This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJNN_PaJRjL0Pbgwuvagj-E_W0.roa
File:                     vyJNN_PaJRjL0Pbgwuvagj-E_W0.roa (raw, json)
Hash identifier:          cNENg6Hb6p2zpjaphkchtJ+TDTKhiy6TduY4Co9Fyhc=
Subject key identifier:   BF:22:4D:37:F3:DA:25:18:CB:D0:F6:E0:C2:EB:DA:82:3F:84:FD:6D
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C139F161B0850D85000F0A6F0DCB28D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJNN_PaJRjL0Pbgwuvagj-E_W0.roa
Signing time:             Fri 02 Jan 2026 00:20:19 +0000
ROA not before:           Fri 02 Jan 2026 00:20:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215304
IP address blocks:        185.206.250.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:9f:16:1b:08:50:d8:50:00:f0:a6:f0:dc:b2:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bf224d37f3da2518cbd0f6e0c2ebda823f84fd6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:01:18:68:4a:2c:33:4f:c6:f5:83:a5:22:cc:
                    9e:c9:16:43:11:87:f1:57:e2:22:1d:69:ff:88:11:
                    61:ce:11:1a:c7:c7:62:29:b1:a9:20:06:88:c6:0d:
                    5f:a7:82:55:9e:77:4b:44:dc:d9:e4:8a:2b:fd:a6:
                    7a:94:34:d2:65:81:94:37:c6:fb:7e:04:3c:2f:3d:
                    50:c2:6d:5f:12:c2:6b:1e:cb:fd:c1:0f:f3:81:dd:
                    14:19:d8:00:7b:a2:5c:b4:19:cb:53:83:56:ad:0b:
                    1d:7f:ed:4f:b0:dc:f4:67:42:5d:41:bb:51:e4:94:
                    45:bf:e0:a4:9a:8a:e1:77:06:80:6b:02:52:4a:da:
                    a9:05:5f:b6:6b:c6:81:87:a6:1a:a9:53:02:a4:7b:
                    94:61:13:fa:43:65:f9:56:d0:8b:16:1b:c3:a0:e9:
                    b1:a2:ec:77:c4:dc:a9:c4:fd:b2:06:91:ef:78:1e:
                    e4:a3:21:b4:92:f1:8f:ba:76:39:2f:65:a3:0a:11:
                    6f:5f:ae:d0:a0:a0:07:04:cf:4c:fa:7e:e6:ab:cb:
                    50:5f:c9:0c:71:09:7b:26:b0:de:9f:bc:97:97:b0:
                    96:1d:a3:f7:63:a8:8a:cd:5a:61:4b:41:ed:f5:32:
                    9f:39:d4:e8:cb:a4:38:25:18:00:9d:12:9b:f5:95:
                    e7:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:22:4D:37:F3:DA:25:18:CB:D0:F6:E0:C2:EB:DA:82:3F:84:FD:6D
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJNN_PaJRjL0Pbgwuvagj-E_W0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:96:72:9a:c2:a1:c0:16:1d:4a:d8:5d:b9:ab:1e:06:fc:3b:
         95:83:c6:f8:4b:30:7f:1b:0f:d3:76:b8:ca:fb:db:65:6a:91:
         07:9f:81:63:9d:c4:e6:90:0c:34:cb:3b:97:21:2b:10:df:48:
         76:4c:ad:37:67:a3:85:bf:3a:59:34:ca:35:3c:9a:cc:d6:4f:
         a7:e2:e8:ef:18:a9:98:22:fe:ae:73:a1:c9:42:a7:eb:da:f0:
         9b:27:35:c7:e9:0c:41:27:bc:fa:90:4c:e7:e8:d9:65:37:78:
         bc:37:e7:8c:69:c3:4d:75:e4:18:fa:ab:f4:6e:4d:9f:0f:b7:
         39:29:68:5e:b9:e4:40:bb:9a:0d:da:a4:03:fa:e7:ae:24:a7:
         04:57:a5:4e:66:b2:65:fa:3b:fb:55:de:0b:7b:9f:73:7d:01:
         bf:9b:e7:a1:3e:b7:80:21:f5:03:a9:d6:ac:c5:ec:b3:89:3e:
         70:a9:1e:82:37:3f:88:d2:0e:ed:25:a5:76:be:b1:a8:48:7a:
         32:4b:8c:c9:4e:33:db:6b:20:30:27:cf:df:2f:c5:71:0c:69:
         3a:0a:89:7b:1a:39:9d:e4:a6:d3:4a:42:cb:2b:5a:1c:fe:8b:
         d9:bb:ca:5d:db:fc:d3:b2:e3:35:ab:e8:89:d8:1f:75:bc:68:
         1d:db:eb:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E58WGwhQ2FAA8Kbw3LKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIyNGQzN2YzZGEyNTE4Y2JkMGY2ZTBjMmViZGE4MjNmODRmZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgEYaEosM0/G9YOlIsyeyRZDEYfx
V+IiHWn/iBFhzhEax8diKbGpIAaIxg1fp4JVnndLRNzZ5Ior/aZ6lDTSZYGUN8b7
fgQ8Lz1Qwm1fEsJrHsv9wQ/zgd0UGdgAe6JctBnLU4NWrQsdf+1PsNz0Z0JdQbtR
5JRFv+CkmorhdwaAawJSStqpBV+2a8aBh6YaqVMCpHuUYRP6Q2X5VtCLFhvDoOmx
oux3xNypxP2yBpHveB7koyG0kvGPunY5L2WjChFvX67QoKAHBM9M+n7mq8tQX8kM
cQl7JrDen7yXl7CWHaP3Y6iKzVphS0Ht9TKfOdToy6Q4JRgAnRKb9ZXnewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8iTTfz2iUYy9D24MLr2oI/hP1tMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdnlKTk5fUGFKUmpMMFBiZ3d1dmFnai1FX1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc76MA0G
CSqGSIb3DQEBCwUAA4IBAQAVlnKawqHAFh1K2F25qx4G/DuVg8b4SzB/Gw/TdrjK
+9tlapEHn4FjncTmkAw0yzuXISsQ30h2TK03Z6OFvzpZNMo1PJrM1k+n4ujvGKmY
Iv6uc6HJQqfr2vCbJzXH6QxBJ7z6kEzn6NllN3i8N+eMacNNdeQY+qv0bk2fD7c5
KWheueRAu5oN2qQD+ueuJKcEV6VOZrJl+jv7Vd4Le59zfQG/m+ehPreAIfUDqdas
xeyziT5wqR6CNz+I0g7tJaV2vrGoSHoyS4zJTjPbayAwJ8/fL8VxDGk6Col7Gjmd
5KbTSkLLK1oc/ovZu8pd2/zTsuM1q+iJ2B91vGgd2+sv
-----END CERTIFICATE-----