This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EXXfSKcwPuyh6cdZb1BgY2hr5jM.roa
File:                     EXXfSKcwPuyh6cdZb1BgY2hr5jM.roa (raw, json)
Hash identifier:          jaNZlarZC5m9IRDMa4urazQ2MO6CLD59osSDgM7YhoA=
Subject key identifier:   11:75:DF:48:A7:30:3E:EC:A1:E9:C7:59:6F:50:60:63:68:6B:E6:33
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C138FB7F2026CE751BE03315F32BF1F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EXXfSKcwPuyh6cdZb1BgY2hr5jM.roa
Signing time:             Fri 02 Jan 2026 00:20:15 +0000
ROA not before:           Fri 02 Jan 2026 00:20:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     210574
IP address blocks:        185.223.77.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:8f:b7:f2:02:6c:e7:51:be:03:31:5f:32:bf:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1175df48a7303eeca1e9c7596f506063686be633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:1c:fa:f2:8e:2c:15:bd:3a:d4:88:ef:e8:44:
                    34:07:81:55:f3:4c:0e:ef:10:36:18:65:50:71:ed:
                    64:f4:19:e0:89:f6:03:16:50:a0:bd:bd:7c:20:08:
                    f1:a7:6e:30:07:df:00:0c:00:cd:53:35:88:0b:19:
                    9f:44:dc:09:55:72:58:7a:23:c1:26:b8:60:7c:02:
                    14:32:3f:d6:f5:19:65:28:3e:a6:09:c4:9d:70:d9:
                    c5:8f:0d:1d:71:90:fa:11:b7:7e:70:0e:3d:ff:be:
                    f4:fc:af:52:0a:b0:a7:05:8e:44:db:1b:a5:36:5f:
                    74:e8:89:a9:cf:69:16:21:95:99:c4:0c:6e:37:8d:
                    ec:38:43:73:88:60:10:10:6b:4d:36:cf:33:a9:b2:
                    11:06:f4:13:3e:40:92:ea:bc:99:f8:df:3e:b8:36:
                    cb:f4:2a:f5:d3:b6:6f:13:4a:33:02:80:52:5b:be:
                    7a:b9:b3:b1:66:c4:55:fa:6e:34:01:6e:4f:1b:4d:
                    b1:79:ca:74:c0:cc:bb:ab:23:6b:7a:98:13:72:c7:
                    b4:3d:b1:32:60:ea:5c:13:81:75:f2:92:54:f2:ff:
                    a0:10:63:ab:5e:d7:d7:33:c4:69:2e:b0:25:36:68:
                    a9:29:bc:da:6b:0d:b2:7f:55:2e:a6:63:87:e7:24:
                    53:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:75:DF:48:A7:30:3E:EC:A1:E9:C7:59:6F:50:60:63:68:6B:E6:33
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EXXfSKcwPuyh6cdZb1BgY2hr5jM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:01:23:f6:5e:c9:fa:ef:be:fe:2b:75:97:82:35:f0:a2:1d:
         f3:17:11:4f:f8:e5:e1:6a:ad:1f:be:42:93:02:a7:8c:73:88:
         8e:68:17:26:6d:64:a2:2e:97:6d:a2:ab:87:d9:a3:05:aa:f7:
         04:c5:ba:3a:9e:ed:94:6b:fc:04:83:a7:d6:f8:6b:63:38:49:
         f0:e2:e6:27:19:61:53:5b:7f:f6:19:73:86:55:4a:0c:06:8c:
         4a:d6:27:78:4c:90:82:5d:fc:d7:b3:4d:44:6b:85:79:84:2d:
         6c:03:bb:71:3d:3f:53:84:87:ee:d8:09:b6:56:9b:e5:64:c7:
         c9:02:f3:85:ef:86:6a:db:70:19:8b:6a:49:aa:d2:47:d1:ea:
         57:d5:d6:8c:98:4d:b9:e8:97:3f:38:ca:58:3e:54:87:0c:48:
         89:ca:0e:c4:f1:96:f7:f8:97:d5:37:4b:ca:a6:bb:ac:b0:a9:
         5e:2b:f2:07:06:97:e9:61:ff:23:0a:90:84:c3:92:55:1a:cc:
         2a:78:fb:b7:f1:92:44:fb:04:a7:9c:b4:61:ab:62:82:44:f6:
         9e:89:53:db:6c:20:7e:e0:af:61:a1:4c:74:da:51:3e:8d:9c:
         7b:ec:a1:2d:7c:4c:ae:bb:0c:2d:36:79:8c:ae:4a:26:83:7c:
         77:23:d6:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E4+38gJs51G+AzFfMr8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc1ZGY0OGE3MzAzZWVjYTFlOWM3NTk2ZjUwNjA2MzY4NmJlNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xz68o4sFb061Ijv6EQ0B4FV80wO
7xA2GGVQce1k9BngifYDFlCgvb18IAjxp24wB98ADADNUzWICxmfRNwJVXJYeiPB
JrhgfAIUMj/W9RllKD6mCcSdcNnFjw0dcZD6Ebd+cA49/770/K9SCrCnBY5E2xul
Nl906Impz2kWIZWZxAxuN43sOENziGAQEGtNNs8zqbIRBvQTPkCS6ryZ+N8+uDbL
9Cr107ZvE0ozAoBSW756ubOxZsRV+m40AW5PG02xecp0wMy7qyNrepgTcse0PbEy
YOpcE4F18pJU8v+gEGOrXtfXM8RpLrAlNmipKbzaaw2yf1UupmOH5yRTAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBF130inMD7soenHWW9QYGNoa+YzMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRVhYZlNLY3dQdXloNmNkWmIxQmdZMmhyNWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud9NMA0G
CSqGSIb3DQEBCwUAA4IBAQAqASP2Xsn6777+K3WXgjXwoh3zFxFP+OXhaq0fvkKT
AqeMc4iOaBcmbWSiLpdtoquH2aMFqvcExbo6nu2Ua/wEg6fW+GtjOEnw4uYnGWFT
W3/2GXOGVUoMBoxK1id4TJCCXfzXs01Ea4V5hC1sA7txPT9ThIfu2Am2VpvlZMfJ
AvOF74Zq23AZi2pJqtJH0epX1daMmE256Jc/OMpYPlSHDEiJyg7E8Zb3+JfVN0vK
prussKleK/IHBpfpYf8jCpCEw5JVGswqePu38ZJE+wSnnLRhq2KCRPaeiVPbbCB+
4K9hoUx02lE+jZx77KEtfEyuuwwtNnmMrkomg3x3I9ax
-----END CERTIFICATE-----