This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/DgOoOQQXCFOOiAboGyt3uJYGrX8.roa
File:                     DgOoOQQXCFOOiAboGyt3uJYGrX8.roa (raw, json)
Hash identifier:          ttv6R+EWnpLDn0WbmgVmCLHJJB9im8Fg+Aestwf1Mxs=
Subject key identifier:   0E:03:A8:39:04:17:08:53:8E:88:06:E8:1B:2B:77:B8:96:06:AD:7F
Certificate issuer:       /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial:       019B797EE1675E8673FCCC76DB5D527AAA5F
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/DgOoOQQXCFOOiAboGyt3uJYGrX8.roa
Signing time:             Thu 01 Jan 2026 12:18:36 +0000
ROA not before:           Thu 01 Jan 2026 12:18:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200450
IP address blocks:        185.225.236.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:e1:67:5e:86:73:fc:cc:76:db:5d:52:7a:aa:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
        Validity
            Not Before: Jan  1 12:18:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0e03a839041708538e8806e81b2b77b89606ad7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:31:a5:66:6c:af:a0:31:34:e3:e6:bc:5b:2a:
                    ab:77:84:30:0f:45:9d:24:81:4a:78:ae:19:62:bf:
                    11:e4:cc:af:f3:ce:07:a0:c4:4f:56:39:36:03:52:
                    6b:04:e1:7e:e1:cb:a8:ff:15:96:e1:7b:dd:f8:57:
                    9b:eb:49:74:89:96:31:6e:55:e0:4e:1d:f2:4a:f4:
                    c1:76:a9:e0:d2:e4:f2:f9:0f:e0:f6:75:af:5a:40:
                    ee:fa:c6:a2:8d:aa:33:d3:b8:03:77:bc:af:af:1d:
                    d1:99:c2:e3:5b:ba:71:3c:2d:d6:96:fa:d7:61:fe:
                    42:d9:b9:e3:34:83:28:11:99:95:99:d7:c9:75:19:
                    29:11:1e:81:d1:38:0e:cd:0c:3e:bc:87:38:5f:25:
                    d5:8b:f6:5e:24:4d:b5:27:88:20:01:f9:1f:14:69:
                    9a:e7:29:5e:1c:1a:3f:fc:7c:74:81:7c:fd:d5:af:
                    ee:6d:04:1b:d3:1f:ce:b9:36:ff:f7:2c:76:ba:6c:
                    9f:fa:ba:c5:a3:9b:1d:38:b2:e6:f4:22:3e:63:7d:
                    a2:18:9b:36:16:96:1d:21:a0:70:8f:4c:2a:89:46:
                    cc:d7:fb:27:cd:b5:e6:df:a9:21:0a:e0:88:f9:42:
                    d5:ef:36:cf:ee:f6:8a:eb:ce:5e:a1:cc:8f:36:6d:
                    c8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:03:A8:39:04:17:08:53:8E:88:06:E8:1B:2B:77:B8:96:06:AD:7F
            X509v3 Authority Key Identifier:
                keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/DgOoOQQXCFOOiAboGyt3uJYGrX8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:6e:3a:20:79:ad:77:f8:22:45:0e:45:8b:89:b2:16:21:dc:
         73:1b:fd:95:c3:ae:03:54:23:3d:27:5a:71:05:6a:ce:b4:9c:
         ac:f5:6c:8d:e2:bf:13:63:b9:32:5f:55:f1:ee:c1:70:76:49:
         7b:01:68:ac:8a:f6:7c:b4:da:ab:44:00:0b:7d:dc:69:c9:a9:
         29:a5:f8:23:af:d1:61:30:64:e8:c5:a9:d6:7c:b3:a7:bd:03:
         22:a6:79:fe:d2:70:2b:7e:1c:c7:6e:f3:00:72:b7:71:80:78:
         f9:00:48:86:2f:70:bf:28:fc:31:e1:f6:01:57:92:22:93:af:
         47:dd:68:cd:a3:9f:c0:a8:e4:64:c1:37:c0:46:79:e3:59:77:
         6a:b9:71:de:2e:d9:4b:6a:aa:48:a0:f0:0d:b4:60:fa:11:46:
         a0:e1:70:2d:ea:1a:0b:1d:6a:42:74:39:0a:63:e5:35:4c:f6:
         37:b6:ca:ea:a4:da:27:14:1b:5f:69:9e:c1:79:da:d6:d6:63:
         6b:33:d9:6c:01:1c:e9:8d:c3:74:af:1f:68:e3:65:08:5d:d4:
         ee:48:c4:4a:f0:76:a3:bf:43:70:2d:59:b8:52:27:d1:ca:14:
         9a:92:9d:21:e1:b7:26:b2:46:a6:a0:bb:ba:d7:f6:6e:c0:94:
         0f:3b:ad:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fuFnXoZz/Mx2211SeqpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjYwMTAxMTIxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTAzYTgzOTA0MTcwODUzOGU4ODA2ZTgxYjJiNzdiODk2MDZhZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujGlZmyvoDE04+a8Wyqrd4QwD0Wd
JIFKeK4ZYr8R5Myv884HoMRPVjk2A1JrBOF+4cuo/xWW4Xvd+Feb60l0iZYxblXg
Th3ySvTBdqng0uTy+Q/g9nWvWkDu+saijaoz07gDd7yvrx3RmcLjW7pxPC3WlvrX
Yf5C2bnjNIMoEZmVmdfJdRkpER6B0TgOzQw+vIc4XyXVi/ZeJE21J4ggAfkfFGma
5yleHBo//Hx0gXz91a/ubQQb0x/OuTb/9yx2umyf+rrFo5sdOLLm9CI+Y32iGJs2
FpYdIaBwj0wqiUbM1/snzbXm36khCuCI+ULV7zbP7vaK685eocyPNm3I3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4DqDkEFwhTjogG6Bsrd7iWBq1/MB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvRGdPb09RUVhDRk9PaUFib0d5dDN1SllHclg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHsMA0G
CSqGSIb3DQEBCwUAA4IBAQAUbjogea13+CJFDkWLibIWIdxzG/2Vw64DVCM9J1px
BWrOtJys9WyN4r8TY7kyX1Xx7sFwdkl7AWisivZ8tNqrRAALfdxpyakppfgjr9Fh
MGToxanWfLOnvQMipnn+0nArfhzHbvMAcrdxgHj5AEiGL3C/KPwx4fYBV5Iik69H
3WjNo5/AqORkwTfARnnjWXdquXHeLtlLaqpIoPANtGD6EUag4XAt6hoLHWpCdDkK
Y+U1TPY3tsrqpNonFBtfaZ7BedrW1mNrM9lsARzpjcN0rx9o42UIXdTuSMRK8Haj
v0NwLVm4UifRyhSakp0h4bcmskamoLu61/ZuwJQPO61S
-----END CERTIFICATE-----