This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bz-bGhObpvC35L_hp0eu2-3qYtw.roa
File:                     Bz-bGhObpvC35L_hp0eu2-3qYtw.roa (raw, json)
Hash identifier:          uwq39bcN6XNetP7Mhovff9ei7i/RPLC7scA5GaLsdrI=
Subject key identifier:   07:3F:9B:1A:13:9B:A6:F0:B7:E4:BF:E1:A7:47:AE:DB:ED:EA:62:DC
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       019B797E30D04FD9CC07B28DE8ADFBC0A817
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bz-bGhObpvC35L_hp0eu2-3qYtw.roa
Signing time:             Thu 01 Jan 2026 12:17:51 +0000
ROA not before:           Thu 01 Jan 2026 12:17:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     61049
IP address blocks:        185.177.83.0/24 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 12:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:30:d0:4f:d9:cc:07:b2:8d:e8:ad:fb:c0:a8:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 12:17:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=073f9b1a139ba6f0b7e4bfe1a747aedbedea62dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5c:fa:c8:15:1f:4c:48:75:b0:cb:a8:be:48:
                    46:81:b9:50:85:96:da:88:f0:61:09:24:07:de:6e:
                    1e:44:e8:99:dd:50:87:05:25:57:b4:be:16:af:11:
                    62:e3:cc:98:ce:29:f6:ac:0c:24:b5:87:eb:fe:ac:
                    67:60:1c:d7:01:68:34:88:a4:4b:b0:9d:34:91:57:
                    ee:ad:7e:1f:da:42:75:85:25:cf:4c:5f:75:05:af:
                    74:d5:5e:d9:71:71:96:dd:78:cd:27:ef:77:35:bf:
                    7f:cd:dc:d8:05:83:56:4f:fd:a4:10:8c:73:99:ec:
                    54:02:6c:ac:41:f8:7d:8c:00:82:7b:34:86:31:a9:
                    4a:51:e4:a6:ba:f1:9d:f2:35:9a:57:3d:78:3b:a2:
                    95:09:52:41:0a:3c:18:6e:14:6a:c3:ed:a0:37:c9:
                    19:a6:23:e9:c4:58:c2:07:aa:45:39:da:5a:0e:65:
                    fc:8d:e7:8b:74:76:09:d9:97:ba:55:15:b7:93:20:
                    32:63:b4:df:1b:4e:ab:56:25:9d:b6:38:0b:6a:9d:
                    01:d5:1b:56:c5:16:84:f3:b6:b5:a1:65:5d:57:65:
                    e2:98:63:2c:8c:ea:d6:41:0c:46:5f:60:21:5a:88:
                    4e:e1:77:49:0c:41:6d:15:f7:28:cf:65:a7:b8:17:
                    b3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3F:9B:1A:13:9B:A6:F0:B7:E4:BF:E1:A7:47:AE:DB:ED:EA:62:DC
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bz-bGhObpvC35L_hp0eu2-3qYtw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:a7:8e:73:17:1d:a9:27:36:de:7b:76:99:e1:14:25:aa:af:
         cf:17:80:7b:75:19:bc:cb:68:7c:41:c7:06:57:14:3d:2a:dd:
         ca:1f:5c:8a:b0:0b:bc:a6:8b:2e:a5:2f:4d:cb:fe:2b:14:dc:
         22:59:1b:2e:dd:20:7a:66:14:d1:15:ea:10:5f:6f:aa:94:42:
         38:f2:62:c7:e4:17:87:36:5e:b8:da:05:4a:76:60:30:0a:84:
         a6:51:69:f5:c3:08:f7:6c:e2:c1:04:99:1f:75:e7:14:7a:85:
         85:d0:13:55:f7:85:aa:e6:3f:b3:c8:3c:a2:90:91:3e:22:f8:
         11:d6:40:48:2a:d1:fe:2f:3f:4f:00:c3:32:e5:f8:42:73:ac:
         b5:8b:74:fa:0e:eb:7e:10:9d:26:64:19:e4:71:26:7b:19:82:
         e8:37:4e:65:35:6d:07:d8:06:6b:1d:5c:fa:20:22:ae:13:9b:
         e9:b2:81:8a:64:78:5b:33:0e:9d:1f:ae:f0:c0:41:59:ea:95:
         31:1c:ce:c3:dc:b6:aa:72:d3:af:99:77:df:fd:12:fa:5f:a8:
         30:25:56:86:14:58:0f:1b:90:53:dc:c9:44:6d:27:5b:2a:25:
         c3:43:65:0c:38:70:80:08:bb:88:85:d1:2d:81:48:7b:41:6a:
         ed:f0:91:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fjDQT9nMB7KN6K37wKgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMTAxMTIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzNmOWIxYTEzOWJhNmYwYjdlNGJmZTFhNzQ3YWVkYmVkZWE2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlz6yBUfTEh1sMuovkhGgblQhZba
iPBhCSQH3m4eROiZ3VCHBSVXtL4WrxFi48yYzin2rAwktYfr/qxnYBzXAWg0iKRL
sJ00kVfurX4f2kJ1hSXPTF91Ba901V7ZcXGW3XjNJ+93Nb9/zdzYBYNWT/2kEIxz
mexUAmysQfh9jACCezSGMalKUeSmuvGd8jWaVz14O6KVCVJBCjwYbhRqw+2gN8kZ
piPpxFjCB6pFOdpaDmX8jeeLdHYJ2Ze6VRW3kyAyY7TfG06rViWdtjgLap0B1RtW
xRaE87a1oWVdV2XimGMsjOrWQQxGX2AhWohO4XdJDEFtFfcoz2WnuBeztQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAc/mxoTm6bwt+S/4adHrtvt6mLcMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQnotYkdoT2JwdkMzNUxfaHAwZXUyLTNxWXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubFTMA0G
CSqGSIb3DQEBCwUAA4IBAQAap45zFx2pJzbee3aZ4RQlqq/PF4B7dRm8y2h8QccG
VxQ9Kt3KH1yKsAu8posupS9Ny/4rFNwiWRsu3SB6ZhTRFeoQX2+qlEI48mLH5BeH
Nl642gVKdmAwCoSmUWn1wwj3bOLBBJkfdecUeoWF0BNV94Wq5j+zyDyikJE+IvgR
1kBIKtH+Lz9PAMMy5fhCc6y1i3T6Dut+EJ0mZBnkcSZ7GYLoN05lNW0H2AZrHVz6
ICKuE5vpsoGKZHhbMw6dH67wwEFZ6pUxHM7D3LaqctOvmXff/RL6X6gwJVaGFFgP
G5BT3MlEbSdbKiXDQ2UMOHCACLuIhdEtgUh7QWrt8JG9
-----END CERTIFICATE-----