This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TJh28HvII8yGMY4CpayQomHsRqo.roa
File:                     TJh28HvII8yGMY4CpayQomHsRqo.roa (raw, json)
Hash identifier:          zYt12CZkCxQ9AtGiMyxZp9vg2koWH5zZq33hgxWtJT8=
Subject key identifier:   4C:98:76:F0:7B:C8:23:CC:86:31:8E:02:A5:AC:90:A2:61:EC:46:AA
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C136142A99391AAC97F7A6721E82289
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TJh28HvII8yGMY4CpayQomHsRqo.roa
Signing time:             Fri 02 Jan 2026 00:20:03 +0000
ROA not before:           Fri 02 Jan 2026 00:20:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     7029
IP address blocks:        185.232.206.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:61:42:a9:93:91:aa:c9:7f:7a:67:21:e8:22:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4c9876f07bc823cc86318e02a5ac90a261ec46aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:54:c3:7b:c5:3f:d5:75:3e:8b:14:24:16:43:
                    d1:50:d6:72:0d:fd:56:1b:ea:8c:fa:71:11:01:e9:
                    1e:2c:56:75:c8:34:d4:45:95:8f:83:8d:9c:f5:e1:
                    84:9a:49:c0:d1:06:1a:16:0b:80:fb:a4:42:ec:ac:
                    b8:b5:38:d3:6b:d0:02:a6:16:d1:31:b9:59:54:37:
                    0d:e7:00:59:f3:ad:03:b6:aa:3a:f3:d6:ed:46:e7:
                    92:e0:98:f1:d4:92:eb:fd:b1:59:8a:b5:6f:bc:76:
                    d1:69:78:d3:50:a3:b0:b9:81:08:89:01:77:fe:be:
                    61:27:0b:b2:73:b3:f3:e3:47:42:a7:5b:d6:73:8b:
                    c5:26:9f:31:9b:c6:2b:ab:41:ac:84:de:38:0d:bd:
                    30:d0:4b:f0:bd:3a:92:c2:3b:ca:63:4f:49:1c:8e:
                    f7:31:2c:1a:e0:fd:9d:ab:c7:08:06:de:1c:6b:f1:
                    b8:62:45:56:79:a3:49:80:33:b8:a5:19:3c:2d:2b:
                    e9:54:6d:57:3c:83:9e:18:a4:a3:50:92:be:3d:eb:
                    b5:73:5e:64:d4:e3:86:95:31:29:6d:9a:a6:5c:35:
                    70:68:dc:30:e8:d0:e6:ed:a3:bd:e1:55:90:56:ed:
                    79:32:d1:73:35:6e:f3:b5:80:fc:52:75:e5:97:70:
                    86:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:98:76:F0:7B:C8:23:CC:86:31:8E:02:A5:AC:90:A2:61:EC:46:AA
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TJh28HvII8yGMY4CpayQomHsRqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:34:5d:91:4b:f6:c3:d5:a0:bf:3b:09:dd:bd:59:2a:16:62:
         58:c1:17:9a:b3:91:30:b4:89:be:e2:2a:93:52:80:37:48:8f:
         10:6d:9c:05:19:49:75:d6:ed:16:b2:45:4f:3f:11:bb:9b:a5:
         8b:ab:b3:1b:37:27:6b:d6:e7:ce:24:7d:78:88:1f:a0:19:93:
         a4:7c:3b:ca:55:f6:b8:cd:61:e4:57:1c:d4:42:f9:80:0c:1d:
         f2:5a:c4:54:47:19:26:e5:e3:32:cc:a4:76:3f:6b:32:1f:f0:
         b1:c0:fc:44:e5:16:78:88:c7:e6:91:11:1f:1e:ea:df:a2:b7:
         8e:69:4b:80:09:d1:1d:a6:9f:fd:ff:38:9e:df:fc:c3:a9:98:
         c5:20:3f:6d:18:c0:57:83:1e:a9:dd:00:fe:a0:8e:52:ef:cb:
         c9:a9:11:74:af:7e:ef:a0:59:b4:27:48:27:af:58:95:59:f8:
         34:11:fb:73:91:4d:91:14:ca:20:c3:ea:8e:56:b6:7f:ee:c4:
         04:2d:7f:87:11:61:af:38:0a:c6:61:d8:28:f7:00:3c:02:91:
         1e:41:1a:68:5b:da:82:fd:5a:8f:bb:1e:56:f3:ab:8e:a4:ac:
         9d:3b:d2:46:df:e9:ef:e7:d9:98:66:da:22:f3:c4:db:18:a4:
         d9:98:c6:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E2FCqZORqsl/emch6CKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk4NzZmMDdiYzgyM2NjODYzMThlMDJhNWFjOTBhMjYxZWM0NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVTDe8U/1XU+ixQkFkPRUNZyDf1W
G+qM+nERAekeLFZ1yDTURZWPg42c9eGEmknA0QYaFguA+6RC7Ky4tTjTa9ACphbR
MblZVDcN5wBZ860Dtqo689btRueS4Jjx1JLr/bFZirVvvHbRaXjTUKOwuYEIiQF3
/r5hJwuyc7Pz40dCp1vWc4vFJp8xm8Yrq0GshN44Db0w0EvwvTqSwjvKY09JHI73
MSwa4P2dq8cIBt4ca/G4YkVWeaNJgDO4pRk8LSvpVG1XPIOeGKSjUJK+Peu1c15k
1OOGlTEpbZqmXDVwaNww6NDm7aO94VWQVu15MtFzNW7ztYD8UnXll3CG/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyYdvB7yCPMhjGOAqWskKJh7EaqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVEpoMjhIdklJOHlHTVk0Q3BheVFvbUhzUnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejOMA0G
CSqGSIb3DQEBCwUAA4IBAQDCNF2RS/bD1aC/OwndvVkqFmJYwReas5EwtIm+4iqT
UoA3SI8QbZwFGUl11u0WskVPPxG7m6WLq7MbNydr1ufOJH14iB+gGZOkfDvKVfa4
zWHkVxzUQvmADB3yWsRURxkm5eMyzKR2P2syH/CxwPxE5RZ4iMfmkREfHurforeO
aUuACdEdpp/9/zie3/zDqZjFID9tGMBXgx6p3QD+oI5S78vJqRF0r37voFm0J0gn
r1iVWfg0EftzkU2RFMogw+qOVrZ/7sQELX+HEWGvOArGYdgo9wA8ApEeQRpoW9qC
/VqPux5W86uOpKydO9JG3+nv59mYZtoi88TbGKTZmMYp
-----END CERTIFICATE-----