This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/dJpXPlF_vRyOgX7jQKghLw8pQUQ.roa
File:                     dJpXPlF_vRyOgX7jQKghLw8pQUQ.roa (raw, json)
Hash identifier:          E1+cy9PTWiny/1y88hiJPYv+llkKbECfLmkj5G9alPY=
Subject key identifier:   74:9A:57:3E:51:7F:BD:1C:8E:81:7E:E3:40:A8:21:2F:0F:29:41:44
Certificate issuer:       /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial:       019B77C70D32EC75B27F57A48AA414800A02
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/dJpXPlF_vRyOgX7jQKghLw8pQUQ.roa
Signing time:             Thu 01 Jan 2026 04:18:12 +0000
ROA not before:           Thu 01 Jan 2026 04:18:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204479
IP address blocks:        185.107.67.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Feb 2026 17:32:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:0d:32:ec:75:b2:7f:57:a4:8a:a4:14:80:0a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
        Validity
            Not Before: Jan  1 04:18:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=749a573e517fbd1c8e817ee340a8212f0f294144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5d:49:fc:42:33:5e:c8:e9:f8:2e:78:ab:1e:
                    35:f2:1f:37:56:9a:53:3a:28:17:ba:ce:47:9e:79:
                    0a:bd:53:18:6b:9b:02:71:86:d3:d1:ab:5e:e0:0f:
                    46:c9:88:db:0c:9d:84:d0:6f:b9:32:a6:a3:12:9c:
                    13:a0:1f:5f:36:71:bb:d3:8e:07:31:5c:50:d2:15:
                    5d:25:19:fb:28:ba:69:70:d7:2f:af:b2:fa:bf:f5:
                    26:06:d4:12:86:ef:6c:9c:13:98:54:3e:e9:7a:7f:
                    ac:97:e4:3c:8f:db:c1:35:cc:32:bf:88:1f:6a:43:
                    4d:b9:be:36:cd:0a:82:86:06:cf:a3:1f:c2:47:1f:
                    e6:2f:3e:bc:cd:ed:c4:22:81:0f:e1:b5:ed:30:59:
                    50:d0:7f:b1:8a:db:8c:e1:3c:ce:3b:19:b6:50:ff:
                    c8:32:b3:63:c4:b1:4c:fc:95:74:85:87:15:b2:3f:
                    ce:8f:b9:1a:27:70:ac:cc:9f:f2:ac:53:96:58:fc:
                    f2:af:db:a8:7e:5d:d5:ba:d8:90:b2:38:46:90:ed:
                    29:38:ad:4f:28:61:a5:03:ad:42:f0:03:dd:46:4f:
                    c3:09:5d:6c:82:a2:31:69:52:d0:93:9d:cf:ab:74:
                    e5:78:23:0d:b6:80:47:d0:61:ee:4b:33:da:50:45:
                    d4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9A:57:3E:51:7F:BD:1C:8E:81:7E:E3:40:A8:21:2F:0F:29:41:44
            X509v3 Authority Key Identifier:
                keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/dJpXPlF_vRyOgX7jQKghLw8pQUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.107.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:c3:e7:56:e4:a3:92:a8:b9:e6:e0:c1:ef:65:59:cd:e6:2c:
         17:83:1a:a1:b3:f1:d2:91:63:e1:f2:5d:4a:31:88:75:da:c9:
         03:4d:35:6a:38:14:ef:79:e0:02:06:70:d4:cc:a2:eb:1f:e0:
         17:4a:99:8b:07:fd:b6:86:97:43:67:09:93:fe:9c:e3:86:dd:
         57:db:bd:73:75:95:6e:4b:12:62:23:be:7d:4b:12:15:ab:72:
         d7:3c:cf:2b:e4:9e:e0:b0:43:89:6d:c2:b8:05:ce:20:41:09:
         35:ed:bf:e0:12:93:0d:bb:8c:ec:e6:d7:d7:e1:40:d6:84:ca:
         e2:02:4d:a8:c7:70:a0:31:33:52:e7:b9:be:bd:16:29:40:50:
         c0:df:fe:9a:62:07:5a:00:82:8f:bb:e3:42:7f:dc:9a:2e:bf:
         c4:01:6d:74:22:2f:79:1c:ab:03:c7:e1:8b:73:9e:b8:21:f0:
         1d:86:e1:2b:ae:62:30:c7:be:72:63:ef:fb:84:56:ae:75:52:
         b8:b2:a3:b4:98:2b:fb:aa:ca:da:af:2f:9e:ac:00:2a:af:ce:
         41:f4:8c:f8:a3:74:b8:e7:1b:77:d0:f5:c7:0c:41:2a:69:56:
         01:6e:1a:14:9b:0e:78:75:9c:8e:a4:fb:36:83:dc:58:df:df:
         a7:d2:55:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xw0y7HWyf1ekiqQUgAoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjYwMTAxMDQxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDlhNTczZTUxN2ZiZDFjOGU4MTdlZTM0MGE4MjEyZjBmMjk0MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF1J/EIzXsjp+C54qx418h83VppT
OigXus5HnnkKvVMYa5sCcYbT0ate4A9GyYjbDJ2E0G+5MqajEpwToB9fNnG7044H
MVxQ0hVdJRn7KLppcNcvr7L6v/UmBtQShu9snBOYVD7pen+sl+Q8j9vBNcwyv4gf
akNNub42zQqChgbPox/CRx/mLz68ze3EIoEP4bXtMFlQ0H+xituM4TzOOxm2UP/I
MrNjxLFM/JV0hYcVsj/Oj7kaJ3CszJ/yrFOWWPzyr9uofl3VutiQsjhGkO0pOK1P
KGGlA61C8APdRk/DCV1sgqIxaVLQk53Pq3TleCMNtoBH0GHuSzPaUEXU9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSaVz5Rf70cjoF+40CoIS8PKUFEMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvZEpwWFBsRl92UnlPZ1g3alFLZ2hMdzhwUVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWtDMA0G
CSqGSIb3DQEBCwUAA4IBAQBYw+dW5KOSqLnm4MHvZVnN5iwXgxqhs/HSkWPh8l1K
MYh12skDTTVqOBTveeACBnDUzKLrH+AXSpmLB/22hpdDZwmT/pzjht1X271zdZVu
SxJiI759SxIVq3LXPM8r5J7gsEOJbcK4Bc4gQQk17b/gEpMNu4zs5tfX4UDWhMri
Ak2ox3CgMTNS57m+vRYpQFDA3/6aYgdaAIKPu+NCf9yaLr/EAW10Ii95HKsDx+GL
c564IfAdhuErrmIwx75yY+/7hFaudVK4sqO0mCv7qsrary+erAAqr85B9Iz4o3S4
5xt30PXHDEEqaVYBbhoUmw54dZyOpPs2g9xY39+n0lV9
-----END CERTIFICATE-----