This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyNQ2vSd8MtIolQnr_QyAimID3Q.roa
File:                     vyNQ2vSd8MtIolQnr_QyAimID3Q.roa (raw, json)
Hash identifier:          If08Lmm9MlhJQ07BqHt5k90EoCWbK/TEWKATFV6CIXI=
Subject key identifier:   BF:23:50:DA:F4:9D:F0:CB:48:A2:54:27:AF:F4:32:02:29:88:0F:74
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C13774169DDC32AF7D9C5CD27881A8F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyNQ2vSd8MtIolQnr_QyAimID3Q.roa
Signing time:             Fri 02 Jan 2026 00:20:09 +0000
ROA not before:           Fri 02 Jan 2026 00:20:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60781
IP address blocks:        185.223.152.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 19:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:77:41:69:dd:c3:2a:f7:d9:c5:cd:27:88:1a:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bf2350daf49df0cb48a25427aff4320229880f74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fb:af:51:4c:c0:bf:20:a7:56:5f:4c:06:d2:
                    65:65:e5:d8:2f:1d:51:9f:37:0a:62:d3:35:b8:74:
                    c7:c8:1d:26:bc:52:7b:82:64:12:2d:48:cb:7a:02:
                    ad:68:b8:26:ae:66:17:29:e3:71:62:ca:22:8d:06:
                    85:db:a9:d2:51:2b:60:00:c8:1a:b9:56:ad:b7:36:
                    cd:0f:95:7b:b5:9f:28:a6:f5:db:50:f7:26:76:51:
                    ff:42:5d:41:ca:b1:bd:be:9f:93:6b:63:99:a9:f6:
                    cc:72:30:e1:b1:f9:d4:a5:89:19:f1:b7:df:ce:c9:
                    b3:94:71:12:3d:19:29:63:97:74:d6:2f:4d:02:7f:
                    c0:10:74:09:15:ac:97:4a:0d:f2:6e:2f:90:de:be:
                    e8:5a:76:35:2d:89:ba:61:cf:21:48:03:f0:d9:e8:
                    82:63:e0:c3:ac:4e:b5:cc:17:24:fb:f9:d8:d8:f5:
                    62:4b:25:65:9d:d2:71:a9:b9:d0:7c:04:0b:44:23:
                    c6:e7:b9:65:6b:c1:12:d9:01:3b:b6:22:c9:f3:48:
                    40:f4:f8:49:27:99:b9:81:18:fd:2a:ed:71:6c:2f:
                    74:70:d0:46:59:4c:da:69:7e:13:5a:b7:23:62:2b:
                    fc:53:34:2f:bd:3f:d1:dd:71:b1:1b:97:a4:15:3b:
                    74:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:23:50:DA:F4:9D:F0:CB:48:A2:54:27:AF:F4:32:02:29:88:0F:74
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyNQ2vSd8MtIolQnr_QyAimID3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:5d:03:f5:99:8e:29:2b:a8:23:6d:5f:4f:24:eb:35:cb:f9:
         bd:ce:f0:27:2e:bf:c8:8f:56:f0:26:39:ee:c2:fe:7c:60:a1:
         da:e3:31:ef:dc:86:e6:b1:d8:ff:ae:a4:3f:b9:22:0c:34:b6:
         79:88:1b:2b:b0:bb:6b:aa:2a:d1:4c:69:c4:09:81:57:96:73:
         08:43:3e:2f:59:96:18:37:72:13:1e:88:7c:e8:03:ff:8d:f7:
         51:9d:d8:5b:da:ce:51:72:be:1b:f9:71:b2:49:ad:08:7c:fd:
         12:77:68:5e:e4:4f:f0:94:93:99:a0:4f:95:b0:6f:bd:54:c7:
         a9:33:3e:aa:e2:4d:00:69:86:0b:17:c0:6d:ee:25:a8:24:8a:
         e9:73:78:06:0e:c3:0d:d5:77:c0:ee:25:96:44:78:1a:5a:b4:
         ae:77:db:1c:e3:0b:17:0e:ad:91:ab:da:b7:d1:cb:6c:ba:91:
         f2:e4:4e:d8:4a:41:bf:00:83:65:94:ed:46:04:2c:87:8f:20:
         b8:ca:2b:97:bf:28:0c:bc:3a:19:1d:48:a1:21:b6:c5:45:d8:
         29:86:0d:8e:3a:3a:90:7f:e7:68:15:03:b6:02:93:67:e6:7e:
         35:83:f4:6d:a2:93:79:5a:c6:46:c3:71:3f:4c:5e:8c:9c:c3:
         80:4d:c2:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E3dBad3DKvfZxc0niBqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIzNTBkYWY0OWRmMGNiNDhhMjU0MjdhZmY0MzIwMjI5ODgwZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfuvUUzAvyCnVl9MBtJlZeXYLx1R
nzcKYtM1uHTHyB0mvFJ7gmQSLUjLegKtaLgmrmYXKeNxYsoijQaF26nSUStgAMga
uVattzbND5V7tZ8opvXbUPcmdlH/Ql1ByrG9vp+Ta2OZqfbMcjDhsfnUpYkZ8bff
zsmzlHESPRkpY5d01i9NAn/AEHQJFayXSg3ybi+Q3r7oWnY1LYm6Yc8hSAPw2eiC
Y+DDrE61zBck+/nY2PViSyVlndJxqbnQfAQLRCPG57lla8ES2QE7tiLJ80hA9PhJ
J5m5gRj9Ku1xbC90cNBGWUzaaX4TWrcjYiv8UzQvvT/R3XGxG5ekFTt07wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8jUNr0nfDLSKJUJ6/0MgIpiA90MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdnlOUTJ2U2Q4TXRJb2xRbnJfUXlBaW1JRDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBTXQP1mY4pK6gjbV9PJOs1y/m9zvAnLr/Ij1bwJjnu
wv58YKHa4zHv3Ibmsdj/rqQ/uSIMNLZ5iBsrsLtrqirRTGnECYFXlnMIQz4vWZYY
N3ITHoh86AP/jfdRndhb2s5Rcr4b+XGySa0IfP0Sd2he5E/wlJOZoE+VsG+9VMep
Mz6q4k0AaYYLF8Bt7iWoJIrpc3gGDsMN1XfA7iWWRHgaWrSud9sc4wsXDq2Rq9q3
0ctsupHy5E7YSkG/AINllO1GBCyHjyC4yiuXvygMvDoZHUihIbbFRdgphg2OOjqQ
f+doFQO2ApNn5n41g/RtopN5WsZGw3E/TF6MnMOATcJV
-----END CERTIFICATE-----