This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/ryBPgXvA-kuwL8ute7lp1pTeuxA.roa
File:                     ryBPgXvA-kuwL8ute7lp1pTeuxA.roa (raw, json)
Hash identifier:          aMotHhiy0ZyL5y70ElZdApnRGo5oHKFlodbC24Zl6LA=
Subject key identifier:   AF:20:4F:81:7B:C0:FA:4B:B0:2F:CB:AD:7B:B9:69:D6:94:DE:BB:10
Certificate issuer:       /CN=76d44d97653a06d846b2443535b83e8cbc39d928
Certificate serial:       019B7C80615227024D470DB8C7279889D5B3
Authority key identifier: 76:D4:4D:97:65:3A:06:D8:46:B2:44:35:35:B8:3E:8C:BC:39:D9:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtRNl2U6BthGskQ1Nbg-jLw52Sg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/ryBPgXvA-kuwL8ute7lp1pTeuxA.roa
Signing time:             Fri 02 Jan 2026 02:19:06 +0000
ROA not before:           Fri 02 Jan 2026 02:19:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     14618
IP address blocks:        194.15.209.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/dtRNl2U6BthGskQ1Nbg-jLw52Sg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/dtRNl2U6BthGskQ1Nbg-jLw52Sg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtRNl2U6BthGskQ1Nbg-jLw52Sg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 Jan 2026 15:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:61:52:27:02:4d:47:0d:b8:c7:27:98:89:d5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d44d97653a06d846b2443535b83e8cbc39d928
        Validity
            Not Before: Jan  2 02:19:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=af204f817bc0fa4bb02fcbad7bb969d694debb10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:15:85:54:e4:53:bf:8c:e1:9d:28:78:15:3d:
                    a8:09:e1:e4:82:a4:35:d0:c5:7a:5e:75:a1:bf:85:
                    54:1d:ad:64:47:eb:8c:0b:84:ce:15:c5:96:d2:b3:
                    16:dd:4c:1e:c2:a4:99:cb:b5:db:2a:60:e6:1a:4c:
                    8e:91:cf:ea:07:83:e3:c4:4c:ca:97:6f:57:fd:45:
                    55:e5:87:0a:39:02:a0:ad:8f:b6:a1:be:2c:3b:06:
                    68:82:ed:61:2b:99:fc:0d:16:8d:ee:ea:ec:ad:11:
                    13:21:35:f4:3d:97:c5:2b:d4:43:cf:bf:66:82:08:
                    1d:87:1d:fd:d4:ad:2e:c6:7a:42:5c:01:33:39:65:
                    18:6c:43:79:3c:65:7c:89:e4:ae:60:58:b2:7e:c5:
                    c0:7b:06:d2:b4:e2:b0:52:af:7c:35:4d:ef:b3:46:
                    6c:ff:5a:2a:94:0f:1b:e8:4a:a5:31:56:7c:12:92:
                    c7:b4:e0:6d:01:50:2f:8a:82:0a:e2:8e:4e:46:a4:
                    34:36:af:e2:a4:19:0c:1f:1f:5b:75:b3:8e:69:c2:
                    61:86:74:35:b3:45:67:36:c3:68:ae:c7:f9:68:71:
                    bb:b2:53:36:7e:df:d4:1c:d4:9a:61:cb:68:8b:93:
                    97:3d:27:37:87:3f:b5:df:65:7e:cc:2e:39:42:ec:
                    7a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:20:4F:81:7B:C0:FA:4B:B0:2F:CB:AD:7B:B9:69:D6:94:DE:BB:10
            X509v3 Authority Key Identifier:
                keyid:76:D4:4D:97:65:3A:06:D8:46:B2:44:35:35:B8:3E:8C:BC:39:D9:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtRNl2U6BthGskQ1Nbg-jLw52Sg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/ryBPgXvA-kuwL8ute7lp1pTeuxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/6a3069-ad3c-4388-b1e8-0c27adb75cdf/1/dtRNl2U6BthGskQ1Nbg-jLw52Sg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:da:1c:b2:a8:35:2e:05:5e:d3:99:97:d0:57:92:1a:dd:ac:
         5f:69:9f:6e:b4:fb:78:e0:f1:17:d2:21:f7:78:78:75:30:db:
         70:32:d5:58:dd:4a:22:47:f6:50:9f:ca:85:5e:ce:e9:58:5e:
         33:26:65:16:a8:6f:64:c3:ec:a1:88:fc:3f:f4:d4:8f:27:0e:
         17:6e:18:a3:00:45:ad:83:68:e4:1f:a6:af:a8:85:cd:ac:6c:
         79:14:b1:cd:34:22:f0:bf:20:63:54:69:86:1b:2a:79:11:84:
         0d:20:c1:c4:6c:9c:a5:2d:98:a7:a5:90:fe:be:c1:61:74:45:
         16:07:74:0f:30:df:aa:b7:81:46:7f:fc:91:ce:77:6a:88:58:
         57:d1:c0:b5:56:2e:d8:3b:12:b5:b9:d8:23:9b:29:7a:29:74:
         fd:be:eb:b5:32:31:db:f6:10:16:70:15:16:bd:d6:f8:77:4b:
         d4:e9:61:76:54:a9:df:c2:46:b8:51:1f:5a:c2:33:8f:bb:37:
         9c:dc:d4:de:c5:b2:93:63:03:16:7f:fb:b3:14:9c:72:39:f8:
         fe:f0:35:4e:bd:85:b8:3d:8c:5a:a2:ce:4c:f1:44:a5:c6:f2:
         4c:80:94:23:ee:38:43:85:e4:10:5d:b3:18:87:b7:44:6e:6b:
         7e:f4:4f:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gGFSJwJNRw24xyeYidWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQ0ZDk3NjUzYTA2ZDg0NmIyNDQzNTM1YjgzZThjYmMz
OWQ5MjgwHhcNMjYwMTAyMDIxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIwNGY4MTdiYzBmYTRiYjAyZmNiYWQ3YmI5NjlkNjk0ZGViYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphWFVORTv4zhnSh4FT2oCeHkgqQ1
0MV6XnWhv4VUHa1kR+uMC4TOFcWW0rMW3UwewqSZy7XbKmDmGkyOkc/qB4PjxEzK
l29X/UVV5YcKOQKgrY+2ob4sOwZogu1hK5n8DRaN7ursrRETITX0PZfFK9RDz79m
gggdhx391K0uxnpCXAEzOWUYbEN5PGV8ieSuYFiyfsXAewbStOKwUq98NU3vs0Zs
/1oqlA8b6EqlMVZ8EpLHtOBtAVAvioIK4o5ORqQ0Nq/ipBkMHx9bdbOOacJhhnQ1
s0VnNsNorsf5aHG7slM2ft/UHNSaYctoi5OXPSc3hz+132V+zC45Qux6ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8gT4F7wPpLsC/LrXu5adaU3rsQMB8GA1UdIwQY
MBaAFHbUTZdlOgbYRrJENTW4Poy8OdkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRSTmwyVTZCdGhHc2tRMU5iZy1qTHc1MlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi82YTMwNjktYWQzYy00Mzg4LWIxZTgt
MGMyN2FkYjc1Y2RmLzEvcnlCUGdYdkEta3V3TDh1dGU3bHAxcFRldXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi82YTMwNjktYWQzYy00Mzg4LWIxZTgtMGMyN2FkYjc1Y2Rm
LzEvZHRSTmwyVTZCdGhHc2tRMU5iZy1qTHc1MlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg/RMA0G
CSqGSIb3DQEBCwUAA4IBAQAz2hyyqDUuBV7TmZfQV5Ia3axfaZ9utPt44PEX0iH3
eHh1MNtwMtVY3UoiR/ZQn8qFXs7pWF4zJmUWqG9kw+yhiPw/9NSPJw4XbhijAEWt
g2jkH6avqIXNrGx5FLHNNCLwvyBjVGmGGyp5EYQNIMHEbJylLZinpZD+vsFhdEUW
B3QPMN+qt4FGf/yRzndqiFhX0cC1Vi7YOxK1udgjmyl6KXT9vuu1MjHb9hAWcBUW
vdb4d0vU6WF2VKnfwka4UR9awjOPuzec3NTexbKTYwMWf/uzFJxyOfj+8DVOvYW4
PYxaos5M8USlxvJMgJQj7jhDheQQXbMYh7dEbmt+9E9V
-----END CERTIFICATE-----