This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/YldXwO0wTiST1rJ11Fh6UibkiMs.roa
File:                     YldXwO0wTiST1rJ11Fh6UibkiMs.roa (raw, json)
Hash identifier:          q1K7/099GzfPKS/Ka5XnTd+hE9CJ03nVzvkRGNHjwkM=
Subject key identifier:   62:57:57:C0:ED:30:4E:24:93:D6:B2:75:D4:58:7A:52:26:E4:88:CB
Certificate issuer:       /CN=835fbb927b295062b7d0a72047b6b4aa1b0f9b29
Certificate serial:       019B77C76971D345C609438D1F648E6413A7
Authority key identifier: 83:5F:BB:92:7B:29:50:62:B7:D0:A7:20:47:B6:B4:AA:1B:0F:9B:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/YldXwO0wTiST1rJ11Fh6UibkiMs.roa
Signing time:             Thu 01 Jan 2026 04:18:35 +0000
ROA not before:           Thu 01 Jan 2026 04:18:35 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206909
IP address blocks:        185.172.104.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 15:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:69:71:d3:45:c6:09:43:8d:1f:64:8e:64:13:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835fbb927b295062b7d0a72047b6b4aa1b0f9b29
        Validity
            Not Before: Jan  1 04:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=625757c0ed304e2493d6b275d4587a5226e488cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:91:e8:2c:8c:b0:25:74:2d:90:d6:51:83:bb:
                    56:04:c2:6f:fa:18:80:c6:bb:99:07:57:ce:63:99:
                    1e:aa:b0:7c:c8:b4:6e:6c:ad:26:8f:86:4a:a6:fe:
                    ce:f8:57:de:48:62:6a:d6:9c:96:62:25:fd:63:d7:
                    5e:d9:d0:d9:7f:77:e3:ff:6a:50:75:78:dc:d1:07:
                    9e:94:a0:55:10:2d:e4:10:83:a3:0d:ed:b2:5a:8c:
                    56:e5:4f:37:0b:a3:b2:e2:ee:53:92:4d:f1:49:24:
                    01:2b:96:d9:09:32:e6:5b:4c:89:4e:89:85:46:31:
                    c5:86:7c:c5:ee:20:a9:83:3c:c5:e0:61:17:d5:d4:
                    e6:7a:87:56:14:ef:c4:30:70:bf:8b:82:c4:aa:ee:
                    53:a7:46:82:00:2e:d4:a7:7e:91:af:97:2a:72:2f:
                    1b:af:5d:fa:9a:21:9c:6f:7a:1e:99:38:66:5b:dd:
                    b6:37:83:dc:2f:92:b7:ec:8f:07:d1:66:8e:0c:77:
                    2f:05:7f:7d:46:d9:7e:74:a9:85:a4:c2:fe:e2:0a:
                    f4:bf:74:a3:de:9c:f0:17:16:e5:b7:de:62:7a:04:
                    86:f8:6f:43:77:95:9a:9f:81:86:0e:f6:16:c7:b4:
                    65:91:dd:46:f9:19:79:bf:eb:b7:88:09:d5:a1:8c:
                    1e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:57:57:C0:ED:30:4E:24:93:D6:B2:75:D4:58:7A:52:26:E4:88:CB
            X509v3 Authority Key Identifier:
                keyid:83:5F:BB:92:7B:29:50:62:B7:D0:A7:20:47:B6:B4:AA:1B:0F:9B:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/YldXwO0wTiST1rJ11Fh6UibkiMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:54:1f:8f:9e:86:c7:48:26:74:dd:93:cd:82:d1:c5:f4:ac:
         31:4c:c3:08:cb:59:46:6a:5c:db:75:d5:46:3e:bd:a4:30:df:
         eb:d2:6f:73:c2:a4:e4:9a:19:a8:50:34:52:ba:87:df:18:61:
         b5:7f:47:7b:02:b9:68:7f:8e:a0:50:f8:2b:d7:e1:66:4f:52:
         03:58:7f:d1:8b:1a:f5:d5:a6:55:d0:aa:db:e8:46:6f:6b:c8:
         65:a4:8a:9d:ee:69:72:37:04:5d:3a:87:d9:57:e4:4e:d8:e8:
         08:9d:b8:e9:4f:7f:1a:a4:52:de:66:2c:09:98:ac:ee:80:33:
         4b:4a:f4:53:1e:69:ef:f9:ba:25:8b:08:20:07:bc:e8:e7:c6:
         5f:1e:94:08:a3:63:9f:52:0b:4f:ea:0b:12:45:33:c9:eb:9a:
         f4:83:f7:e3:8b:dd:05:d4:28:3e:9b:ea:9a:4c:72:e8:8e:c6:
         2f:3a:7d:32:1e:ed:19:08:87:5d:dc:00:30:3a:64:e8:df:af:
         15:8b:f8:36:79:05:a4:d2:aa:20:60:61:69:0e:84:d2:56:1d:
         20:70:1b:83:60:9a:b6:cf:00:30:2b:4e:e3:c7:24:50:80:9f:
         65:32:2e:0a:c2:ea:b6:8f:b6:f7:fc:92:16:07:1a:99:19:bd:
         d8:91:81:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x2lx00XGCUONH2SOZBOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWZiYjkyN2IyOTUwNjJiN2QwYTcyMDQ3YjZiNGFhMWIw
ZjliMjkwHhcNMjYwMTAxMDQxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjU3NTdjMGVkMzA0ZTI0OTNkNmIyNzVkNDU4N2E1MjI2ZTQ4OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZHoLIywJXQtkNZRg7tWBMJv+hiA
xruZB1fOY5keqrB8yLRubK0mj4ZKpv7O+FfeSGJq1pyWYiX9Y9de2dDZf3fj/2pQ
dXjc0QeelKBVEC3kEIOjDe2yWoxW5U83C6Oy4u5Tkk3xSSQBK5bZCTLmW0yJTomF
RjHFhnzF7iCpgzzF4GEX1dTmeodWFO/EMHC/i4LEqu5Tp0aCAC7Up36Rr5cqci8b
r136miGcb3oemThmW922N4PcL5K37I8H0WaODHcvBX99Rtl+dKmFpML+4gr0v3Sj
3pzwFxblt95iegSG+G9Dd5Wan4GGDvYWx7Rlkd1G+Rl5v+u3iAnVoYwePwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJXV8DtME4kk9ayddRYelIm5IjLMB8GA1UdIwQY
MBaAFINfu5J7KVBit9CnIEe2tKobD5spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzEtN2tuc3BVR0szMEtjZ1I3YTBxaHNQbXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jNjRiZjQtYzYwNS00NjFhLWJiNzQt
YjE4ZjhmN2Q5MGU4LzEvWWxkWHdPMHdUaVNUMXJKMTFGaDZVaWJraU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jNjRiZjQtYzYwNS00NjFhLWJiNzQtYjE4ZjhmN2Q5MGU4
LzEvZzEtN2tuc3BVR0szMEtjZ1I3YTBxaHNQbXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaxoMA0G
CSqGSIb3DQEBCwUAA4IBAQBxVB+PnobHSCZ03ZPNgtHF9KwxTMMIy1lGalzbddVG
Pr2kMN/r0m9zwqTkmhmoUDRSuoffGGG1f0d7Arlof46gUPgr1+FmT1IDWH/Rixr1
1aZV0Krb6EZva8hlpIqd7mlyNwRdOofZV+RO2OgInbjpT38apFLeZiwJmKzugDNL
SvRTHmnv+boliwggB7zo58ZfHpQIo2OfUgtP6gsSRTPJ65r0g/fji90F1Cg+m+qa
THLojsYvOn0yHu0ZCIdd3AAwOmTo368Vi/g2eQWk0qogYGFpDoTSVh0gcBuDYJq2
zwAwK07jxyRQgJ9lMi4Kwuq2j7b3/JIWBxqZGb3YkYF3
-----END CERTIFICATE-----