This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/_lY-6W7Xn2-AqfVwQHvAhbyCFls.roa
File:                     _lY-6W7Xn2-AqfVwQHvAhbyCFls.roa (raw, json)
Hash identifier:          hqNCDPDp6/0n9YdpKrfwQbgSm9Y1kwSX8C7WpmPE7yY=
Subject key identifier:   FE:56:3E:E9:6E:D7:9F:6F:80:A9:F5:70:40:7B:C0:85:BC:82:16:5B
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA40169B569883F3B21201F57282AA3
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/_lY-6W7Xn2-AqfVwQHvAhbyCFls.roa
Signing time:             Thu 01 Jan 2026 22:18:24 +0000
ROA not before:           Thu 01 Jan 2026 22:18:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     51921
IP address blocks:        185.58.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:01:69:b5:69:88:3f:3b:21:20:1f:57:28:2a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fe563ee96ed79f6f80a9f570407bc085bc82165b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:3c:1c:eb:34:52:0f:4e:82:4a:5c:2d:73:18:
                    2f:da:a5:87:f3:e7:26:66:1b:ef:b8:22:56:c7:e8:
                    c9:cd:23:0e:54:3a:f1:c9:f4:3a:f9:5c:fd:a4:f6:
                    d4:5a:6a:0b:7e:48:2f:5f:3b:eb:fc:66:a8:68:3a:
                    09:91:44:87:99:6d:7b:c7:6c:be:61:e4:67:23:bd:
                    bf:1d:11:35:94:09:5d:85:df:25:9e:f7:7b:12:51:
                    61:b2:2b:95:61:00:b3:33:cd:03:e0:1b:be:64:17:
                    e0:43:76:9a:e6:4e:42:98:86:f8:37:ae:c7:94:cc:
                    4f:66:63:39:6b:b7:f7:89:54:5d:e8:87:46:4a:3f:
                    a8:fc:ac:5e:5a:62:d4:f5:a1:cb:42:9d:58:13:33:
                    64:24:38:69:8b:ca:65:3b:7d:94:73:de:5e:b4:1d:
                    78:f5:6b:fa:37:99:56:37:76:f1:76:ed:ac:ee:0c:
                    1c:e4:f3:c4:46:15:85:45:3f:4e:65:93:fe:0c:9a:
                    ff:72:97:b9:83:cf:24:25:66:36:61:1d:6f:58:d8:
                    09:93:07:86:ad:e7:4e:31:b2:ce:64:f0:62:ea:97:
                    19:87:8d:49:c5:d9:79:a4:d9:ed:b5:6a:d4:45:95:
                    33:eb:62:fb:72:3b:ad:83:72:06:8a:ac:46:1a:5a:
                    6c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:56:3E:E9:6E:D7:9F:6F:80:A9:F5:70:40:7B:C0:85:BC:82:16:5B
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/_lY-6W7Xn2-AqfVwQHvAhbyCFls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.58.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:ff:02:c3:a4:5f:44:8a:7d:41:2e:82:d2:2c:0d:09:80:dc:
         ac:2c:0b:5f:57:36:ef:8d:24:28:a8:9c:16:bd:8e:5d:f6:6b:
         a8:cd:4a:b1:89:ee:82:9b:03:d0:7f:44:cf:33:98:0c:49:39:
         b6:f5:6e:38:d5:a9:8e:bb:65:a4:2c:42:fb:27:f6:84:a4:4a:
         47:62:be:2d:08:1e:f0:19:6d:c4:6f:c6:f2:b2:a6:5a:1c:ed:
         a4:00:a6:45:60:f1:ef:d8:b1:17:fa:a0:b7:6b:be:f0:eb:05:
         0f:d9:be:00:aa:88:27:08:62:ee:e2:b7:aa:a1:44:0c:0d:42:
         64:ec:98:6b:a9:fd:06:0c:84:83:79:82:9d:89:ef:17:e8:19:
         88:2d:f8:ea:cf:ae:b1:ac:9f:c4:43:cd:b3:a1:72:80:11:41:
         e0:c8:34:14:01:d3:cb:f6:93:dc:f0:d7:58:6c:19:b3:09:6e:
         68:db:33:7f:8b:5c:df:56:32:51:5d:aa:5e:e1:79:bd:96:0f:
         5e:42:c0:a5:e6:d2:b0:71:c2:f2:f8:a7:58:14:13:f5:9c:16:
         96:68:09:ca:7b:3f:93:b0:6c:f6:f3:af:bf:02:3c:9a:c8:a3:
         38:78:fe:bd:30:7f:72:d7:82:41:f2:d6:83:e1:fc:3d:a4:4f:
         2a:8e:3e:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pAFptWmIPzshIB9XKCqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTU2M2VlOTZlZDc5ZjZmODBhOWY1NzA0MDdiYzA4NWJjODIxNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zwc6zRSD06CSlwtcxgv2qWH8+cm
ZhvvuCJWx+jJzSMOVDrxyfQ6+Vz9pPbUWmoLfkgvXzvr/GaoaDoJkUSHmW17x2y+
YeRnI72/HRE1lAldhd8lnvd7ElFhsiuVYQCzM80D4Bu+ZBfgQ3aa5k5CmIb4N67H
lMxPZmM5a7f3iVRd6IdGSj+o/KxeWmLU9aHLQp1YEzNkJDhpi8plO32Uc95etB14
9Wv6N5lWN3bxdu2s7gwc5PPERhWFRT9OZZP+DJr/cpe5g88kJWY2YR1vWNgJkweG
redOMbLOZPBi6pcZh41Jxdl5pNnttWrURZUz62L7cjutg3IGiqxGGlpsVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5WPulu159vgKn1cEB7wIW8ghZbMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvX2xZLTZXN1huMi1BcWZWd1FIdkFoYnlDRmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTrNMA0G
CSqGSIb3DQEBCwUAA4IBAQC+/wLDpF9Ein1BLoLSLA0JgNysLAtfVzbvjSQoqJwW
vY5d9muozUqxie6CmwPQf0TPM5gMSTm29W441amOu2WkLEL7J/aEpEpHYr4tCB7w
GW3Eb8bysqZaHO2kAKZFYPHv2LEX+qC3a77w6wUP2b4AqognCGLu4reqoUQMDUJk
7Jhrqf0GDISDeYKdie8X6BmILfjqz66xrJ/EQ82zoXKAEUHgyDQUAdPL9pPc8NdY
bBmzCW5o2zN/i1zfVjJRXape4Xm9lg9eQsCl5tKwccLy+KdYFBP1nBaWaAnKez+T
sGz286+/AjyayKM4eP69MH9y14JB8taD4fw9pE8qjj7Y
-----END CERTIFICATE-----