This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/0nAoxOfSI-Fg3qBYxFuaPDy7tz0.roa
File:                     0nAoxOfSI-Fg3qBYxFuaPDy7tz0.roa (raw, json)
Hash identifier:          xZaeZFNOpP8EcoHnXAhOrgqCIg6pKCiy0FKxYYXH5qY=
Subject key identifier:   D2:70:28:C4:E7:D2:23:E1:60:DE:A0:58:C4:5B:9A:3C:3C:BB:B7:3D
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       019B7CEDED655B2C8D91CA16C2B4E39D24D3
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/0nAoxOfSI-Fg3qBYxFuaPDy7tz0.roa
Signing time:             Fri 02 Jan 2026 04:18:46 +0000
ROA not before:           Fri 02 Jan 2026 04:18:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     197071
IP address blocks:        185.244.25.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 19:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:ed:65:5b:2c:8d:91:ca:16:c2:b4:e3:9d:24:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Jan  2 04:18:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d27028c4e7d223e160dea058c45b9a3c3cbbb73d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b3:c2:cb:3f:6c:6c:62:91:5f:e3:c1:fd:fa:
                    b2:cc:40:a6:16:7f:9e:1c:e0:f1:f6:fb:5e:2e:4e:
                    cd:ff:5f:b3:06:01:7a:41:a4:61:e4:c5:05:a6:04:
                    67:4b:6a:86:3e:a0:4d:13:fb:8a:ae:31:9c:60:0a:
                    b4:2d:52:51:09:6d:b6:94:6b:49:62:9c:c8:4f:7a:
                    50:b8:46:7b:c8:34:d0:5d:4e:35:ec:cd:1d:2d:30:
                    05:77:32:f8:31:a2:41:60:9f:c9:65:ba:df:80:20:
                    07:a6:af:cd:1e:b7:4b:3b:fe:cf:da:75:c3:fa:35:
                    48:c7:71:d6:22:2c:42:05:30:81:e3:6b:76:c6:19:
                    b9:5c:8b:c4:4d:37:3c:27:7f:29:c3:47:32:a1:5f:
                    2c:71:3a:c5:d1:98:b9:36:dd:f4:c3:b0:03:eb:00:
                    e0:5d:23:d2:21:1d:26:2d:93:30:59:fb:7e:94:f5:
                    a1:72:21:b8:29:4b:bf:2e:c5:eb:ee:b7:22:c8:b0:
                    26:3e:8e:1e:b8:69:e1:2b:5f:2e:20:1e:75:be:21:
                    a0:c2:8a:49:d9:ba:34:4c:41:f4:ef:d1:46:e3:44:
                    53:29:07:5e:fb:67:49:13:b0:c8:96:b5:61:3c:c1:
                    49:2a:90:d3:4e:e0:4b:ea:33:ad:12:d2:85:37:af:
                    8b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:70:28:C4:E7:D2:23:E1:60:DE:A0:58:C4:5B:9A:3C:3C:BB:B7:3D
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/0nAoxOfSI-Fg3qBYxFuaPDy7tz0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:c1:86:67:36:82:3c:41:66:a3:e8:13:08:aa:fe:04:63:90:
         7f:74:b0:44:33:b0:b4:d1:87:c7:fd:ef:57:3c:37:0c:24:93:
         03:81:a8:2e:d8:fb:2a:5f:8d:be:c0:91:cf:b5:3f:0a:d8:e1:
         f1:e3:33:92:e8:0b:33:87:30:e3:7f:73:37:f9:73:10:45:85:
         43:d6:af:fa:5d:8b:53:af:44:d3:32:30:6c:1a:5b:d6:f8:0c:
         5f:22:c0:8e:5a:03:b9:1b:22:0e:2f:03:9d:e7:2c:0d:e6:f6:
         d0:f1:75:dc:36:25:eb:41:df:a7:c7:69:8f:d7:de:be:e3:1a:
         e0:19:74:01:a5:df:25:10:fc:75:33:ab:cc:4a:b0:d3:c7:7f:
         fb:91:13:eb:c4:bb:8b:24:2f:9e:68:f5:8e:51:36:7d:4e:89:
         7e:a8:28:d7:11:02:6c:bd:cc:dd:95:8a:3b:87:b4:cd:84:e1:
         72:3a:b7:b7:c9:df:82:89:32:ce:01:bc:d5:c4:18:07:ba:33:
         9b:b8:c5:aa:db:46:86:e9:dc:ba:cd:20:6e:1c:62:bd:43:b2:
         08:29:99:69:63:6b:61:eb:70:64:84:ad:d5:77:5d:fb:8a:18:
         fa:db:6e:db:c4:47:29:46:69:72:a3:d1:27:f0:fc:b7:48:65:
         d2:ed:af:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87e1lWyyNkcoWwrTjnSTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjYwMTAyMDQxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjcwMjhjNGU3ZDIyM2UxNjBkZWEwNThjNDViOWEzYzNjYmJiNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7PCyz9sbGKRX+PB/fqyzECmFn+e
HODx9vteLk7N/1+zBgF6QaRh5MUFpgRnS2qGPqBNE/uKrjGcYAq0LVJRCW22lGtJ
YpzIT3pQuEZ7yDTQXU417M0dLTAFdzL4MaJBYJ/JZbrfgCAHpq/NHrdLO/7P2nXD
+jVIx3HWIixCBTCB42t2xhm5XIvETTc8J38pw0cyoV8scTrF0Zi5Nt30w7AD6wDg
XSPSIR0mLZMwWft+lPWhciG4KUu/LsXr7rciyLAmPo4euGnhK18uIB51viGgwopJ
2bo0TEH079FG40RTKQde+2dJE7DIlrVhPMFJKpDTTuBL6jOtEtKFN6+LtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJwKMTn0iPhYN6gWMRbmjw8u7c9MB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvMG5Bb3hPZlNJLUZnM3FCWXhGdWFQRHk3dHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufQZMA0G
CSqGSIb3DQEBCwUAA4IBAQCVwYZnNoI8QWaj6BMIqv4EY5B/dLBEM7C00YfH/e9X
PDcMJJMDgagu2PsqX42+wJHPtT8K2OHx4zOS6AszhzDjf3M3+XMQRYVD1q/6XYtT
r0TTMjBsGlvW+AxfIsCOWgO5GyIOLwOd5ywN5vbQ8XXcNiXrQd+nx2mP196+4xrg
GXQBpd8lEPx1M6vMSrDTx3/7kRPrxLuLJC+eaPWOUTZ9Tol+qCjXEQJsvczdlYo7
h7TNhOFyOre3yd+CiTLOAbzVxBgHujObuMWq20aG6dy6zSBuHGK9Q7IIKZlpY2th
63BkhK3Vd137ihj6227bxEcpRmlyo9En8Py3SGXS7a+y
-----END CERTIFICATE-----