This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/MiUKM4-anjUIiLLo25o4aW1endE.roa
File:                     MiUKM4-anjUIiLLo25o4aW1endE.roa (raw, json)
Hash identifier:          8GJk2lpNvqF8G6oHGKOgI8d2pjeWdDUhOm/xZPhFJK8=
Subject key identifier:   32:25:0A:33:8F:9A:9E:35:08:88:B2:E8:DB:9A:38:69:6D:5E:9D:D1
Certificate issuer:       /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial:       019B7E38DCA70489B5EE2ED42519912DA4AB
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/MiUKM4-anjUIiLLo25o4aW1endE.roa
Signing time:             Fri 02 Jan 2026 10:20:14 +0000
ROA not before:           Fri 02 Jan 2026 10:20:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212905
IP address blocks:        185.86.81.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:dc:a7:04:89:b5:ee:2e:d4:25:19:91:2d:a4:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
        Validity
            Not Before: Jan  2 10:20:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=32250a338f9a9e350888b2e8db9a38696d5e9dd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:df:b0:9f:79:1a:bb:44:34:9d:50:24:71:24:
                    5e:69:5c:3a:8f:8b:11:20:56:d9:f3:9b:2d:75:26:
                    d7:fd:75:db:73:4b:61:84:08:90:2f:7b:76:a7:1e:
                    77:e6:53:bf:38:f2:53:99:f9:af:10:8c:bd:dc:b9:
                    ff:19:ab:8d:f2:73:31:95:4c:4a:a2:64:46:d5:3b:
                    12:ca:88:57:a9:56:19:99:af:43:82:ea:40:e9:e9:
                    c0:e3:51:e4:bc:9c:49:e4:f1:50:57:48:2e:1e:03:
                    67:7f:d9:be:9e:51:07:59:52:79:48:ac:6d:cd:84:
                    1b:43:02:20:df:90:a6:d8:10:65:bc:92:66:5b:4b:
                    c2:5b:28:3a:c4:59:2e:e5:d9:70:58:43:ee:47:0c:
                    c8:b5:07:9e:9a:ab:dd:d7:65:34:db:38:97:3f:ae:
                    0d:09:b4:ea:e2:96:2f:91:bb:12:bb:86:3e:eb:24:
                    30:c4:4c:e0:02:8a:f6:2d:0b:c0:6b:ca:92:05:1b:
                    77:48:e0:a7:85:6c:10:02:65:f3:f4:7c:4b:0d:60:
                    70:ee:a4:ff:ff:dd:3f:26:84:25:50:18:c1:7b:38:
                    d7:4b:1b:58:df:00:17:13:8d:5c:55:ce:00:3e:2b:
                    08:d5:1f:6c:06:b2:ae:9f:c6:4e:85:79:70:88:3c:
                    56:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:25:0A:33:8F:9A:9E:35:08:88:B2:E8:DB:9A:38:69:6D:5E:9D:D1
            X509v3 Authority Key Identifier:
                keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/MiUKM4-anjUIiLLo25o4aW1endE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.86.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b9:51:b1:94:60:58:53:7b:a1:6e:20:85:0c:7c:9d:0e:80:
         a8:24:e6:c1:a5:08:99:62:89:8f:75:71:c4:c9:37:bf:70:82:
         51:72:b8:5c:96:89:21:a8:3b:3f:35:a9:80:cc:15:fc:60:a3:
         e8:dc:cb:81:34:dd:ce:0b:0b:65:e4:45:b7:6b:dd:10:54:77:
         c4:fc:dc:03:9f:77:b3:7a:9d:37:5f:53:86:c8:64:df:ad:a2:
         95:16:aa:28:b5:cb:7c:ce:00:e1:fe:3f:b0:38:66:3a:16:ef:
         61:b5:9d:ce:89:6b:10:75:d2:73:03:45:a1:30:ca:76:3c:77:
         a4:4f:8d:25:67:80:38:0d:3a:f8:ce:61:6e:40:75:3b:51:a6:
         64:f9:91:5b:03:17:fa:b9:3e:2f:bc:78:a5:ff:b8:fd:68:af:
         1f:12:97:f2:68:89:c3:7d:f7:9b:b0:4f:a7:c3:3b:4b:86:58:
         17:45:31:fa:97:14:12:1f:d1:85:b3:f7:67:e8:cb:9d:2a:e7:
         77:03:e2:4e:27:35:cb:a0:37:02:9b:d4:59:29:23:08:a6:d3:
         72:9b:b4:0a:56:8e:17:b0:88:cb:2b:47:16:02:97:25:25:57:
         3e:a2:a9:7c:ae:08:aa:fb:9b:58:c8:b8:4b:2d:ed:9d:a8:40:
         95:b4:93:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+ONynBIm17i7UJRmRLaSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI1MGEzMzhmOWE5ZTM1MDg4OGIyZThkYjlhMzg2OTZkNWU5ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN+wn3kau0Q0nVAkcSReaVw6j4sR
IFbZ85stdSbX/XXbc0thhAiQL3t2px535lO/OPJTmfmvEIy93Ln/GauN8nMxlUxK
omRG1TsSyohXqVYZma9DgupA6enA41HkvJxJ5PFQV0guHgNnf9m+nlEHWVJ5SKxt
zYQbQwIg35Cm2BBlvJJmW0vCWyg6xFku5dlwWEPuRwzItQeemqvd12U02ziXP64N
CbTq4pYvkbsSu4Y+6yQwxEzgAor2LQvAa8qSBRt3SOCnhWwQAmXz9HxLDWBw7qT/
/90/JoQlUBjBezjXSxtY3wAXE41cVc4APisI1R9sBrKun8ZOhXlwiDxWfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIlCjOPmp41CIiy6NuaOGltXp3RMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvTWlVS000LWFualVJaUxMbzI1bzRhVzFlbmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVZRMA0G
CSqGSIb3DQEBCwUAA4IBAQCcuVGxlGBYU3uhbiCFDHydDoCoJObBpQiZYomPdXHE
yTe/cIJRcrhclokhqDs/NamAzBX8YKPo3MuBNN3OCwtl5EW3a90QVHfE/NwDn3ez
ep03X1OGyGTfraKVFqootct8zgDh/j+wOGY6Fu9htZ3OiWsQddJzA0WhMMp2PHek
T40lZ4A4DTr4zmFuQHU7UaZk+ZFbAxf6uT4vvHil/7j9aK8fEpfyaInDffebsE+n
wztLhlgXRTH6lxQSH9GFs/dn6MudKud3A+JOJzXLoDcCm9RZKSMIptNym7QKVo4X
sIjLK0cWApclJVc+oql8rgiq+5tYyLhLLe2dqECVtJO9
-----END CERTIFICATE-----