This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/pYQ5IyUbzq5qvpxuz6__bErWTAk.roa
File:                     pYQ5IyUbzq5qvpxuz6__bErWTAk.roa (raw, json)
Hash identifier:          EPZHqA+xkmohjRcec6HU5g8Eeu99YhgqZrcWYKO20oU=
Subject key identifier:   A5:84:39:23:25:1B:CE:AE:6A:BE:9C:6E:CF:AF:FF:6C:4A:D6:4C:09
Certificate issuer:       /CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Certificate serial:       019B7AC8A55FDE0D58C2D6290571EAFBD735
Authority key identifier: E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/pYQ5IyUbzq5qvpxuz6__bErWTAk.roa
Signing time:             Thu 01 Jan 2026 18:18:48 +0000
ROA not before:           Thu 01 Jan 2026 18:18:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42489
IP address blocks:        77.52.28.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 10:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:a5:5f:de:0d:58:c2:d6:29:05:71:ea:fb:d7:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
        Validity
            Not Before: Jan  1 18:18:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a5843923251bceae6abe9c6ecfafff6c4ad64c09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d5:c9:07:62:3b:13:ff:5a:95:b7:50:cb:25:
                    24:11:22:4d:c6:08:62:e9:48:6c:a5:a3:f3:a7:48:
                    2d:3e:b0:8c:cc:d3:20:fc:08:5a:f4:1d:e2:13:80:
                    d5:19:f3:cf:a5:dc:92:37:61:33:2a:6b:e7:95:ea:
                    52:57:51:f4:2e:e9:18:97:03:0f:99:ae:49:d0:d4:
                    52:bc:aa:2c:29:4e:fa:53:b0:8a:15:b7:b7:81:1c:
                    4c:98:37:1c:2c:c3:25:72:f6:d8:ca:a0:c0:95:32:
                    84:5f:b3:d8:67:07:f8:69:0e:90:bf:58:ef:04:ef:
                    3c:a6:f5:ed:11:a8:5f:98:19:85:6f:84:22:d3:d7:
                    6d:88:99:2e:3f:b5:04:6f:d4:7d:96:c7:ca:44:d6:
                    b9:b8:42:e6:db:17:ea:d6:3c:3b:c7:fc:81:1d:e8:
                    8f:b8:20:dc:b2:a6:94:32:40:b8:26:20:18:59:d4:
                    b9:5d:fb:c7:c6:57:8b:d3:c7:2b:f1:4a:22:41:93:
                    65:56:b5:b3:6e:df:9f:5b:a5:01:62:d6:2b:01:ab:
                    ab:53:a8:ae:d8:ca:5a:85:3e:b1:59:a1:51:67:c7:
                    82:c6:65:45:4f:68:f7:d1:f5:20:5f:ac:22:e0:89:
                    ec:98:17:27:1d:0a:53:29:72:4f:ce:53:a6:a2:89:
                    6c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:84:39:23:25:1B:CE:AE:6A:BE:9C:6E:CF:AF:FF:6C:4A:D6:4C:09
            X509v3 Authority Key Identifier:
                keyid:E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/pYQ5IyUbzq5qvpxuz6__bErWTAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.52.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:af:81:50:83:b7:06:48:13:bc:71:e1:62:9e:df:b3:0b:0d:
         e5:a1:fb:5f:62:03:59:21:51:51:29:c8:57:f9:60:67:ba:16:
         4e:2d:d6:8e:8a:1e:0a:c5:68:52:1b:7c:96:01:e7:4a:39:24:
         28:94:8b:1b:05:73:d8:5a:f3:b9:1e:b3:75:0f:a2:3d:08:ea:
         0b:9f:19:a2:61:43:76:22:e4:a5:34:06:f0:bc:c0:66:42:4a:
         72:47:8b:88:e4:56:1b:f6:ec:82:4d:0e:d0:01:05:2d:3b:44:
         9a:6e:54:29:e6:7f:76:04:fe:21:a6:06:e7:6a:42:8e:b6:23:
         c3:76:be:23:d1:8c:d6:32:d7:eb:50:34:e1:bf:df:07:5b:23:
         19:f7:36:58:a6:9e:be:d8:e0:db:5c:21:c1:76:4a:bb:e9:56:
         32:7b:59:53:d5:71:bf:3e:96:ee:18:e8:fe:fa:d9:67:4d:b4:
         d5:a1:7f:e8:93:53:45:f3:fc:f5:c0:25:78:d4:40:c0:e3:84:
         f2:ca:b9:04:92:7c:e1:7c:57:d5:04:ac:b1:15:af:89:78:20:
         84:18:87:84:5e:3f:6a:73:c5:07:fe:a6:2b:c2:d9:77:11:5d:
         36:23:e3:eb:8c:72:e8:8c:6d:51:07:33:f2:51:14:b5:89:62:
         31:c1:bb:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yKVf3g1YwtYpBXHq+9c1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxY2FkYzhhNDIxYzFmMjJmMWUyOTA0Y2NmZGJiY2VjNWRi
ZTFiMTEwHhcNMjYwMTAxMTgxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg0MzkyMzI1MWJjZWFlNmFiZTljNmVjZmFmZmY2YzRhZDY0YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodXJB2I7E/9albdQyyUkESJNxghi
6UhspaPzp0gtPrCMzNMg/Aha9B3iE4DVGfPPpdySN2EzKmvnlepSV1H0LukYlwMP
ma5J0NRSvKosKU76U7CKFbe3gRxMmDccLMMlcvbYyqDAlTKEX7PYZwf4aQ6Qv1jv
BO88pvXtEahfmBmFb4Qi09dtiJkuP7UEb9R9lsfKRNa5uELm2xfq1jw7x/yBHeiP
uCDcsqaUMkC4JiAYWdS5XfvHxleL08cr8UoiQZNlVrWzbt+fW6UBYtYrAaurU6iu
2MpahT6xWaFRZ8eCxmVFT2j30fUgX6wi4InsmBcnHQpTKXJPzlOmools6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWEOSMlG86uar6cbs+v/2xK1kwJMB8GA1UdIwQY
MBaAFOHK3IpCHB8i8eKQTM/bvOxdvhsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQt
NzQyZGMwYzk3MGMwLzEvcFlRNUl5VWJ6cTVxdnB4dXo2X19iRXJXVEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQtNzQyZGMwYzk3MGMw
LzEvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATTQcMA0G
CSqGSIb3DQEBCwUAA4IBAQBir4FQg7cGSBO8ceFint+zCw3loftfYgNZIVFRKchX
+WBnuhZOLdaOih4KxWhSG3yWAedKOSQolIsbBXPYWvO5HrN1D6I9COoLnxmiYUN2
IuSlNAbwvMBmQkpyR4uI5FYb9uyCTQ7QAQUtO0SablQp5n92BP4hpgbnakKOtiPD
dr4j0YzWMtfrUDThv98HWyMZ9zZYpp6+2ODbXCHBdkq76VYye1lT1XG/PpbuGOj+
+tlnTbTVoX/ok1NF8/z1wCV41EDA44TyyrkEknzhfFfVBKyxFa+JeCCEGIeEXj9q
c8UH/qYrwtl3EV02I+PrjHLojG1RBzPyURS1iWIxwbsb
-----END CERTIFICATE-----