This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa
File:                     KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa (raw, json)
Hash identifier:          DzYiLKcYFU2Q0VtZNwQkwth/5N+BuGWGx0hMS551gkc=
Subject key identifier:   2B:22:06:35:91:43:76:38:85:F6:EB:D5:88:6D:E7:45:6F:41:9B:0F
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       019B7CED671D495786F6BFFC164BC328A15D
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa
Signing time:             Fri 02 Jan 2026 04:18:11 +0000
ROA not before:           Fri 02 Jan 2026 04:18:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216384
IP address blocks:        185.55.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 10:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:67:1d:49:57:86:f6:bf:fc:16:4b:c3:28:a1:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Jan  2 04:18:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=2b2206359143763885f6ebd5886de7456f419b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:25:9a:74:80:41:da:94:b0:44:37:21:9e:99:
                    b8:a5:ab:94:47:bc:f3:71:ed:81:6e:79:2e:a1:1f:
                    6c:7f:02:03:46:75:57:bb:7b:31:e5:ac:74:83:32:
                    a0:be:78:c8:a7:e5:69:bd:b0:c2:2f:17:a4:4e:83:
                    86:4d:1a:0a:1e:80:8b:2e:89:59:c2:57:7d:18:a6:
                    79:1b:34:9f:8d:f4:ee:be:8a:7c:74:41:2a:22:21:
                    6e:46:0c:4c:a6:44:21:4a:16:f8:09:1b:8a:4c:43:
                    f7:79:80:51:35:3c:40:f3:e1:f5:b6:d4:58:9d:5e:
                    0c:d1:1e:4c:b9:dc:6c:d4:78:c6:b6:09:0f:1a:ce:
                    38:b5:84:6b:d9:93:a5:b5:0d:b3:9e:3f:c0:5f:49:
                    90:66:a9:2c:4a:02:00:56:cb:60:3e:1e:d2:8d:96:
                    51:19:e4:f8:45:36:3b:b6:29:a4:f6:42:d7:bf:60:
                    75:7e:06:82:b9:70:95:41:2c:12:e6:40:39:24:f8:
                    94:89:5e:90:e4:f1:96:44:e2:56:2b:a6:3c:0a:a0:
                    f7:aa:8b:ff:af:f1:8c:aa:4d:14:11:f4:d9:75:5b:
                    f2:a1:84:0b:96:c9:a6:95:2a:1b:6a:fb:3b:3a:de:
                    2f:f4:7f:97:de:5c:15:65:1f:53:ca:86:e7:67:f3:
                    61:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:22:06:35:91:43:76:38:85:F6:EB:D5:88:6D:E7:45:6F:41:9B:0F
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.55.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:f4:ff:0d:d3:95:83:b4:a1:b3:87:7e:48:67:5f:aa:3a:7e:
         e4:2e:3a:58:75:ba:b1:8e:37:5c:62:fd:29:51:0f:52:05:11:
         1a:64:5b:98:42:c3:98:c8:23:63:f6:91:4f:11:01:51:8a:d7:
         4c:19:a1:36:58:cd:25:17:6a:e3:d5:e2:e1:1d:e6:d7:eb:c9:
         94:bd:ce:18:08:26:3c:12:46:29:80:d5:38:50:a5:71:b4:16:
         e3:03:c3:bb:88:8b:b9:d2:c5:62:06:81:18:d6:0f:c0:fe:72:
         df:c4:ca:95:bf:26:c7:0f:25:ab:5d:8c:8a:0f:a9:a4:ab:72:
         9b:ce:68:22:a6:67:0e:19:be:48:bf:8b:76:19:5c:0b:14:41:
         ec:0b:15:ea:23:87:53:db:ed:2e:3a:6e:41:ef:75:49:d6:08:
         33:8f:c7:9a:82:66:b8:df:e5:c6:e4:2e:41:28:90:97:4b:15:
         cc:fb:1e:bb:69:92:41:38:3c:a3:b5:fe:52:25:89:d3:4f:01:
         25:11:ee:35:1f:d8:06:eb:e3:76:a5:d2:4b:3f:c5:c0:56:58:
         0b:75:33:00:22:73:c4:23:0a:71:94:ec:7a:92:fd:34:9e:f5:
         2f:e0:ac:2b:8a:e3:d3:89:21:a2:9f:cb:cb:0e:80:11:6a:b4:
         09:a7:08:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87WcdSVeG9r/8FkvDKKFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjYwMTAyMDQxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjIyMDYzNTkxNDM3NjM4ODVmNmViZDU4ODZkZTc0NTZmNDE5YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SWadIBB2pSwRDchnpm4pauUR7zz
ce2BbnkuoR9sfwIDRnVXu3sx5ax0gzKgvnjIp+VpvbDCLxekToOGTRoKHoCLLolZ
wld9GKZ5GzSfjfTuvop8dEEqIiFuRgxMpkQhShb4CRuKTEP3eYBRNTxA8+H1ttRY
nV4M0R5Mudxs1HjGtgkPGs44tYRr2ZOltQ2znj/AX0mQZqksSgIAVstgPh7SjZZR
GeT4RTY7timk9kLXv2B1fgaCuXCVQSwS5kA5JPiUiV6Q5PGWROJWK6Y8CqD3qov/
r/GMqk0UEfTZdVvyoYQLlsmmlSobavs7Ot4v9H+X3lwVZR9TyobnZ/NhIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsiBjWRQ3Y4hfbr1Yht50VvQZsPMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvS3lJR05aRkRkamlGOXV2VmlHM25SVzlCbXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTdSMA0G
CSqGSIb3DQEBCwUAA4IBAQAt9P8N05WDtKGzh35IZ1+qOn7kLjpYdbqxjjdcYv0p
UQ9SBREaZFuYQsOYyCNj9pFPEQFRitdMGaE2WM0lF2rj1eLhHebX68mUvc4YCCY8
EkYpgNU4UKVxtBbjA8O7iIu50sViBoEY1g/A/nLfxMqVvybHDyWrXYyKD6mkq3Kb
zmgipmcOGb5Iv4t2GVwLFEHsCxXqI4dT2+0uOm5B73VJ1ggzj8eagma43+XG5C5B
KJCXSxXM+x67aZJBODyjtf5SJYnTTwElEe41H9gG6+N2pdJLP8XAVlgLdTMAInPE
IwpxlOx6kv00nvUv4KwriuPTiSGin8vLDoARarQJpwih
-----END CERTIFICATE-----