This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/73KjaABUIPMMJFXxvW8vZjtsKWs.roa
File:                     73KjaABUIPMMJFXxvW8vZjtsKWs.roa (raw, json)
Hash identifier:          gAkg8MW5s4Wu4Exe0BB68OpW+467tevdwwSm3IV/F4s=
Subject key identifier:   EF:72:A3:68:00:54:20:F3:0C:24:55:F1:BD:6F:2F:66:3B:6C:29:6B
Certificate issuer:       /CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Certificate serial:       019B797EC8B81A5F2CE8D1BF40BB57FF56B3
Authority key identifier: DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/73KjaABUIPMMJFXxvW8vZjtsKWs.roa
Signing time:             Thu 01 Jan 2026 12:18:30 +0000
ROA not before:           Thu 01 Jan 2026 12:18:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42184
IP address blocks:        195.66.121.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Feb 2026 21:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:c8:b8:1a:5f:2c:e8:d1:bf:40:bb:57:ff:56:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
        Validity
            Not Before: Jan  1 12:18:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ef72a368005420f30c2455f1bd6f2f663b6c296b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:93:a8:4b:6a:5c:36:97:61:62:b2:e0:90:f6:
                    bc:aa:f1:51:61:88:37:1e:46:b4:97:e0:8b:d0:35:
                    8d:e1:66:55:f6:41:74:ce:73:4d:c6:2d:86:28:5b:
                    2f:6f:01:5d:d2:67:98:28:38:4d:cc:76:83:ee:ff:
                    a2:e2:bf:43:06:ac:b5:b9:88:f1:5b:3e:52:cc:8b:
                    c6:29:30:bd:09:d9:ee:52:02:aa:4d:9c:5d:bd:e5:
                    54:d0:0a:00:7a:88:71:97:56:fb:b7:f0:42:e3:93:
                    62:a7:af:9e:08:7f:21:ef:e2:a5:8b:ce:75:ac:a3:
                    81:78:5e:95:67:2b:46:a1:c1:36:be:68:3c:b1:81:
                    4a:39:47:f4:84:b0:5a:c0:7e:6a:1b:9f:95:a7:3f:
                    f7:74:e4:ad:73:ab:8d:bc:23:c4:78:1a:dd:45:6c:
                    c0:bc:e3:39:dc:6e:b3:da:96:8a:9c:d3:a2:76:4e:
                    16:cb:03:87:6b:59:55:0c:a9:17:a0:79:87:b8:57:
                    19:be:f9:0e:23:9e:ec:60:e1:96:63:79:8f:f0:6d:
                    e6:01:3b:00:cb:ac:bb:90:38:0c:41:b4:26:1b:1b:
                    0c:92:09:ed:d0:8f:29:3f:c3:68:61:3c:0b:de:84:
                    1a:c2:1b:01:91:dd:f6:6f:43:07:bf:bc:b9:d5:85:
                    0a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:72:A3:68:00:54:20:F3:0C:24:55:F1:BD:6F:2F:66:3B:6C:29:6B
            X509v3 Authority Key Identifier:
                keyid:DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/73KjaABUIPMMJFXxvW8vZjtsKWs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.66.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:5e:ca:61:26:55:5c:8e:88:cc:e6:aa:eb:28:83:8e:39:96:
         fe:8d:e5:e9:2e:d5:76:f8:ad:01:04:53:06:87:c8:4e:ac:7d:
         cd:4c:f8:18:9e:f1:09:f6:12:46:07:e0:50:d8:6a:42:fe:5a:
         ec:c5:37:a3:e0:a0:71:ae:9f:c3:54:0e:69:93:3c:0f:6f:58:
         98:77:75:d3:6e:43:67:a2:38:b4:5f:62:a8:7c:5b:61:ee:71:
         b3:03:0e:c1:e9:db:74:fc:81:fd:15:52:33:7f:d4:81:3e:63:
         1a:75:15:f4:40:2f:10:e0:06:6c:59:61:af:99:38:4c:d3:00:
         08:2f:1b:c6:b1:76:9c:dc:b0:b0:e1:56:cc:45:74:fb:81:29:
         bd:f7:f8:53:a9:3b:49:5c:0f:16:06:1a:27:74:a3:4f:e1:d0:
         90:d8:35:a3:29:b6:05:3b:50:91:08:2b:6b:ef:d6:10:63:60:
         42:5b:4e:b5:44:c9:4c:35:3e:18:cb:dc:f8:b1:f1:eb:a0:95:
         db:c4:55:a2:b4:a5:1e:93:f7:d0:b5:f8:9b:59:f2:80:98:54:
         19:c5:83:6d:69:cf:d9:ef:43:ac:88:a9:02:23:35:6e:0e:a0:
         3e:db:f9:ed:0f:5d:8a:ec:f6:df:76:b5:fe:18:45:38:92:a0:
         25:6f:8b:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fsi4Gl8s6NG/QLtX/1azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYwZmYzNjVkNGJkOTA4ZGU5MDJlZWRhMDNiMjc5YzJm
ODA5ZDMwHhcNMjYwMTAxMTIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjcyYTM2ODAwNTQyMGYzMGMyNDU1ZjFiZDZmMmY2NjNiNmMyOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5OoS2pcNpdhYrLgkPa8qvFRYYg3
Hka0l+CL0DWN4WZV9kF0znNNxi2GKFsvbwFd0meYKDhNzHaD7v+i4r9DBqy1uYjx
Wz5SzIvGKTC9CdnuUgKqTZxdveVU0AoAeohxl1b7t/BC45Nip6+eCH8h7+Kli851
rKOBeF6VZytGocE2vmg8sYFKOUf0hLBawH5qG5+Vpz/3dOStc6uNvCPEeBrdRWzA
vOM53G6z2paKnNOidk4WywOHa1lVDKkXoHmHuFcZvvkOI57sYOGWY3mP8G3mATsA
y6y7kDgMQbQmGxsMkgnt0I8pP8NoYTwL3oQawhsBkd32b0MHv7y51YUK4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9yo2gAVCDzDCRV8b1vL2Y7bClrMB8GA1UdIwQY
MBaAFNqvD/Nl1L2QjekC7toDsnnC+AnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAt
NDA5MTc2Zjg0NmQzLzEvNzNLamFBQlVJUE1NSkZYeHZXOHZaanRzS1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAtNDA5MTc2Zjg0NmQz
LzEvMnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0J5MA0G
CSqGSIb3DQEBCwUAA4IBAQBSXsphJlVcjojM5qrrKIOOOZb+jeXpLtV2+K0BBFMG
h8hOrH3NTPgYnvEJ9hJGB+BQ2GpC/lrsxTej4KBxrp/DVA5pkzwPb1iYd3XTbkNn
oji0X2KofFth7nGzAw7B6dt0/IH9FVIzf9SBPmMadRX0QC8Q4AZsWWGvmThM0wAI
LxvGsXac3LCw4VbMRXT7gSm99/hTqTtJXA8WBhondKNP4dCQ2DWjKbYFO1CRCCtr
79YQY2BCW061RMlMNT4Yy9z4sfHroJXbxFWitKUek/fQtfibWfKAmFQZxYNtac/Z
70OsiKkCIzVuDqA+2/ntD12K7PbfdrX+GEU4kqAlb4u6
-----END CERTIFICATE-----