This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0KMtg7pR6QkalaDpbNdaDdlpNcw.roa
File:                     0KMtg7pR6QkalaDpbNdaDdlpNcw.roa (raw, json)
Hash identifier:          QW4QKU0JVxe53oaIqtml7GRAje7Y1GGjOFYuKz0X9go=
Subject key identifier:   D0:A3:2D:83:BA:51:E9:09:1A:95:A0:E9:6C:D7:5A:0D:D9:69:35:CC
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       019B797E0FBC29F829899659C46330194026
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0KMtg7pR6QkalaDpbNdaDdlpNcw.roa
Signing time:             Thu 01 Jan 2026 12:17:42 +0000
ROA not before:           Thu 01 Jan 2026 12:17:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     398343
IP address blocks:        91.216.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 08:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:0f:bc:29:f8:29:89:96:59:c4:63:30:19:40:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Jan  1 12:17:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d0a32d83ba51e9091a95a0e96cd75a0dd96935cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:28:8a:51:8e:d8:a9:04:35:96:94:54:cd:78:
                    ae:5a:b5:47:be:4c:bd:e1:5f:33:f9:99:ba:b8:ea:
                    ca:5e:5b:02:6c:1e:9a:db:04:1a:03:1f:c2:ab:fd:
                    fe:30:f8:62:18:be:56:9b:d1:60:ff:80:26:a8:d2:
                    7f:0e:8a:81:77:39:c9:68:97:aa:34:6b:36:d5:21:
                    fa:48:b5:76:4a:ad:1f:37:f4:b3:58:fd:eb:7f:5b:
                    ef:ac:ed:16:51:93:53:ed:a4:c7:e6:e0:dc:a0:74:
                    ad:dd:b8:79:96:0d:ab:59:73:b2:ec:41:74:b0:f9:
                    78:1a:75:ee:e9:c0:94:6f:fc:f4:6d:8b:c3:d8:b7:
                    f1:95:a9:ad:c1:47:31:7e:7a:63:00:ce:d0:08:9d:
                    08:a5:e9:81:db:df:83:f7:9d:f8:b7:56:b4:a2:80:
                    cb:d6:a0:ea:f4:ae:f7:fb:17:69:05:ad:a1:c9:99:
                    8a:24:68:4a:5f:00:b9:ee:28:36:13:bd:04:29:95:
                    88:d0:5f:6c:cd:fd:c8:0b:aa:d5:47:12:de:52:7e:
                    fe:ee:12:e2:32:a8:36:0d:ff:7d:ef:5a:83:11:05:
                    c1:36:ba:95:50:e4:e3:58:17:fd:49:27:da:16:b6:
                    d5:c9:a2:32:ad:f4:87:46:ce:af:f2:e9:bc:1f:94:
                    3d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:A3:2D:83:BA:51:E9:09:1A:95:A0:E9:6C:D7:5A:0D:D9:69:35:CC
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0KMtg7pR6QkalaDpbNdaDdlpNcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:7a:51:93:89:c3:b9:49:8f:6c:fc:b5:bb:1b:cf:1f:62:78:
         85:aa:b7:f7:a3:70:9e:63:77:eb:dd:39:c2:e4:3f:ff:ba:33:
         14:f9:13:80:8e:ee:5d:86:e8:38:86:a2:fd:ec:4a:d5:b5:0c:
         17:ba:2e:7e:b1:1e:be:86:9f:c3:3c:a5:b2:2d:d0:87:8f:16:
         4d:f6:62:14:b9:f5:03:70:36:98:1b:4a:77:94:01:11:be:7d:
         88:e3:9a:ba:ff:be:e6:e9:30:ca:b0:22:e8:c5:55:a3:fd:83:
         7e:7b:db:69:fd:81:fe:19:db:f0:07:7b:ad:61:7c:52:13:7f:
         ef:b4:48:f2:86:9f:0c:54:0f:cf:58:e8:0d:90:78:04:18:4d:
         72:b4:13:8e:60:21:50:80:4e:12:cf:31:61:11:f5:eb:45:d7:
         95:77:30:e4:1f:09:c6:7a:ed:29:e7:0f:01:09:93:65:27:30:
         82:6d:56:80:33:52:82:a6:70:9a:9c:b8:55:2e:84:6d:3a:bc:
         ff:59:fe:b7:02:5b:7e:11:10:9f:fb:6c:3f:a2:ee:15:5b:57:
         00:15:45:fe:6d:7f:6d:f0:a0:be:7d:c8:a7:8b:47:8b:ea:46:
         6a:5a:e5:eb:4f:1c:50:4d:1a:48:ee:09:a6:12:49:6e:91:8e:
         1c:d7:8d:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fg+8KfgpiZZZxGMwGUAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMTAxMTIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGEzMmQ4M2JhNTFlOTA5MWE5NWEwZTk2Y2Q3NWEwZGQ5NjkzNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyiKUY7YqQQ1lpRUzXiuWrVHvky9
4V8z+Zm6uOrKXlsCbB6a2wQaAx/Cq/3+MPhiGL5Wm9Fg/4AmqNJ/DoqBdznJaJeq
NGs21SH6SLV2Sq0fN/SzWP3rf1vvrO0WUZNT7aTH5uDcoHSt3bh5lg2rWXOy7EF0
sPl4GnXu6cCUb/z0bYvD2LfxlamtwUcxfnpjAM7QCJ0IpemB29+D9534t1a0ooDL
1qDq9K73+xdpBa2hyZmKJGhKXwC57ig2E70EKZWI0F9szf3IC6rVRxLeUn7+7hLi
Mqg2Df9971qDEQXBNrqVUOTjWBf9SSfaFrbVyaIyrfSHRs6v8um8H5Q9KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCjLYO6UekJGpWg6WzXWg3ZaTXMMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMEtNdGc3cFI2UWthbGFEcGJOZGFEZGxwTmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9i5MA0G
CSqGSIb3DQEBCwUAA4IBAQAielGTicO5SY9s/LW7G88fYniFqrf3o3CeY3fr3TnC
5D//ujMU+ROAju5dhug4hqL97ErVtQwXui5+sR6+hp/DPKWyLdCHjxZN9mIUufUD
cDaYG0p3lAERvn2I45q6/77m6TDKsCLoxVWj/YN+e9tp/YH+GdvwB3utYXxSE3/v
tEjyhp8MVA/PWOgNkHgEGE1ytBOOYCFQgE4SzzFhEfXrRdeVdzDkHwnGeu0p5w8B
CZNlJzCCbVaAM1KCpnCanLhVLoRtOrz/Wf63Alt+ERCf+2w/ou4VW1cAFUX+bX9t
8KC+fcini0eL6kZqWuXrTxxQTRpI7gmmEklukY4c142k
-----END CERTIFICATE-----