This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/vaG8_QMiq-gvMMwN9ZG02j3YzU4.roa
File:                     vaG8_QMiq-gvMMwN9ZG02j3YzU4.roa (raw, json)
Hash identifier:          F7rxfGZiwjYWNbSFolPcJp4VrNwcoqXEugc+lLx087M=
Subject key identifier:   BD:A1:BC:FD:03:22:AB:E8:2F:30:CC:0D:F5:91:B4:DA:3D:D8:CD:4E
Certificate issuer:       /CN=7368aebc1d4585b9b3612ecc2203454d65a872e3
Certificate serial:       019B77595BD4B4997DDE9F1EF788CD201A02
Authority key identifier: 73:68:AE:BC:1D:45:85:B9:B3:61:2E:CC:22:03:45:4D:65:A8:72:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c2iuvB1FhbmzYS7MIgNFTWWocuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/vaG8_QMiq-gvMMwN9ZG02j3YzU4.roa
Signing time:             Thu 01 Jan 2026 02:18:23 +0000
ROA not before:           Thu 01 Jan 2026 02:18:23 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206195
IP address blocks:        185.193.200.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/c2iuvB1FhbmzYS7MIgNFTWWocuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/c2iuvB1FhbmzYS7MIgNFTWWocuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c2iuvB1FhbmzYS7MIgNFTWWocuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:5b:d4:b4:99:7d:de:9f:1e:f7:88:cd:20:1a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7368aebc1d4585b9b3612ecc2203454d65a872e3
        Validity
            Not Before: Jan  1 02:18:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bda1bcfd0322abe82f30cc0df591b4da3dd8cd4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1b:c4:6c:55:11:34:8a:30:72:1b:fa:7e:11:
                    ca:5f:a2:d0:2f:47:cc:d0:ef:95:54:86:81:70:0f:
                    87:f8:dd:ef:37:9c:33:32:ef:07:b0:b7:fe:54:8c:
                    5b:c9:d4:0e:65:7d:50:3c:de:b2:60:00:20:e2:bd:
                    98:6a:17:09:ac:48:d7:d0:06:fc:9b:04:11:ea:f2:
                    19:92:b0:0d:0f:e5:66:88:27:f5:c3:bc:b9:91:f4:
                    78:af:9b:2b:2b:ed:1b:99:45:c6:33:cd:73:82:08:
                    cd:cc:4c:b7:ab:1e:31:36:16:1e:1f:e7:d1:c3:e8:
                    d9:53:95:d9:13:43:00:79:cf:77:4a:0d:68:eb:49:
                    e8:06:2a:c3:65:b2:e2:2c:fa:8e:fe:5c:35:38:bc:
                    bd:80:7f:e3:f1:b9:fd:1c:ed:cf:5e:ff:d9:b2:bc:
                    f6:ec:9d:4f:4d:7f:3e:db:96:d6:bf:6a:81:01:e5:
                    10:a4:79:1d:da:92:06:10:0a:da:15:08:0b:02:6e:
                    e8:d8:cc:47:46:8c:98:90:c0:6f:93:e1:89:37:5d:
                    c1:47:85:cb:5f:50:d1:42:1b:f7:bb:29:bb:5b:31:
                    6b:f0:75:c6:42:28:07:b7:47:b9:fe:f5:df:fb:04:
                    3f:c3:ad:07:fe:70:47:c4:0c:6d:94:ff:ba:26:4d:
                    e3:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:A1:BC:FD:03:22:AB:E8:2F:30:CC:0D:F5:91:B4:DA:3D:D8:CD:4E
            X509v3 Authority Key Identifier:
                keyid:73:68:AE:BC:1D:45:85:B9:B3:61:2E:CC:22:03:45:4D:65:A8:72:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2iuvB1FhbmzYS7MIgNFTWWocuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/vaG8_QMiq-gvMMwN9ZG02j3YzU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a01ebb-ee18-4fb7-a73b-f5951c7ccbd3/1/c2iuvB1FhbmzYS7MIgNFTWWocuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:ab:48:ab:5d:bd:a5:7b:80:24:a8:ff:bf:a1:ee:5f:fe:d9:
         4b:5d:2e:46:be:54:77:25:5b:0e:65:63:e6:10:88:31:50:85:
         75:1f:b2:ca:2a:e1:e5:03:36:63:f7:7b:0c:16:34:7a:03:30:
         e9:3b:e6:97:83:a4:f0:14:6e:25:b5:96:5b:6f:0c:52:86:f4:
         90:ab:ea:ed:c2:97:fb:29:e1:55:df:39:23:d0:b3:ba:a0:08:
         84:58:cc:89:0a:7d:cf:b4:36:36:55:bb:9c:ac:c5:92:77:64:
         c2:f6:f8:fa:53:83:b5:ba:c6:79:fc:53:75:c3:91:02:d1:3a:
         13:7c:0f:ab:7f:ee:23:81:75:d1:fb:d2:e5:0a:a3:79:84:7e:
         38:64:bc:44:20:89:b1:eb:3a:92:08:58:4b:e6:68:ff:ea:92:
         90:f1:7b:49:66:2f:fb:9a:05:33:bf:01:69:dd:d1:c8:fd:38:
         12:00:8f:c5:2b:7f:c4:7a:9c:15:6f:7d:03:c5:eb:c2:19:4e:
         3d:dc:4d:74:ba:10:04:25:14:3c:aa:10:1d:c1:e0:d8:61:42:
         65:4e:10:92:5d:76:91:eb:54:2f:a6:b9:60:37:2c:4a:50:5a:
         5c:3d:e8:a2:aa:af:21:ab:ec:41:c4:40:a9:e0:c1:a4:0a:e3:
         7c:bb:08:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WVvUtJl93p8e94jNIBoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjhhZWJjMWQ0NTg1YjliMzYxMmVjYzIyMDM0NTRkNjVh
ODcyZTMwHhcNMjYwMTAxMDIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGExYmNmZDAzMjJhYmU4MmYzMGNjMGRmNTkxYjRkYTNkZDhjZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RvEbFURNIowchv6fhHKX6LQL0fM
0O+VVIaBcA+H+N3vN5wzMu8HsLf+VIxbydQOZX1QPN6yYAAg4r2YahcJrEjX0Ab8
mwQR6vIZkrAND+VmiCf1w7y5kfR4r5srK+0bmUXGM81zggjNzEy3qx4xNhYeH+fR
w+jZU5XZE0MAec93Sg1o60noBirDZbLiLPqO/lw1OLy9gH/j8bn9HO3PXv/Zsrz2
7J1PTX8+25bWv2qBAeUQpHkd2pIGEAraFQgLAm7o2MxHRoyYkMBvk+GJN13BR4XL
X1DRQhv3uym7WzFr8HXGQigHt0e5/vXf+wQ/w60H/nBHxAxtlP+6Jk3j/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2hvP0DIqvoLzDMDfWRtNo92M1OMB8GA1UdIwQY
MBaAFHNorrwdRYW5s2EuzCIDRU1lqHLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJpdXZCMUZoYm16WVM3TUlnTkZUV1dvY3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hMDFlYmItZWUxOC00ZmI3LWE3M2It
ZjU5NTFjN2NjYmQzLzEvdmFHOF9RTWlxLWd2TU13TjlaRzAyajNZelU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hMDFlYmItZWUxOC00ZmI3LWE3M2ItZjU5NTFjN2NjYmQz
LzEvYzJpdXZCMUZoYm16WVM3TUlnTkZUV1dvY3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucHIMA0G
CSqGSIb3DQEBCwUAA4IBAQADq0irXb2le4AkqP+/oe5f/tlLXS5GvlR3JVsOZWPm
EIgxUIV1H7LKKuHlAzZj93sMFjR6AzDpO+aXg6TwFG4ltZZbbwxShvSQq+rtwpf7
KeFV3zkj0LO6oAiEWMyJCn3PtDY2VbucrMWSd2TC9vj6U4O1usZ5/FN1w5EC0ToT
fA+rf+4jgXXR+9LlCqN5hH44ZLxEIImx6zqSCFhL5mj/6pKQ8XtJZi/7mgUzvwFp
3dHI/TgSAI/FK3/EepwVb30DxevCGU493E10uhAEJRQ8qhAdweDYYUJlThCSXXaR
61QvprlgNyxKUFpcPeiiqq8hq+xBxECp4MGkCuN8uwgs
-----END CERTIFICATE-----