a57ec6fd29206f75e2def9b58fa582ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:bc:b0:86:34:86:30:0b:b7:8f:7f:91:82:4b:
                    f3:d1:cd:11:45:19:c5:bf:e6:a9:7c:8a:ea:c9:3d:
                    e2:3e:83:75:42:06:80:8f:06:8d:d4:9c:a2:7f:16:
                    5e:23:7f:29:09:e3:d4:d4:2d:23:09:66:88:c4:44:
                    27:10:74:37:cf:19:c3:cf:d3:a6:67:35:aa:a2:1a:
                    00:ae:44:be:41:70:8f:d7:48:74:3a:c2:c5:06:0d:
                    f4:e6:87:75:0b:88:84:21:c3:5c:b7:aa:b5:dd:48:
                    9a:ad:cf:a3:e5:67:1c:41:af:b9:7a:2e:8a:14:96:
                    85:f2:38:30:f2:84:64:23:5e:92:b2:9e:3b:e5:dc:
                    93:bb:c8:89:c7:16:c3:49:fc:e8:b4:45:a3:fe:e8:
                    51:5d:86:f1:8e:97:0f:95:87:d8:ee:c1:c8:7c:1c:
                    99:de:71:c7:a8:1e:09:56:0a:94:bd:ae:25:79:84:
                    ed:cb:65:6f:4b:a1:c2:84:06:ac:64:30:3f:59:1c:
                    ad:9a:96:10:97:89:2b:b7:fd:43:c3:9e:00:a7:31:
                    a2:bf:c4:a3:4a:2e:fc:01:d9:13:12:c5:99:41:e3:
                    6b:bf:92:61:28:8c:e4:43:4e:8d:98:91:88:a3:f7:
                    b2:b7:32:f0:b1:57:6a:f0:4d:1b:29:b4:d7:63:ee:
                    61:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8A:C6:41:A5:7E:C6:FD:29:20:6F:75:E2:DE:F9:B5:8F:A5:82:AE
            X509v3 Authority Key Identifier:
                keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_YrGQaV-xv0pIG914t75tY-lgq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:9a:f9:90:43:4e:16:7e:d8:4f:53:7b:e6:b9:9b:bf:b9:8c:
         6b:65:b2:06:41:96:62:96:f6:08:ea:3d:0a:b0:d3:1a:cf:df:
         16:a4:36:05:e0:16:c1:4f:34:08:80:1d:11:1d:60:89:c6:40:
         94:30:0a:61:32:62:6e:d2:3c:83:f5:0c:60:41:01:e7:eb:26:
         f2:4b:9c:b3:b2:f5:57:3b:92:29:e2:db:5d:8b:38:b3:b3:b3:
         c7:c6:f4:32:04:af:d8:2d:9b:9a:f8:70:8a:3f:4a:38:0b:f7:
         21:ab:b0:3e:a4:8d:74:4f:ec:fb:12:7e:7d:20:e6:bb:13:6c:
         72:d7:c1:a3:80:a0:6c:f6:43:83:93:20:47:56:ae:8d:f0:d5:
         d6:11:9d:1e:54:f1:4b:4e:0d:fa:11:88:cf:df:8b:30:65:e3:
         f6:f7:56:ec:5a:da:55:d0:71:b8:0b:04:bb:81:78:5e:c2:70:
         5f:0b:cd:8a:3b:c7:ad:31:60:ee:33:a2:09:ff:a4:6e:d7:52:
         4f:d4:1b:3e:87:a3:69:80:6a:2a:41:0a:cc:7f:27:b5:9a:b7:
         00:ad:94:90:b3:ab:57:62:6f:c8:ff:eb:d0:bc:db:f4:60:b7:
         70:ad:33:19:5d:57:10:15:7c:d1:d4:5a:e6:24:df:4a:4b:7d:
         93:a5:a3:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26vm1NDmOJzRUhozhbTLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjYwMTAxMDAxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhhYzY0MWE1N2VjNmZkMjkyMDZmNzVlMmRlZjliNThmYTU4MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrywhjSGMAu3j3+Rgkvz0c0RRRnF
v+apfIrqyT3iPoN1QgaAjwaN1JyifxZeI38pCePU1C0jCWaIxEQnEHQ3zxnDz9Om
ZzWqohoArkS+QXCP10h0OsLFBg305od1C4iEIcNct6q13Uiarc+j5WccQa+5ei6K
FJaF8jgw8oRkI16Ssp475dyTu8iJxxbDSfzotEWj/uhRXYbxjpcPlYfY7sHIfByZ
3nHHqB4JVgqUva4leYTty2VvS6HChAasZDA/WRytmpYQl4krt/1Dw54ApzGiv8Sj
Si78AdkTEsWZQeNrv5JhKIzkQ06NmJGIo/eytzLwsVdq8E0bKbTXY+5hKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2KxkGlfsb9KSBvdeLe+bWPpYKuMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvX1lyR1FhVi14djBwSUc5MTR0NzV0WS1sZ3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf1MMA0G
CSqGSIb3DQEBCwUAA4IBAQBImvmQQ04WfthPU3vmuZu/uYxrZbIGQZZilvYI6j0K
sNMaz98WpDYF4BbBTzQIgB0RHWCJxkCUMAphMmJu0jyD9QxgQQHn6ybyS5yzsvVX
O5Ip4ttdizizs7PHxvQyBK/YLZua+HCKP0o4C/chq7A+pI10T+z7En59IOa7E2xy
18GjgKBs9kODkyBHVq6N8NXWEZ0eVPFLTg36EYjP34swZeP291bsWtpV0HG4CwS7
gXhewnBfC82KO8etMWDuM6IJ/6Ru11JP1Bs+h6NpgGoqQQrMfye1mrcArZSQs6tX
Ym/I/+vQvNv0YLdwrTMZXVcQFXzR1FrmJN9KS32TpaOJ
-----END CERTIFICATE-----