This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/PzKWoUJeFLqjUWS7LgF4BdwM7PI.roa
File:                     PzKWoUJeFLqjUWS7LgF4BdwM7PI.roa (raw, json)
Hash identifier:          OsmHic4Ai/0j0JqDsk2Y5rGOjUKPGoeMip/8Vo2h1CM=
Subject key identifier:   3F:32:96:A1:42:5E:14:BA:A3:51:64:BB:2E:01:78:05:DC:0C:EC:F2
Certificate issuer:       /CN=bab232c1d72dc1cabbda16c870ec941d458a9fdc
Certificate serial:       019B7EA74A9CD0AF7D573D7FD5F18AC534DE
Authority key identifier: BA:B2:32:C1:D7:2D:C1:CA:BB:DA:16:C8:70:EC:94:1D:45:8A:9F:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/PzKWoUJeFLqjUWS7LgF4BdwM7PI.roa
Signing time:             Fri 02 Jan 2026 12:20:51 +0000
ROA not before:           Fri 02 Jan 2026 12:20:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     14618
IP address blocks:        185.214.82.0/24 maxlen: 24
                          185.214.83.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 Jan 2026 18:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a7:4a:9c:d0:af:7d:57:3d:7f:d5:f1:8a:c5:34:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab232c1d72dc1cabbda16c870ec941d458a9fdc
        Validity
            Not Before: Jan  2 12:20:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3f3296a1425e14baa35164bb2e017805dc0cecf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:06:23:f9:2b:79:01:a8:87:e2:25:d7:3f:c5:
                    92:17:ce:a9:d0:af:78:6f:e3:8b:7e:6c:b3:9d:04:
                    62:48:e7:dd:20:59:85:eb:15:d9:41:38:d5:14:d2:
                    48:e7:4d:8c:44:08:51:90:29:4c:e0:36:29:e4:50:
                    8c:5c:d4:4b:45:81:ba:5d:7f:7d:ae:d9:e0:47:f3:
                    dc:ba:e6:70:bd:04:b9:73:fd:46:a9:c0:30:55:da:
                    bc:5c:3c:40:a8:34:62:6d:77:ae:04:74:15:03:88:
                    52:8f:b6:80:61:5e:9a:b1:30:52:88:c4:be:43:30:
                    b9:26:d5:8a:91:a5:be:8c:b4:3c:87:1b:5c:be:ae:
                    6d:7b:01:84:4c:fd:81:cc:89:7b:10:12:a1:aa:9e:
                    c6:71:e4:5c:ba:2f:4d:f4:98:7c:4d:ba:86:4c:4c:
                    a6:b8:66:39:ca:0e:ba:f7:ca:eb:3a:46:c0:3e:39:
                    8d:1d:48:1c:a2:ea:3c:2c:0d:18:1b:63:36:79:53:
                    b3:58:25:46:77:1d:29:1c:b0:5a:ac:af:98:86:ca:
                    12:22:28:62:5c:c5:bf:f5:97:0e:9e:95:dc:f4:f4:
                    ef:e6:8e:f7:30:69:00:bf:56:82:14:92:ba:1b:bf:
                    8e:46:44:68:75:3e:95:93:00:23:10:73:73:96:ce:
                    9f:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:32:96:A1:42:5E:14:BA:A3:51:64:BB:2E:01:78:05:DC:0C:EC:F2
            X509v3 Authority Key Identifier:
                keyid:BA:B2:32:C1:D7:2D:C1:CA:BB:DA:16:C8:70:EC:94:1D:45:8A:9F:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urIywdctwcq72hbIcOyUHUWKn9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/PzKWoUJeFLqjUWS7LgF4BdwM7PI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/795774-fb9e-413f-9f70-7d3efb4a6a7f/1/urIywdctwcq72hbIcOyUHUWKn9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:c5:ee:7d:b4:8b:43:78:f9:f0:99:f7:47:7f:44:ee:6f:8b:
         11:4a:e1:4b:70:ca:4d:08:3d:ab:8e:cf:a8:f8:88:4d:c0:ab:
         d1:3f:a9:65:6c:3b:5a:fd:9b:54:74:ff:f3:28:e8:ea:bb:71:
         42:0b:7d:54:96:14:67:8a:25:91:bc:f1:d8:73:78:26:50:f6:
         f5:06:5f:eb:ec:d5:9d:48:d5:6f:06:96:41:01:5f:82:06:c9:
         07:cd:93:98:7f:b9:f0:7b:50:94:37:ef:82:a8:49:02:ce:1e:
         fe:ad:2e:79:5f:62:a3:2a:d0:7f:da:dd:cb:79:ad:fb:6d:07:
         76:69:3f:00:d1:af:06:9c:7c:ef:4b:92:72:eb:a7:ae:d0:ba:
         a3:66:61:a6:2b:d6:f1:66:01:7e:56:0d:e3:02:30:bb:57:98:
         aa:a7:e8:b8:74:0a:00:84:74:98:53:13:66:58:e3:88:7f:bd:
         83:0d:a2:0b:d2:59:03:8d:47:dd:65:ca:92:af:23:31:cc:e8:
         55:c7:4d:3f:62:6c:97:2b:d8:c5:c1:e5:f7:e8:8a:df:7a:dc:
         d8:b2:12:1d:dd:b8:5b:b1:9f:77:d1:99:0c:5f:7d:10:fb:6f:
         1b:57:bd:db:5f:be:79:4d:66:c8:b5:58:97:22:b1:8e:2c:13:
         f9:23:7b:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+p0qc0K99Vz1/1fGKxTTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjIzMmMxZDcyZGMxY2FiYmRhMTZjODcwZWM5NDFkNDU4
YTlmZGMwHhcNMjYwMTAyMTIyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjMyOTZhMTQyNWUxNGJhYTM1MTY0YmIyZTAxNzgwNWRjMGNlY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQYj+St5AaiH4iXXP8WSF86p0K94
b+OLfmyznQRiSOfdIFmF6xXZQTjVFNJI502MRAhRkClM4DYp5FCMXNRLRYG6XX99
rtngR/PcuuZwvQS5c/1GqcAwVdq8XDxAqDRibXeuBHQVA4hSj7aAYV6asTBSiMS+
QzC5JtWKkaW+jLQ8hxtcvq5tewGETP2BzIl7EBKhqp7GceRcui9N9Jh8TbqGTEym
uGY5yg6698rrOkbAPjmNHUgcouo8LA0YG2M2eVOzWCVGdx0pHLBarK+YhsoSIihi
XMW/9ZcOnpXc9PTv5o73MGkAv1aCFJK6G7+ORkRodT6VkwAjEHNzls6f9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8ylqFCXhS6o1Fkuy4BeAXcDOzyMB8GA1UdIwQY
MBaAFLqyMsHXLcHKu9oWyHDslB1Fip/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJJeXdkY3R3Y3E3MmhiSWNPeVVIVVdLbjl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83OTU3NzQtZmI5ZS00MTNmLTlmNzAt
N2QzZWZiNGE2YTdmLzEvUHpLV29VSmVGTHFqVVdTN0xnRjRCZHdNN1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83OTU3NzQtZmI5ZS00MTNmLTlmNzAtN2QzZWZiNGE2YTdm
LzEvdXJJeXdkY3R3Y3E3MmhiSWNPeVVIVVdLbjl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudZSMA0G
CSqGSIb3DQEBCwUAA4IBAQB9xe59tItDePnwmfdHf0Tub4sRSuFLcMpNCD2rjs+o
+IhNwKvRP6llbDta/ZtUdP/zKOjqu3FCC31UlhRniiWRvPHYc3gmUPb1Bl/r7NWd
SNVvBpZBAV+CBskHzZOYf7nwe1CUN++CqEkCzh7+rS55X2KjKtB/2t3Lea37bQd2
aT8A0a8GnHzvS5Jy66eu0LqjZmGmK9bxZgF+Vg3jAjC7V5iqp+i4dAoAhHSYUxNm
WOOIf72DDaIL0lkDjUfdZcqSryMxzOhVx00/YmyXK9jFweX36IrfetzYshId3bhb
sZ930ZkMX30Q+28bV73bX755TWbItViXIrGOLBP5I3vp
-----END CERTIFICATE-----