This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y_WbdonZw2wHE4BFqZ4HejVoJCc.roa
File:                     y_WbdonZw2wHE4BFqZ4HejVoJCc.roa (raw, json)
Hash identifier:          3U/wA+Haa1nBvoQqoGE6iCjIv8D7ftvsz7xhV1GW3Eg=
Subject key identifier:   CB:F5:9B:76:89:D9:C3:6C:07:13:80:45:A9:9E:07:7A:35:68:24:27
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA412095F2BF7445C1CB5648340DCB5
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y_WbdonZw2wHE4BFqZ4HejVoJCc.roa
Signing time:             Thu 01 Jan 2026 22:18:28 +0000
ROA not before:           Thu 01 Jan 2026 22:18:28 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205135
IP address blocks:        185.229.67.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:12:09:5f:2b:f7:44:5c:1c:b5:64:83:40:dc:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:28 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=cbf59b7689d9c36c07138045a99e077a35682427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:e0:37:30:40:0b:af:9f:26:c1:28:2d:31:e3:
                    4c:54:6b:97:b2:a8:e4:a1:d6:6a:d7:c8:23:a8:18:
                    68:37:17:6d:d4:d0:28:e8:60:32:1f:a4:fd:88:c1:
                    2c:f7:fb:01:72:50:39:6f:62:bd:77:48:e6:09:3b:
                    d9:0b:45:a9:06:cc:64:a4:50:d5:7f:d3:5a:2d:66:
                    66:d2:2a:93:ed:f4:f0:35:c6:16:d5:3a:03:ab:8a:
                    f5:29:04:b6:6e:d2:2f:78:61:b2:08:4d:18:43:a3:
                    7a:fd:76:f0:59:5b:6d:e9:c5:3d:a1:cb:b5:5b:c1:
                    67:fe:b0:56:1b:3a:d8:96:51:ea:6e:57:c6:45:e9:
                    4a:c3:20:fc:89:0a:92:24:60:13:45:e2:3b:be:55:
                    b2:51:b8:4f:53:c5:c6:22:ec:0a:c4:2e:d7:c1:4c:
                    a9:8d:22:b5:5f:8e:dc:d0:58:fa:68:00:a8:a4:36:
                    cc:14:bb:17:b8:d9:bd:b8:35:13:4b:43:1e:94:b3:
                    b9:ce:f8:a0:d0:63:c1:ea:21:ef:eb:e1:39:f4:0d:
                    53:b6:2a:88:2a:b2:e4:b4:16:48:1d:d7:85:f4:27:
                    58:e7:0f:f5:8d:e3:86:31:5f:a7:d8:da:36:81:ae:
                    38:05:ac:ff:3a:a0:a2:a9:05:3b:7c:45:69:c0:e8:
                    6a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:F5:9B:76:89:D9:C3:6C:07:13:80:45:A9:9E:07:7A:35:68:24:27
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/y_WbdonZw2wHE4BFqZ4HejVoJCc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:fb:d8:96:e3:75:0b:66:f6:ad:bc:5d:5e:ed:9f:fc:ba:b1:
         91:2f:52:6a:45:d9:dd:8a:66:03:85:d4:01:a0:64:dd:a5:e4:
         35:7e:37:aa:78:3c:24:be:67:27:a3:ae:d8:7b:60:e5:dd:6e:
         f3:87:8b:1f:9b:32:aa:0a:e6:f6:3c:fd:8e:f1:bc:72:e9:81:
         4c:7f:a6:31:74:88:a3:84:70:4e:cf:c0:4a:aa:3f:e1:7a:4a:
         ae:1c:fd:fa:19:e3:32:3e:a3:ea:26:23:79:a2:e8:38:28:8c:
         d5:63:43:9d:17:c0:9a:34:2b:81:b9:4b:9a:0a:aa:7b:39:ec:
         25:f1:18:8e:81:9b:90:56:b2:1e:ce:9c:a7:64:92:e0:a2:5f:
         9c:f0:72:cc:a0:90:59:87:fb:3d:f3:de:b2:f4:4a:fc:9d:07:
         cc:67:81:f1:37:f5:6e:61:8a:12:27:fa:c7:31:58:17:c5:a4:
         59:47:8e:bf:79:3b:65:5c:77:72:c9:b1:79:b6:69:f3:39:af:
         2a:cf:90:5b:34:7a:1b:db:26:a4:ca:d5:50:fe:ae:b3:63:0e:
         85:2c:4f:e9:b8:f0:45:3c:1f:14:58:57:7b:41:f5:21:b8:22:
         e8:33:0a:07:29:fa:c9:d4:67:36:dc:65:82:b8:de:1c:15:76:
         df:c1:77:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pBIJXyv3RFwctWSDQNy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY1OWI3Njg5ZDljMzZjMDcxMzgwNDVhOTllMDc3YTM1NjgyNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eA3MEALr58mwSgtMeNMVGuXsqjk
odZq18gjqBhoNxdt1NAo6GAyH6T9iMEs9/sBclA5b2K9d0jmCTvZC0WpBsxkpFDV
f9NaLWZm0iqT7fTwNcYW1ToDq4r1KQS2btIveGGyCE0YQ6N6/XbwWVtt6cU9ocu1
W8Fn/rBWGzrYllHqblfGRelKwyD8iQqSJGATReI7vlWyUbhPU8XGIuwKxC7XwUyp
jSK1X47c0Fj6aACopDbMFLsXuNm9uDUTS0MelLO5zvig0GPB6iHv6+E59A1TtiqI
KrLktBZIHdeF9CdY5w/1jeOGMV+n2No2ga44Baz/OqCiqQU7fEVpwOhqewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMv1m3aJ2cNsBxOARameB3o1aCQnMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEveV9XYmRvblp3MndIRTRCRnFaNEhlalZvSkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueVDMA0G
CSqGSIb3DQEBCwUAA4IBAQCa+9iW43ULZvatvF1e7Z/8urGRL1JqRdndimYDhdQB
oGTdpeQ1fjeqeDwkvmcno67Ye2Dl3W7zh4sfmzKqCub2PP2O8bxy6YFMf6YxdIij
hHBOz8BKqj/hekquHP36GeMyPqPqJiN5oug4KIzVY0OdF8CaNCuBuUuaCqp7Oewl
8RiOgZuQVrIezpynZJLgol+c8HLMoJBZh/s9896y9Er8nQfMZ4HxN/VuYYoSJ/rH
MVgXxaRZR46/eTtlXHdyybF5tmnzOa8qz5BbNHob2yakytVQ/q6zYw6FLE/puPBF
PB8UWFd7QfUhuCLoMwoHKfrJ1Gc23GWCuN4cFXbfwXfU
-----END CERTIFICATE-----