This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/OmrRoGggymDlnc89Ya0mLOIfoyE.roa
File:                     OmrRoGggymDlnc89Ya0mLOIfoyE.roa (raw, json)
Hash identifier:          g/n9+s+a/cLXq4I8J0l8EsiSF1ZzZTPKl/O4z5ihbv0=
Subject key identifier:   3A:6A:D1:A0:68:20:CA:60:E5:9D:CF:3D:61:AD:26:2C:E2:1F:A3:21
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       019B7BA49F2B385B615D440486D95D33C2CA
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/OmrRoGggymDlnc89Ya0mLOIfoyE.roa
Signing time:             Thu 01 Jan 2026 22:19:04 +0000
ROA not before:           Thu 01 Jan 2026 22:19:04 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200088
IP address blocks:        185.159.84.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:9f:2b:38:5b:61:5d:44:04:86:d9:5d:33:c2:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: Jan  1 22:19:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3a6ad1a06820ca60e59dcf3d61ad262ce21fa321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ef:1b:8b:66:ae:f1:f2:e0:fb:a6:5b:1d:94:
                    a7:62:ad:29:be:f4:bf:59:19:81:77:2b:5b:fc:87:
                    d9:a3:50:68:68:0b:e7:b8:76:00:e4:4e:33:64:0c:
                    a8:52:57:a9:52:d8:6f:c9:6b:a1:a2:d7:f7:a4:87:
                    b6:21:74:45:d1:f9:f0:84:07:6b:a2:36:4b:2d:e1:
                    36:b0:1d:4d:0c:af:1c:ee:3c:9b:19:88:0e:1d:96:
                    a3:a6:08:a1:59:68:23:8b:ce:31:37:fc:23:de:5a:
                    35:7a:25:90:a2:4a:e4:ae:71:85:36:62:8f:13:99:
                    90:a4:50:fb:49:52:90:61:82:38:a5:4a:bc:a2:43:
                    77:eb:a1:f7:eb:c1:ed:c2:cc:33:9e:ea:9b:6a:b8:
                    2e:95:4c:68:41:57:2e:4d:c8:e8:19:19:2c:e8:74:
                    08:c8:8f:9d:e6:fb:d8:4a:af:09:9f:0d:a9:75:1f:
                    89:0d:59:a4:63:75:5e:31:a8:c5:00:ca:e6:e5:fa:
                    f0:2c:33:ad:84:6a:af:d4:c2:10:87:26:7d:08:d7:
                    3b:d2:7c:28:08:41:d2:0b:f8:96:c7:96:6f:e4:c4:
                    de:1b:e8:ec:81:ca:38:0a:36:d8:89:02:67:38:dc:
                    58:e6:09:ad:8b:d9:1d:49:0b:2e:76:03:c1:f5:a8:
                    11:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6A:D1:A0:68:20:CA:60:E5:9D:CF:3D:61:AD:26:2C:E2:1F:A3:21
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/OmrRoGggymDlnc89Ya0mLOIfoyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:5e:bc:a0:3f:6f:10:b5:b1:0e:1d:ec:4d:8c:20:fd:5f:fb:
         66:67:e8:23:bf:dc:ab:7e:22:b6:e0:98:e1:09:7b:e7:1d:a4:
         35:8e:30:6d:8a:09:c8:d7:89:1f:d4:88:a2:d0:1b:b1:a4:0c:
         30:7c:18:ab:5e:74:38:7a:a5:97:aa:37:e9:9f:7b:7b:e2:3c:
         67:2f:7d:be:9e:97:81:1e:3a:1c:52:c4:65:be:f7:a4:9d:ee:
         45:b3:12:29:54:86:93:82:dc:47:36:f3:e4:6f:66:fa:75:5d:
         01:3c:f9:d0:42:ac:89:c7:28:c4:a7:49:2d:46:30:5d:c5:6d:
         b8:5f:6e:33:8b:69:ed:cd:44:28:37:2a:2a:03:24:96:82:a5:
         47:8b:15:55:e7:aa:db:c0:f4:75:22:d4:15:3b:ec:83:a3:5e:
         37:df:e0:c2:5e:11:18:fd:36:3c:8c:ad:2d:a6:cf:f3:60:91:
         7f:2d:08:1a:89:41:e6:58:f7:eb:66:a0:f2:57:69:2c:47:df:
         1e:1e:e8:eb:a5:8f:81:82:38:2e:03:82:93:a9:21:88:e2:5e:
         3f:c8:aa:fe:3c:1c:bb:9a:40:22:82:3c:1f:e2:75:45:2d:8e:
         e6:ff:c1:22:f6:62:24:1e:9a:bd:ea:b7:a0:8c:24:68:2f:f0:
         e6:19:e1:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pJ8rOFthXUQEhtldM8LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjYwMTAxMjIxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZhZDFhMDY4MjBjYTYwZTU5ZGNmM2Q2MWFkMjYyY2UyMWZhMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO8bi2au8fLg+6ZbHZSnYq0pvvS/
WRmBdytb/IfZo1BoaAvnuHYA5E4zZAyoUlepUthvyWuhotf3pIe2IXRF0fnwhAdr
ojZLLeE2sB1NDK8c7jybGYgOHZajpgihWWgji84xN/wj3lo1eiWQokrkrnGFNmKP
E5mQpFD7SVKQYYI4pUq8okN366H368HtwswznuqbargulUxoQVcuTcjoGRks6HQI
yI+d5vvYSq8Jnw2pdR+JDVmkY3VeMajFAMrm5frwLDOthGqv1MIQhyZ9CNc70nwo
CEHSC/iWx5Zv5MTeG+jsgco4CjbYiQJnONxY5gmti9kdSQsudgPB9agRpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpq0aBoIMpg5Z3PPWGtJiziH6MhMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvT21yUm9HZ2d5bURsbmM4OVlhMG1MT0lmb3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9UMA0G
CSqGSIb3DQEBCwUAA4IBAQANXrygP28QtbEOHexNjCD9X/tmZ+gjv9yrfiK24Jjh
CXvnHaQ1jjBtignI14kf1Iii0BuxpAwwfBirXnQ4eqWXqjfpn3t74jxnL32+npeB
HjocUsRlvvekne5FsxIpVIaTgtxHNvPkb2b6dV0BPPnQQqyJxyjEp0ktRjBdxW24
X24zi2ntzUQoNyoqAySWgqVHixVV56rbwPR1ItQVO+yDo1433+DCXhEY/TY8jK0t
ps/zYJF/LQgaiUHmWPfrZqDyV2ksR98eHujrpY+BgjguA4KTqSGI4l4/yKr+PBy7
mkAigjwf4nVFLY7m/8Ei9mIkHpq96regjCRoL/DmGeFK
-----END CERTIFICATE-----