This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0iurmmarm5XItylwS6wK_asRyu8.roa
File:                     0iurmmarm5XItylwS6wK_asRyu8.roa (raw, json)
Hash identifier:          6H7UixrE4XgDdw5DY/1kVam5yW/t1W9SjFQEjKEikzo=
Subject key identifier:   D2:2B:AB:9A:66:AB:9B:95:C8:B7:29:70:4B:AC:0A:FD:AB:11:CA:EF
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       019B7AC7A4B8701E0AB92BED8DF05BC16DBB
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0iurmmarm5XItylwS6wK_asRyu8.roa
Signing time:             Thu 01 Jan 2026 18:17:42 +0000
ROA not before:           Thu 01 Jan 2026 18:17:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215077
IP address blocks:        91.191.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:a4:b8:70:1e:0a:b9:2b:ed:8d:f0:5b:c1:6d:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 18:17:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d22bab9a66ab9b95c8b729704bac0afdab11caef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:21:14:e8:10:2c:0c:04:36:a9:4a:45:a2:df:
                    7d:e5:e9:7f:a9:3a:70:f8:1a:62:14:8d:33:36:ca:
                    68:00:94:f9:7c:fd:f2:78:fc:ca:6a:70:a0:97:e7:
                    31:2f:ef:02:c0:2a:e1:77:ee:b4:98:5b:f2:26:70:
                    2f:31:d6:f7:0f:09:7c:23:c6:71:12:d4:87:e2:60:
                    ae:69:46:e5:95:05:17:c3:cc:6a:54:69:7c:a6:fb:
                    ea:13:5c:0d:f2:ef:94:4e:ec:3d:8f:7c:ff:1d:86:
                    5c:0a:b2:e2:8f:68:ca:67:f7:07:37:0b:0c:f8:d5:
                    da:f3:d3:92:ac:4c:e4:83:fc:5b:e9:8f:1b:3f:90:
                    3f:64:61:df:fa:0d:3f:89:1f:46:90:f4:6c:d0:2c:
                    56:c7:4a:65:82:31:28:87:5c:29:17:b1:31:8b:3c:
                    23:35:ca:17:0c:7b:27:cf:1b:f7:b5:f8:2b:76:5b:
                    c4:34:08:06:82:d7:4f:f3:b5:de:00:fa:01:f2:b2:
                    3c:40:44:61:e6:52:10:c9:ab:24:6b:0b:e1:55:28:
                    cd:f1:9b:bc:ca:48:3c:81:4c:74:7a:f2:99:2c:27:
                    7d:95:07:c5:3b:2b:e3:37:10:fa:7c:ce:55:0a:59:
                    b1:e4:fd:3a:bf:73:14:e5:4f:5c:d8:b3:84:29:3f:
                    ac:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:2B:AB:9A:66:AB:9B:95:C8:B7:29:70:4B:AC:0A:FD:AB:11:CA:EF
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0iurmmarm5XItylwS6wK_asRyu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.191.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:3c:6f:09:9f:86:35:ae:4e:82:8d:e3:5e:a3:32:cf:55:7e:
         0d:37:f5:d4:98:65:b4:67:8e:a5:9a:46:3e:d7:07:8d:0e:a6:
         3e:e2:c1:c0:60:85:05:69:48:b6:0c:87:cd:d4:10:60:6d:40:
         a0:76:1f:51:39:75:3a:a3:8b:10:71:ad:3a:34:88:43:4f:ad:
         be:00:bb:de:62:8f:4b:b8:eb:31:0c:32:86:1a:93:a8:85:b1:
         7d:74:79:5b:66:5e:2e:3e:00:04:c0:e7:84:ad:f0:38:b7:6f:
         20:8a:44:7b:98:92:12:05:b7:6c:4e:55:30:f2:76:df:f7:6a:
         73:92:65:0d:70:71:ea:f8:8f:58:51:16:96:c6:bc:65:85:86:
         b2:62:0a:f2:07:6e:5b:53:ff:9b:76:86:32:f3:f2:2e:a6:24:
         cd:bd:13:dd:ac:6d:64:46:8b:14:11:ad:4d:40:13:b0:91:1e:
         c7:24:fe:2e:11:ba:7f:c5:c6:4d:85:08:e1:b4:ea:31:ee:8d:
         f8:3c:96:11:c0:2c:4e:2e:fd:c4:3b:f8:2e:07:b1:09:23:33:
         d3:c3:3a:ff:7f:90:9a:0b:4c:f3:f2:50:04:90:68:57:79:2b:
         53:5b:09:12:3c:1f:08:4b:1e:6f:69:e1:47:94:bf:2b:c5:62:
         a6:d2:aa:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x6S4cB4KuSvtjfBbwW27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjYwMTAxMTgxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJiYWI5YTY2YWI5Yjk1YzhiNzI5NzA0YmFjMGFmZGFiMTFjYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCEU6BAsDAQ2qUpFot995el/qTpw
+BpiFI0zNspoAJT5fP3yePzKanCgl+cxL+8CwCrhd+60mFvyJnAvMdb3Dwl8I8Zx
EtSH4mCuaUbllQUXw8xqVGl8pvvqE1wN8u+UTuw9j3z/HYZcCrLij2jKZ/cHNwsM
+NXa89OSrEzkg/xb6Y8bP5A/ZGHf+g0/iR9GkPRs0CxWx0plgjEoh1wpF7Exizwj
NcoXDHsnzxv3tfgrdlvENAgGgtdP87XeAPoB8rI8QERh5lIQyaskawvhVSjN8Zu8
ykg8gUx0evKZLCd9lQfFOyvjNxD6fM5VClmx5P06v3MU5U9c2LOEKT+s8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIrq5pmq5uVyLcpcEusCv2rEcrvMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMGl1cm1tYXJtNVhJdHlsd1M2d0tfYXNSeXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7+8MA0G
CSqGSIb3DQEBCwUAA4IBAQB5PG8Jn4Y1rk6CjeNeozLPVX4NN/XUmGW0Z46lmkY+
1weNDqY+4sHAYIUFaUi2DIfN1BBgbUCgdh9ROXU6o4sQca06NIhDT62+ALveYo9L
uOsxDDKGGpOohbF9dHlbZl4uPgAEwOeErfA4t28gikR7mJISBbdsTlUw8nbf92pz
kmUNcHHq+I9YURaWxrxlhYayYgryB25bU/+bdoYy8/IupiTNvRPdrG1kRosUEa1N
QBOwkR7HJP4uEbp/xcZNhQjhtOox7o34PJYRwCxOLv3EO/guB7EJIzPTwzr/f5Ca
C0zz8lAEkGhXeStTWwkSPB8ISx5vaeFHlL8rxWKm0qqo
-----END CERTIFICATE-----