This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UAyBl68HmjPWdjWx_bZczw4UN-4.roa
File:                     UAyBl68HmjPWdjWx_bZczw4UN-4.roa (raw, json)
Hash identifier:          ua2kyQUQLi17rGV7a0BBhlZPO40oqBIPlp1Go+HpNXU=
Subject key identifier:   50:0C:81:97:AF:07:9A:33:D6:76:35:B1:FD:B6:5C:CF:0E:14:37:EE
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C137AE52E7645FE5D5444B4A8C38A04
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UAyBl68HmjPWdjWx_bZczw4UN-4.roa
Signing time:             Fri 02 Jan 2026 00:20:09 +0000
ROA not before:           Fri 02 Jan 2026 00:20:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     63473
IP address blocks:        185.126.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:7a:e5:2e:76:45:fe:5d:54:44:b4:a8:c3:8a:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=500c8197af079a33d67635b1fdb65ccf0e1437ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b6:f7:d2:c8:7e:36:a5:6f:d3:f3:4a:e5:76:
                    20:79:aa:bf:c4:6a:36:0d:62:19:62:05:d5:d4:8c:
                    87:f7:c4:ad:ff:21:40:94:48:7d:35:f6:50:da:d5:
                    a1:ee:c2:66:91:a0:fc:6d:aa:31:c2:fb:c6:0f:3a:
                    86:3f:a2:f0:58:3c:98:69:85:30:b6:c0:6c:47:f7:
                    b4:f8:77:e5:f6:51:5a:09:e3:6c:2a:b2:77:82:b9:
                    04:7d:9b:25:d0:c9:bf:9e:78:51:13:25:f3:8b:2f:
                    5f:c9:7a:c9:2e:ab:10:a0:b3:3b:be:29:1e:63:28:
                    1a:73:e2:b4:87:b3:8d:16:78:2f:e1:c7:76:ff:0a:
                    92:4d:b6:55:2a:f4:b7:67:56:51:1c:ff:2a:d5:da:
                    ee:c0:18:f1:22:c4:5e:58:c3:94:de:54:2f:37:2e:
                    ce:bf:60:c3:76:18:38:9e:28:fc:70:34:c9:82:ef:
                    ee:66:da:93:31:73:2d:c6:96:fe:52:0b:c8:2f:7a:
                    6f:63:a4:c5:93:43:dc:1e:cb:d2:37:1c:81:cd:ad:
                    b6:a7:24:44:db:14:07:64:0f:ae:68:c3:0a:d5:48:
                    47:ba:62:ec:96:64:ca:d4:fe:7c:45:97:b7:17:ec:
                    53:9a:30:a7:7f:1a:6b:4a:a9:97:01:9f:49:96:13:
                    48:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:0C:81:97:AF:07:9A:33:D6:76:35:B1:FD:B6:5C:CF:0E:14:37:EE
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UAyBl68HmjPWdjWx_bZczw4UN-4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:61:4c:61:76:58:66:b1:31:06:c6:0f:7f:af:cd:e3:bd:03:
         8e:b4:ed:18:b9:7e:1a:d2:df:64:06:c1:f4:84:83:76:72:b8:
         6d:39:76:0c:82:da:2b:f8:27:57:9b:63:ff:87:da:93:d0:fa:
         73:c8:22:37:cc:22:78:6c:69:63:b8:bb:83:c6:44:2e:bb:c4:
         21:3f:80:34:2c:66:9a:19:d3:a8:cf:1a:12:c2:80:c3:d2:bc:
         fd:d3:26:a6:a2:64:ef:4b:1e:f8:7b:02:d7:93:34:99:d4:cf:
         41:dd:64:3f:50:7a:37:9c:c9:45:d9:c0:20:af:a0:4f:bd:9d:
         69:71:a4:5f:c4:4a:33:e3:91:00:fb:76:66:64:73:81:05:e4:
         70:55:ef:de:77:a4:ab:90:c8:74:24:f5:59:57:4b:47:1c:3d:
         23:c2:0f:54:d2:03:be:48:86:39:d0:12:81:8e:d3:76:03:77:
         cd:09:4d:28:4c:e7:92:18:dc:e1:8c:4a:b7:cf:a6:42:74:5a:
         94:44:10:30:8d:63:42:a5:e5:7f:d5:06:ee:28:e5:04:50:30:
         12:7c:d9:0d:02:b7:f8:cc:87:f2:55:6d:a5:45:ad:97:56:ee:
         1f:92:1b:e5:00:dd:38:a0:f8:6d:e3:00:fb:7d:54:c1:65:18:
         7f:86:57:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E3rlLnZF/l1URLSow4oEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDBjODE5N2FmMDc5YTMzZDY3NjM1YjFmZGI2NWNjZjBlMTQzN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37b30sh+NqVv0/NK5XYgeaq/xGo2
DWIZYgXV1IyH98St/yFAlEh9NfZQ2tWh7sJmkaD8baoxwvvGDzqGP6LwWDyYaYUw
tsBsR/e0+Hfl9lFaCeNsKrJ3grkEfZsl0Mm/nnhREyXziy9fyXrJLqsQoLM7vike
Yygac+K0h7ONFngv4cd2/wqSTbZVKvS3Z1ZRHP8q1druwBjxIsReWMOU3lQvNy7O
v2DDdhg4nij8cDTJgu/uZtqTMXMtxpb+UgvIL3pvY6TFk0PcHsvSNxyBza22pyRE
2xQHZA+uaMMK1UhHumLslmTK1P58RZe3F+xTmjCnfxprSqmXAZ9JlhNI0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAMgZevB5oz1nY1sf22XM8OFDfuMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVUF5Qmw2OEhtalBXZGpXeF9iWmN6dzRVTi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX5SMA0G
CSqGSIb3DQEBCwUAA4IBAQBwYUxhdlhmsTEGxg9/r83jvQOOtO0YuX4a0t9kBsH0
hIN2crhtOXYMgtor+CdXm2P/h9qT0PpzyCI3zCJ4bGljuLuDxkQuu8QhP4A0LGaa
GdOozxoSwoDD0rz90yamomTvSx74ewLXkzSZ1M9B3WQ/UHo3nMlF2cAgr6BPvZ1p
caRfxEoz45EA+3ZmZHOBBeRwVe/ed6SrkMh0JPVZV0tHHD0jwg9U0gO+SIY50BKB
jtN2A3fNCU0oTOeSGNzhjEq3z6ZCdFqURBAwjWNCpeV/1QbuKOUEUDASfNkNArf4
zIfyVW2lRa2XVu4fkhvlAN04oPht4wD7fVTBZRh/hld8
-----END CERTIFICATE-----