This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1tkiNkxd62R0u2X9jk2rAzugCjI.roa
File:                     1tkiNkxd62R0u2X9jk2rAzugCjI.roa (raw, json)
Hash identifier:          35MBAKdMSjQt4V/ExTDMzIPmh6H7NrLFCco5D/eUDz0=
Subject key identifier:   D6:D9:22:36:4C:5D:EB:64:74:BB:65:FD:8E:4D:AB:03:3B:A0:0A:32
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C139CB5B87EBD9C5E28B1A60F7E9537
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1tkiNkxd62R0u2X9jk2rAzugCjI.roa
Signing time:             Fri 02 Jan 2026 00:20:18 +0000
ROA not before:           Fri 02 Jan 2026 00:20:18 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214208
IP address blocks:        185.226.104.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:9c:b5:b8:7e:bd:9c:5e:28:b1:a6:0f:7e:95:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:18 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d6d922364c5deb6474bb65fd8e4dab033ba00a32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c9:ca:bb:fa:f6:62:4c:d3:60:4a:bc:8d:94:
                    ed:20:13:bb:cb:31:be:bb:12:c9:cd:ce:87:36:f6:
                    51:10:27:3c:ad:0e:d0:22:90:5e:fa:8b:a8:8b:29:
                    4d:58:b1:f3:fc:e1:f4:3f:09:02:23:0f:60:39:de:
                    41:68:72:ba:cf:11:d8:12:ba:b8:5c:f6:95:92:9d:
                    b8:af:fe:61:ae:f9:f0:5f:ad:ec:06:63:1c:06:47:
                    0b:03:22:e4:a0:7c:96:49:98:85:2d:87:83:d7:28:
                    96:93:d6:d3:c9:e2:d5:a1:12:18:87:52:7e:c3:63:
                    93:75:4e:b2:fe:93:66:e2:1a:4f:c6:0d:b6:c0:9a:
                    86:13:60:bc:9d:fe:cd:97:e1:70:97:e5:e1:d9:b8:
                    68:2b:03:43:46:a0:fc:11:8c:3c:0f:5f:75:28:bf:
                    dc:a2:50:ee:e3:f8:d8:46:ab:39:9b:d8:21:70:45:
                    80:9c:be:0b:d0:fb:50:6c:2a:4c:8f:f8:73:4b:dd:
                    81:5f:5b:b6:46:16:0f:fe:b2:68:20:fe:a2:1a:84:
                    4e:57:91:54:5e:2c:1b:93:fd:16:6e:3a:3e:1c:b1:
                    4b:f9:77:2d:bb:c6:fa:94:83:e1:95:b8:9d:1d:5f:
                    68:91:bd:e1:29:cc:c6:2c:53:a7:10:6b:2b:f0:bd:
                    87:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D9:22:36:4C:5D:EB:64:74:BB:65:FD:8E:4D:AB:03:3B:A0:0A:32
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1tkiNkxd62R0u2X9jk2rAzugCjI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:37:bc:90:84:b9:87:35:ac:2e:33:aa:dc:59:93:84:53:50:
         23:91:b4:2a:b9:ac:f8:2f:b4:56:4e:61:6e:1a:27:04:2c:da:
         a2:51:2d:71:2d:91:7c:cb:a3:58:a3:e4:2d:c0:72:1c:ca:43:
         f4:61:d0:29:a9:f7:29:22:36:c2:b5:b1:99:b7:8c:3b:ca:a4:
         7d:4e:66:0e:a0:86:a1:d0:8c:c0:ee:53:dc:5c:eb:a3:83:6b:
         79:eb:39:fd:0a:c3:d3:82:4e:18:9e:aa:49:92:d6:33:f8:5d:
         e8:32:ef:0e:bd:e7:ce:c0:0c:ea:f8:02:27:3d:f7:21:93:3c:
         c7:ab:79:e8:46:8b:bf:6b:c4:db:64:69:0c:bc:e1:b7:a7:22:
         1f:41:31:78:be:a6:d1:1a:f6:29:a4:cf:41:6e:ec:c5:a0:f9:
         53:3b:c7:f3:55:1d:d2:bc:a6:95:dc:8e:24:b6:7d:b2:36:5a:
         e7:cc:a4:e2:1b:f6:6e:95:df:19:15:42:41:a5:f8:0d:86:ee:
         79:f4:37:09:09:d3:e6:7a:e3:0a:b9:54:47:d7:11:23:98:a5:
         09:e2:e7:53:54:2a:d4:d7:e3:fc:f2:99:d1:d5:0c:9c:78:fd:
         f7:56:32:80:7c:9a:57:e9:02:cb:fa:6b:62:2e:15:36:a6:b5:
         e2:57:53:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E5y1uH69nF4osaYPfpU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ5MjIzNjRjNWRlYjY0NzRiYjY1ZmQ4ZTRkYWIwMzNiYTAwYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MnKu/r2YkzTYEq8jZTtIBO7yzG+
uxLJzc6HNvZRECc8rQ7QIpBe+ouoiylNWLHz/OH0PwkCIw9gOd5BaHK6zxHYErq4
XPaVkp24r/5hrvnwX63sBmMcBkcLAyLkoHyWSZiFLYeD1yiWk9bTyeLVoRIYh1J+
w2OTdU6y/pNm4hpPxg22wJqGE2C8nf7Nl+Fwl+Xh2bhoKwNDRqD8EYw8D191KL/c
olDu4/jYRqs5m9ghcEWAnL4L0PtQbCpMj/hzS92BX1u2RhYP/rJoIP6iGoROV5FU
Xiwbk/0Wbjo+HLFL+Xctu8b6lIPhlbidHV9okb3hKczGLFOnEGsr8L2H9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbZIjZMXetkdLtl/Y5NqwM7oAoyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMXRraU5reGQ2MlIwdTJYOWprMnJBenVnQ2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueJoMA0G
CSqGSIb3DQEBCwUAA4IBAQC0N7yQhLmHNawuM6rcWZOEU1AjkbQquaz4L7RWTmFu
GicELNqiUS1xLZF8y6NYo+QtwHIcykP0YdApqfcpIjbCtbGZt4w7yqR9TmYOoIah
0IzA7lPcXOujg2t56zn9CsPTgk4YnqpJktYz+F3oMu8OvefOwAzq+AInPfchkzzH
q3noRou/a8TbZGkMvOG3pyIfQTF4vqbRGvYppM9BbuzFoPlTO8fzVR3SvKaV3I4k
tn2yNlrnzKTiG/Zuld8ZFUJBpfgNhu559DcJCdPmeuMKuVRH1xEjmKUJ4udTVCrU
1+P88pnR1QyceP33VjKAfJpX6QLL+mtiLhU2prXiV1Pc
-----END CERTIFICATE-----