This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yKgJRcCDeIRpL1mVwNonxYPoRz8.roa
File:                     yKgJRcCDeIRpL1mVwNonxYPoRz8.roa (raw, json)
Hash identifier:          hLpBszdQoqdShXcJ+BW7T3YEeYm/ibiCEFlR8rfP2y0=
Subject key identifier:   C8:A8:09:45:C0:83:78:84:69:2F:59:95:C0:DA:27:C5:83:E8:47:3F
Certificate issuer:       /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial:       019B7AC85798A0A75B826956FA4FF55E1DD8
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yKgJRcCDeIRpL1mVwNonxYPoRz8.roa
Signing time:             Thu 01 Jan 2026 18:18:28 +0000
ROA not before:           Thu 01 Jan 2026 18:18:28 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     48266
IP address blocks:        77.111.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 00:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:57:98:a0:a7:5b:82:69:56:fa:4f:f5:5e:1d:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
        Validity
            Not Before: Jan  1 18:18:28 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c8a80945c0837884692f5995c0da27c583e8473f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:95:57:d7:cf:be:e3:52:4d:20:fc:30:47:fd:
                    fc:6c:93:cf:fd:1b:40:68:5d:66:e5:dd:28:f7:5f:
                    d7:46:83:01:db:b1:e6:8c:38:e2:4e:61:01:bb:63:
                    ef:0b:7f:fc:80:49:63:07:bf:72:8d:6e:e7:57:f0:
                    1e:d6:a7:ba:46:d3:b0:f8:4a:19:a2:cd:33:db:63:
                    63:2c:0b:2c:1b:e2:25:31:bb:df:67:81:fa:b6:a2:
                    e5:e0:78:10:6d:5c:ee:90:f9:fd:75:2f:59:47:85:
                    74:2c:61:fc:3e:d6:48:cd:66:7a:6c:2f:33:35:1c:
                    83:ee:de:af:94:af:f6:f1:b5:f9:b6:eb:b7:66:1c:
                    f4:fb:6a:61:98:52:d8:8c:33:5f:72:ec:98:bd:0b:
                    68:ef:79:fc:fb:f0:5d:e6:18:f6:7f:e7:90:04:eb:
                    e6:e6:17:a3:47:f7:95:f6:df:f5:50:8a:07:ed:42:
                    61:de:d0:b3:72:3c:40:7c:ec:3d:e4:5e:f4:96:cd:
                    62:df:08:68:9f:e7:ed:40:7b:27:ab:3e:f7:2f:5b:
                    98:a1:90:2b:7b:35:b6:b4:25:06:b8:de:51:cb:2e:
                    d3:92:ba:3c:ab:3e:c1:d4:2b:1e:1f:77:86:55:ad:
                    15:57:02:11:33:9a:bb:f4:a4:8d:2b:ad:f5:79:79:
                    d7:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:A8:09:45:C0:83:78:84:69:2F:59:95:C0:DA:27:C5:83:E8:47:3F
            X509v3 Authority Key Identifier:
                keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/yKgJRcCDeIRpL1mVwNonxYPoRz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.111.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:c5:f8:c6:03:60:2c:84:ee:51:2c:b8:26:27:18:7a:39:78:
         ad:74:de:e7:1d:75:ae:19:34:41:34:19:46:4c:38:20:b8:35:
         70:34:33:b7:56:3e:0a:c9:cc:da:af:50:2d:65:80:b7:3b:b9:
         6c:a8:c2:50:51:3d:70:66:59:f0:d5:f0:59:6c:bf:5d:37:af:
         9d:9c:f2:62:d3:77:e9:75:66:dc:de:57:66:94:e3:b7:60:03:
         bd:db:19:34:2e:7f:cb:90:d1:ca:40:d9:7b:a2:af:f7:67:a7:
         e3:7d:d9:0d:a7:86:71:a4:3f:46:53:fd:3e:f1:ac:29:9e:17:
         bd:99:80:85:e6:3d:f6:45:78:db:97:3f:d3:29:92:32:b2:94:
         1b:66:a0:66:95:45:87:1f:dd:53:27:70:a5:a4:79:9b:17:10:
         b1:a1:3e:6e:bc:d6:a2:f4:21:1e:2e:f0:52:14:1a:ef:64:c9:
         ca:c9:2f:b2:0e:04:0a:fe:b2:f4:f1:ec:eb:2f:64:fe:c9:f9:
         8d:0b:72:cb:88:6c:d5:07:79:2a:e5:85:05:7d:e5:98:05:ec:
         56:60:7b:95:e3:c2:99:e1:21:2b:e8:e1:ab:c1:40:d6:98:63:
         25:6b:25:f3:9c:53:3b:8e:13:5a:9a:02:a8:60:71:9d:53:a5:
         d0:d2:d1:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yFeYoKdbgmlW+k/1Xh3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMTAxMTgxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE4MDk0NWMwODM3ODg0NjkyZjU5OTVjMGRhMjdjNTgzZTg0NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipVX18++41JNIPwwR/38bJPP/RtA
aF1m5d0o91/XRoMB27HmjDjiTmEBu2PvC3/8gEljB79yjW7nV/Ae1qe6RtOw+EoZ
os0z22NjLAssG+IlMbvfZ4H6tqLl4HgQbVzukPn9dS9ZR4V0LGH8PtZIzWZ6bC8z
NRyD7t6vlK/28bX5tuu3Zhz0+2phmFLYjDNfcuyYvQto73n8+/Bd5hj2f+eQBOvm
5hejR/eV9t/1UIoH7UJh3tCzcjxAfOw95F70ls1i3whon+ftQHsnqz73L1uYoZAr
ezW2tCUGuN5Ryy7Tkro8qz7B1CseH3eGVa0VVwIRM5q79KSNK631eXnXQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMioCUXAg3iEaS9ZlcDaJ8WD6Ec/MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEveUtnSlJjQ0RlSVJwTDFtVndOb254WVBvUno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9kMA0G
CSqGSIb3DQEBCwUAA4IBAQCvxfjGA2AshO5RLLgmJxh6OXitdN7nHXWuGTRBNBlG
TDgguDVwNDO3Vj4Kyczar1AtZYC3O7lsqMJQUT1wZlnw1fBZbL9dN6+dnPJi03fp
dWbc3ldmlOO3YAO92xk0Ln/LkNHKQNl7oq/3Z6fjfdkNp4ZxpD9GU/0+8awpnhe9
mYCF5j32RXjblz/TKZIyspQbZqBmlUWHH91TJ3ClpHmbFxCxoT5uvNai9CEeLvBS
FBrvZMnKyS+yDgQK/rL08ezrL2T+yfmNC3LLiGzVB3kq5YUFfeWYBexWYHuV48KZ
4SEr6OGrwUDWmGMlayXznFM7jhNamgKoYHGdU6XQ0tFq
-----END CERTIFICATE-----