This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/41PdyGaqWfuZrGCiI7A6Pe8er08.roa
File:                     41PdyGaqWfuZrGCiI7A6Pe8er08.roa (raw, json)
Hash identifier:          fqabz9d9YrXMSNvuc4clJBMP1zUaniqoWE3YHtZWSoc=
Subject key identifier:   E3:53:DD:C8:66:AA:59:FB:99:AC:60:A2:23:B0:3A:3D:EF:1E:AF:4F
Certificate issuer:       /CN=fdd9422de96203e5d873e0995591a3a690dd3d92
Certificate serial:       019B7D5C4BF22627BD1A47AC77DAD14F3FE3
Authority key identifier: FD:D9:42:2D:E9:62:03:E5:D8:73:E0:99:55:91:A3:A6:90:DD:3D:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_dlCLeliA-XYc-CZVZGjppDdPZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/41PdyGaqWfuZrGCiI7A6Pe8er08.roa
Signing time:             Fri 02 Jan 2026 06:19:19 +0000
ROA not before:           Fri 02 Jan 2026 06:19:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208919
IP address blocks:        77.83.67.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/_dlCLeliA-XYc-CZVZGjppDdPZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/_dlCLeliA-XYc-CZVZGjppDdPZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_dlCLeliA-XYc-CZVZGjppDdPZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 03:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5c:4b:f2:26:27:bd:1a:47:ac:77:da:d1:4f:3f:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdd9422de96203e5d873e0995591a3a690dd3d92
        Validity
            Not Before: Jan  2 06:19:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e353ddc866aa59fb99ac60a223b03a3def1eaf4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:dc:60:ae:7a:4c:2c:84:3c:7d:bd:6d:be:85:
                    72:63:9c:11:75:12:39:a2:fb:a6:d2:b2:e7:4e:88:
                    12:cc:52:53:bc:5f:32:3e:ef:2f:06:9b:5f:21:b3:
                    32:51:15:51:c5:aa:ae:27:7a:84:da:3b:46:b6:8b:
                    17:fd:f4:3f:79:d8:73:f3:71:95:94:97:4d:70:ac:
                    f4:af:57:97:86:34:c9:ff:a3:52:b7:ae:ca:30:eb:
                    c4:ba:70:d0:66:98:0e:75:f1:d0:de:57:20:7c:27:
                    34:bc:91:89:29:77:9f:19:a6:f7:69:45:62:c9:d5:
                    a5:88:fa:90:0e:a8:1d:ad:21:b8:05:b1:87:0c:41:
                    f7:9d:97:dc:de:93:a5:6c:92:8f:cc:d2:5d:4e:77:
                    65:6d:e1:9b:90:d0:6c:d3:69:cf:48:9e:3d:a2:f5:
                    d5:b6:77:10:d7:43:6a:68:d2:b2:7d:17:8c:2c:c3:
                    12:76:ac:3c:f5:ba:ee:2e:90:05:3d:32:2d:ca:6b:
                    ef:a1:01:a7:8b:fb:89:ee:ba:77:40:b3:f1:22:6a:
                    62:39:7f:55:45:16:bd:ff:db:1d:6c:cf:4a:fe:09:
                    e4:75:67:05:cf:34:0e:4b:ff:20:37:e3:41:81:9b:
                    b8:a5:a2:09:80:b0:bf:87:a6:fd:cc:5e:2f:a7:3d:
                    e9:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:53:DD:C8:66:AA:59:FB:99:AC:60:A2:23:B0:3A:3D:EF:1E:AF:4F
            X509v3 Authority Key Identifier:
                keyid:FD:D9:42:2D:E9:62:03:E5:D8:73:E0:99:55:91:A3:A6:90:DD:3D:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dlCLeliA-XYc-CZVZGjppDdPZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/41PdyGaqWfuZrGCiI7A6Pe8er08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/acf2e6-c8dd-48c4-8389-a18550a69f66/1/_dlCLeliA-XYc-CZVZGjppDdPZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:d0:85:2c:15:c1:ba:22:eb:84:73:21:27:a0:48:97:aa:2b:
         30:fa:cb:ab:39:ca:51:42:1f:47:2a:9a:4e:9a:70:42:ba:f6:
         7f:1a:8e:0e:1f:d7:c3:68:33:3f:cf:84:04:ef:c8:d6:a7:3a:
         16:cc:1a:a4:43:c1:99:70:3e:44:49:c1:95:35:db:8b:7d:77:
         9c:b5:df:ec:b7:e4:c8:be:1f:32:b1:63:a3:bd:89:bc:bc:77:
         c1:06:6d:4c:8c:8f:e0:fa:9b:a0:f5:d6:bf:8e:0f:af:7a:ac:
         85:27:0b:fc:8c:e5:d1:21:01:4c:39:c7:47:b6:df:8b:1a:d9:
         c3:59:37:14:76:0b:1e:43:9e:02:21:41:00:8c:1d:db:da:74:
         57:61:43:ae:3b:48:39:4d:5b:ed:00:b1:5b:09:5c:07:99:ea:
         39:09:93:d1:b6:2b:1f:07:e4:4b:85:ff:88:a5:2e:e6:e1:47:
         e5:b2:95:e8:1a:ae:73:76:6f:98:ca:92:b3:6e:db:56:62:32:
         26:2c:3d:2a:28:a4:af:fd:0f:da:58:36:4a:d5:e6:b4:23:39:
         44:e4:f1:f5:a4:af:40:1b:f2:ff:ba:07:e5:9d:47:12:fa:4c:
         e8:43:5c:e0:61:03:22:e7:97:b0:c3:05:e6:da:e1:50:a7:ed:
         68:3d:b9:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9XEvyJie9Gkesd9rRTz/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDk0MjJkZTk2MjAzZTVkODczZTA5OTU1OTFhM2E2OTBk
ZDNkOTIwHhcNMjYwMTAyMDYxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUzZGRjODY2YWE1OWZiOTlhYzYwYTIyM2IwM2EzZGVmMWVhZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtxgrnpMLIQ8fb1tvoVyY5wRdRI5
ovum0rLnTogSzFJTvF8yPu8vBptfIbMyURVRxaquJ3qE2jtGtosX/fQ/edhz83GV
lJdNcKz0r1eXhjTJ/6NSt67KMOvEunDQZpgOdfHQ3lcgfCc0vJGJKXefGab3aUVi
ydWliPqQDqgdrSG4BbGHDEH3nZfc3pOlbJKPzNJdTndlbeGbkNBs02nPSJ49ovXV
tncQ10NqaNKyfReMLMMSdqw89bruLpAFPTItymvvoQGni/uJ7rp3QLPxImpiOX9V
RRa9/9sdbM9K/gnkdWcFzzQOS/8gN+NBgZu4paIJgLC/h6b9zF4vpz3pSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONT3chmqln7maxgoiOwOj3vHq9PMB8GA1UdIwQY
MBaAFP3ZQi3pYgPl2HPgmVWRo6aQ3T2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RsQ0xlbGlBLVhZYy1DWlZaR2pwcERkUFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hY2YyZTYtYzhkZC00OGM0LTgzODkt
YTE4NTUwYTY5ZjY2LzEvNDFQZHlHYXFXZnVackdDaUk3QTZQZThlcjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hY2YyZTYtYzhkZC00OGM0LTgzODktYTE4NTUwYTY5ZjY2
LzEvX2RsQ0xlbGlBLVhZYy1DWlZaR2pwcERkUFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVNDMA0G
CSqGSIb3DQEBCwUAA4IBAQBT0IUsFcG6IuuEcyEnoEiXqisw+surOcpRQh9HKppO
mnBCuvZ/Go4OH9fDaDM/z4QE78jWpzoWzBqkQ8GZcD5EScGVNduLfXectd/st+TI
vh8ysWOjvYm8vHfBBm1MjI/g+pug9da/jg+veqyFJwv8jOXRIQFMOcdHtt+LGtnD
WTcUdgseQ54CIUEAjB3b2nRXYUOuO0g5TVvtALFbCVwHmeo5CZPRtisfB+RLhf+I
pS7m4UflspXoGq5zdm+YypKzbttWYjImLD0qKKSv/Q/aWDZK1ea0IzlE5PH1pK9A
G/L/ugflnUcS+kzoQ1zgYQMi55ewwwXm2uFQp+1oPblr
-----END CERTIFICATE-----