This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dJ59FoXvBGHd3d1avxgEDQ1Zopg.roa
File:                     dJ59FoXvBGHd3d1avxgEDQ1Zopg.roa (raw, json)
Hash identifier:          RHAb6HYxJ9VDL3beO45hc1Pqw8dHfZeAfpiLHCb3AiU=
Subject key identifier:   74:9E:7D:16:85:EF:04:61:DD:DD:DD:5A:BF:18:04:0D:0D:59:A2:98
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C137D347AAD9402267837566F830D02
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dJ59FoXvBGHd3d1avxgEDQ1Zopg.roa
Signing time:             Fri 02 Jan 2026 00:20:10 +0000
ROA not before:           Fri 02 Jan 2026 00:20:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     150158
IP address blocks:        185.223.154.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:7d:34:7a:ad:94:02:26:78:37:56:6f:83:0d:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=749e7d1685ef0461dddddd5abf18040d0d59a298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:81:91:51:35:a5:20:35:56:ae:51:5a:6c:38:
                    e0:12:f0:e4:8c:f6:cb:70:f9:81:4c:00:ed:24:74:
                    ad:90:45:18:88:a1:d9:90:2f:cc:e6:b3:3c:ce:9e:
                    06:f8:e2:90:ec:64:76:ae:d2:70:65:b0:1a:17:20:
                    74:02:0c:a0:11:33:f6:59:a0:c0:68:ad:c4:0c:ca:
                    e9:a4:5e:23:d4:4b:f9:93:5b:16:7f:2c:00:e7:cd:
                    fc:ae:9e:3e:be:e4:f6:85:9f:40:8a:90:85:5a:6a:
                    24:c5:c5:c3:ab:65:f7:67:7c:a4:bc:80:9d:95:c9:
                    18:3b:14:3f:55:9b:3d:e4:35:53:60:af:fa:b9:c9:
                    3f:4a:e3:ae:55:24:93:ed:d6:fe:2e:0a:67:cf:bc:
                    08:df:4f:0c:aa:1a:41:fc:34:6b:6a:df:32:15:95:
                    6d:3f:64:97:9e:0a:b7:c0:4f:6e:2a:58:07:d7:3f:
                    f2:ce:9d:75:cb:9f:43:83:bb:ce:6a:8d:ae:71:4c:
                    8a:77:1c:65:ab:60:e9:2c:f5:6e:1a:e6:3d:87:37:
                    6a:40:82:69:68:8b:1a:f7:3c:b2:7c:ae:e5:1e:5e:
                    c0:70:fc:bc:1f:ea:66:7f:49:f5:e8:25:f5:54:63:
                    e2:35:3b:de:a6:57:e5:70:07:d7:17:0b:2f:9e:47:
                    2a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9E:7D:16:85:EF:04:61:DD:DD:DD:5A:BF:18:04:0D:0D:59:A2:98
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dJ59FoXvBGHd3d1avxgEDQ1Zopg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:34:fa:d2:0a:2d:bc:08:89:04:d6:7e:eb:fe:2b:8f:a3:85:
         7d:c9:fa:40:9b:83:05:9e:ae:90:86:e9:6a:05:2a:0c:ae:a1:
         0c:ba:7e:35:16:41:63:6d:39:e0:55:48:e1:e9:81:d3:04:03:
         a9:ab:e5:9b:25:16:cb:da:04:16:d5:01:18:2d:72:a4:f0:74:
         20:70:dd:4a:1b:12:56:7b:01:19:f3:e1:b3:b7:d2:05:64:58:
         c3:62:bc:63:af:c6:71:d4:14:da:6f:69:c8:5a:15:00:68:d1:
         70:05:2d:94:b7:45:a5:10:bd:45:43:0a:41:50:0a:08:93:f3:
         be:94:82:bf:57:d0:3f:1c:63:80:5f:9b:75:22:0a:0e:6b:69:
         c1:b7:ed:7e:ba:b8:3a:43:f1:d7:3c:6a:33:a5:56:1e:61:32:
         3c:6e:87:09:91:6e:ae:37:cd:4a:e3:40:b8:b4:40:67:7e:20:
         40:49:31:63:3d:be:f7:5c:be:33:ab:bb:87:3d:6e:8c:cb:65:
         45:42:47:9f:3c:c8:11:c1:2a:e9:0d:68:87:78:36:f6:97:df:
         5d:d2:4e:20:a4:86:1d:cf:92:cc:99:71:38:c3:e2:ec:35:aa:
         98:06:39:92:05:fc:91:2c:b4:70:8a:b7:a8:84:36:85:77:30:
         e1:e5:b8:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E300eq2UAiZ4N1Zvgw0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDllN2QxNjg1ZWYwNDYxZGRkZGRkNWFiZjE4MDQwZDBkNTlhMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYGRUTWlIDVWrlFabDjgEvDkjPbL
cPmBTADtJHStkEUYiKHZkC/M5rM8zp4G+OKQ7GR2rtJwZbAaFyB0AgygETP2WaDA
aK3EDMrppF4j1Ev5k1sWfywA5838rp4+vuT2hZ9AipCFWmokxcXDq2X3Z3ykvICd
lckYOxQ/VZs95DVTYK/6uck/SuOuVSST7db+Lgpnz7wI308MqhpB/DRrat8yFZVt
P2SXngq3wE9uKlgH1z/yzp11y59Dg7vOao2ucUyKdxxlq2DpLPVuGuY9hzdqQIJp
aIsa9zyyfK7lHl7AcPy8H+pmf0n16CX1VGPiNTveplflcAfXFwsvnkcqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSefRaF7wRh3d3dWr8YBA0NWaKYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZEo1OUZvWHZCR0hkM2QxYXZ4Z0VEUTFab3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+aMA0G
CSqGSIb3DQEBCwUAA4IBAQCcNPrSCi28CIkE1n7r/iuPo4V9yfpAm4MFnq6Qhulq
BSoMrqEMun41FkFjbTngVUjh6YHTBAOpq+WbJRbL2gQW1QEYLXKk8HQgcN1KGxJW
ewEZ8+Gzt9IFZFjDYrxjr8Zx1BTab2nIWhUAaNFwBS2Ut0WlEL1FQwpBUAoIk/O+
lIK/V9A/HGOAX5t1IgoOa2nBt+1+urg6Q/HXPGozpVYeYTI8bocJkW6uN81K40C4
tEBnfiBASTFjPb73XL4zq7uHPW6My2VFQkefPMgRwSrpDWiHeDb2l99d0k4gpIYd
z5LMmXE4w+LsNaqYBjmSBfyRLLRwireohDaFdzDh5bhC
-----END CERTIFICATE-----