This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ydHPynA-WZZzBfRpPoH9bBYJVFI.roa
File:                     ydHPynA-WZZzBfRpPoH9bBYJVFI.roa (raw, json)
Hash identifier:          zUJBbBQ6fg/i/CM/EnQ7Y0w1oc/UoPQfcnnHrN+aTOY=
Subject key identifier:   C9:D1:CF:CA:70:3E:59:96:73:05:F4:69:3E:81:FD:6C:16:09:54:52
Certificate issuer:       /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial:       019B7E38BAD4D4477CF4EF83768C73AC3737
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ydHPynA-WZZzBfRpPoH9bBYJVFI.roa
Signing time:             Fri 02 Jan 2026 10:20:05 +0000
ROA not before:           Fri 02 Jan 2026 10:20:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215413
IP address blocks:        62.171.251.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 Jan 2026 18:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:ba:d4:d4:47:7c:f4:ef:83:76:8c:73:ac:37:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
        Validity
            Not Before: Jan  2 10:20:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c9d1cfca703e59967305f4693e81fd6c16095452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cf:97:44:6d:da:80:88:e7:30:a3:05:19:0c:
                    d7:5f:d2:8f:78:0b:4a:65:2a:d7:2a:e7:50:1f:0c:
                    91:f7:a3:33:55:df:d6:a2:6d:25:4c:3c:d4:32:7f:
                    c1:a5:4f:a0:54:49:59:66:94:52:c3:b5:ae:5e:36:
                    3a:71:f0:20:cb:e5:78:af:28:9e:8b:19:7c:75:41:
                    ee:6e:fc:3b:7c:ea:e2:c9:53:f6:86:ac:b7:98:5d:
                    e2:61:20:18:ea:0b:a6:4d:69:68:19:d6:b2:1b:be:
                    6c:75:76:74:35:df:7f:54:df:8c:ff:e9:05:0f:d5:
                    6f:a6:f9:28:ee:b4:be:a2:28:9a:07:b7:f4:08:a5:
                    0f:59:df:60:9d:34:71:0e:7a:d6:43:88:aa:96:c4:
                    47:80:80:f1:15:ba:4f:ac:52:b6:59:a6:73:c1:65:
                    1c:9d:dc:b3:51:17:e4:06:32:7d:6f:e2:b6:e4:51:
                    1f:8f:d1:22:c1:d5:f7:80:9c:2f:f9:01:3d:50:2a:
                    16:a5:ed:f3:8f:cf:27:07:9c:de:38:9b:4c:fb:9d:
                    47:21:6e:8c:dd:76:f5:35:fa:92:e3:e5:e6:d2:77:
                    e5:1a:3c:d3:76:bc:a1:8e:52:1d:1a:f2:f0:12:6d:
                    6b:96:8a:b7:56:42:0f:5b:76:bc:15:9e:d4:f0:9f:
                    90:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D1:CF:CA:70:3E:59:96:73:05:F4:69:3E:81:FD:6C:16:09:54:52
            X509v3 Authority Key Identifier:
                keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ydHPynA-WZZzBfRpPoH9bBYJVFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.171.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:ea:11:61:78:9f:e3:46:0a:08:65:83:d3:22:c9:d6:1f:9e:
         90:37:cb:d8:2f:29:5b:b3:63:5e:c4:5d:f6:10:17:4c:9d:35:
         e5:60:28:c7:52:cb:0f:61:8f:f6:17:30:bd:d2:be:5d:c1:03:
         95:28:c2:17:9b:b1:89:4f:1f:e8:51:c2:a7:e8:23:f1:ab:6e:
         bd:e0:62:9d:0d:56:0f:3c:ff:b7:51:38:9c:75:a8:b4:19:d3:
         4d:a2:fc:59:34:c6:cc:96:b5:4e:b6:0e:4a:73:35:ed:93:bb:
         53:ac:aa:b8:22:48:d4:1e:93:8e:ec:95:dd:7c:3d:a4:e7:d1:
         5f:44:82:49:9d:e8:56:31:c6:6a:2b:ee:c0:a1:21:14:c2:2a:
         c5:e5:1c:56:ea:ea:02:f8:fd:4e:d6:b5:7c:50:e2:17:42:83:
         0d:58:7d:5e:ad:8d:14:fe:a2:5a:0e:98:9f:4e:1f:bf:fe:c3:
         a1:3b:c6:14:e2:76:7b:e3:30:43:19:c0:ba:9c:17:67:00:87:
         40:6a:7a:b0:87:0d:b8:21:39:7d:d7:b6:11:c7:a5:b8:25:40:
         f0:d0:0f:13:31:fd:a2:95:37:93:0f:74:9d:2f:76:72:f7:2a:
         9e:e8:54:b6:13:3c:b2:54:ac:07:cb:12:be:b1:6a:5e:94:94:
         d7:19:e5:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OLrU1Ed89O+DdoxzrDc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjYwMTAyMTAyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQxY2ZjYTcwM2U1OTk2NzMwNWY0NjkzZTgxZmQ2YzE2MDk1NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8+XRG3agIjnMKMFGQzXX9KPeAtK
ZSrXKudQHwyR96MzVd/Wom0lTDzUMn/BpU+gVElZZpRSw7WuXjY6cfAgy+V4ryie
ixl8dUHubvw7fOriyVP2hqy3mF3iYSAY6gumTWloGdayG75sdXZ0Nd9/VN+M/+kF
D9Vvpvko7rS+oiiaB7f0CKUPWd9gnTRxDnrWQ4iqlsRHgIDxFbpPrFK2WaZzwWUc
ndyzURfkBjJ9b+K25FEfj9EiwdX3gJwv+QE9UCoWpe3zj88nB5zeOJtM+51HIW6M
3Xb1NfqS4+Xm0nflGjzTdryhjlIdGvLwEm1rloq3VkIPW3a8FZ7U8J+QwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnRz8pwPlmWcwX0aT6B/WwWCVRSMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEveWRIUHluQS1XWlp6QmZScFBvSDliQllKVkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPqv7MA0G
CSqGSIb3DQEBCwUAA4IBAQCA6hFheJ/jRgoIZYPTIsnWH56QN8vYLylbs2NexF32
EBdMnTXlYCjHUssPYY/2FzC90r5dwQOVKMIXm7GJTx/oUcKn6CPxq2694GKdDVYP
PP+3UTicdai0GdNNovxZNMbMlrVOtg5KczXtk7tTrKq4IkjUHpOO7JXdfD2k59Ff
RIJJnehWMcZqK+7AoSEUwirF5RxW6uoC+P1O1rV8UOIXQoMNWH1erY0U/qJaDpif
Th+//sOhO8YU4nZ74zBDGcC6nBdnAIdAanqwhw24ITl917YRx6W4JUDw0A8TMf2i
lTeTD3SdL3Zy9yqe6FS2EzyyVKwHyxK+sWpelJTXGeU/
-----END CERTIFICATE-----