This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y1mYlNnDO_T20kDvrkqvnkTjY0c.roa
File:                     y1mYlNnDO_T20kDvrkqvnkTjY0c.roa (raw, json)
Hash identifier:          R/ncXMTkys4s1kQAQfruJYBBkRg4KUxmnZwrqeC1ulU=
Subject key identifier:   CB:59:98:94:D9:C3:3B:F4:F6:D2:40:EF:AE:4A:AF:9E:44:E3:63:47
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA402B890C7D141356B42607678A86A
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y1mYlNnDO_T20kDvrkqvnkTjY0c.roa
Signing time:             Thu 01 Jan 2026 22:18:24 +0000
ROA not before:           Thu 01 Jan 2026 22:18:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     56975
IP address blocks:        185.212.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:02:b8:90:c7:d1:41:35:6b:42:60:76:78:a8:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=cb599894d9c33bf4f6d240efae4aaf9e44e36347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ea:de:94:e7:fa:e6:80:90:ed:a1:2d:ca:a7:
                    ab:98:46:f0:d6:cf:99:d9:15:e1:b1:a4:a9:28:ba:
                    4c:2e:92:2a:9c:76:16:6a:dd:0a:d3:49:17:27:47:
                    9d:7e:d1:d1:d2:3a:4f:4a:00:e3:68:03:67:b4:66:
                    1c:1e:4b:cb:b1:5f:76:bc:92:06:26:36:38:6c:0b:
                    46:37:97:d0:1b:db:05:d5:34:7a:59:36:7b:b4:53:
                    69:99:4a:5a:12:55:37:41:2d:8f:25:d9:4b:ae:f3:
                    65:bd:70:95:94:6e:5b:aa:23:d5:e0:31:71:7f:a6:
                    30:42:bd:e5:0d:c2:50:80:22:77:b2:88:3b:30:28:
                    87:bf:27:f0:60:4d:bc:d4:34:e9:56:1a:87:9d:0d:
                    f8:9e:46:86:1a:a1:e2:13:ef:1e:94:7e:79:59:f7:
                    6b:3d:9c:5b:2a:b6:8b:0a:88:7d:2f:aa:22:f1:c3:
                    28:87:b4:5b:78:e0:4c:22:f1:a3:fd:7e:92:6b:a9:
                    b8:73:c5:ae:75:38:14:71:42:70:90:8b:9a:6b:60:
                    9b:43:a0:99:17:fc:13:4a:5f:0e:fc:2d:24:d9:fb:
                    78:24:79:86:23:57:13:77:d5:e5:4f:93:9b:fc:9a:
                    2e:20:3c:78:05:14:60:91:b6:80:0f:f0:11:21:62:
                    94:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:59:98:94:D9:C3:3B:F4:F6:D2:40:EF:AE:4A:AF:9E:44:E3:63:47
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y1mYlNnDO_T20kDvrkqvnkTjY0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:95:d8:f7:21:d1:2b:04:b2:e2:94:52:1b:2c:19:f9:2e:d1:
         d8:40:31:be:bc:05:2a:70:22:82:13:d2:18:e9:6b:a7:b1:d5:
         9a:dd:c9:42:0c:e5:1f:1a:5c:5d:cd:5e:ed:49:71:6a:5e:85:
         c7:6c:98:38:46:d3:c3:e7:85:06:e1:6a:85:12:d8:d2:99:92:
         1e:5f:d5:d5:a9:11:25:6b:56:7c:3b:ff:25:56:26:df:72:d4:
         dd:02:dd:24:44:fd:7a:64:4a:fe:73:d7:83:5b:c7:90:20:7e:
         aa:41:6d:76:94:d8:85:ce:c8:e1:8a:43:ac:1c:e0:b1:49:3b:
         38:8c:d4:87:67:5e:c0:8f:c6:d9:34:32:a5:3c:5f:cb:b5:ed:
         ae:ca:0b:3b:55:12:8b:e6:db:12:62:11:15:08:25:da:f3:0d:
         3b:01:92:17:12:31:80:d6:1a:c2:0d:bf:71:52:e3:18:93:33:
         78:de:36:c2:84:b3:d0:f7:bf:d2:36:7a:27:e3:5f:98:21:34:
         bb:b1:b3:6f:91:65:85:ef:fd:f1:fc:51:03:20:94:68:85:3c:
         4d:40:3a:17:29:a6:35:d9:0d:61:37:5d:e8:19:99:0e:fe:a8:
         45:96:f2:7d:00:f4:07:fa:f5:71:9b:e4:70:9c:36:b0:1e:49:
         9e:db:6f:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pAK4kMfRQTVrQmB2eKhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU5OTg5NGQ5YzMzYmY0ZjZkMjQwZWZhZTRhYWY5ZTQ0ZTM2MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OrelOf65oCQ7aEtyqermEbw1s+Z
2RXhsaSpKLpMLpIqnHYWat0K00kXJ0edftHR0jpPSgDjaANntGYcHkvLsV92vJIG
JjY4bAtGN5fQG9sF1TR6WTZ7tFNpmUpaElU3QS2PJdlLrvNlvXCVlG5bqiPV4DFx
f6YwQr3lDcJQgCJ3sog7MCiHvyfwYE281DTpVhqHnQ34nkaGGqHiE+8elH55Wfdr
PZxbKraLCoh9L6oi8cMoh7RbeOBMIvGj/X6Sa6m4c8WudTgUcUJwkIuaa2CbQ6CZ
F/wTSl8O/C0k2ft4JHmGI1cTd9XlT5Ob/JouIDx4BRRgkbaAD/ARIWKUpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtZmJTZwzv09tJA765Kr55E42NHMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEveTFtWWxObkRPX1QyMGtEdnJrcXZua1RqWTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudSXMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ldj3IdErBLLilFIbLBn5LtHYQDG+vAUqcCKCE9IY
6WunsdWa3clCDOUfGlxdzV7tSXFqXoXHbJg4RtPD54UG4WqFEtjSmZIeX9XVqREl
a1Z8O/8lVibfctTdAt0kRP16ZEr+c9eDW8eQIH6qQW12lNiFzsjhikOsHOCxSTs4
jNSHZ17Aj8bZNDKlPF/Lte2uygs7VRKL5tsSYhEVCCXa8w07AZIXEjGA1hrCDb9x
UuMYkzN43jbChLPQ97/SNnon41+YITS7sbNvkWWF7/3x/FEDIJRohTxNQDoXKaY1
2Q1hN13oGZkO/qhFlvJ9APQH+vVxm+RwnDawHkme229S
-----END CERTIFICATE-----