This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/5NyfZtZq8I_a22w9fqIDYQ8J3zo.roa
File:                     5NyfZtZq8I_a22w9fqIDYQ8J3zo.roa (raw, json)
Hash identifier:          ZXAkN8Owpsubs84/gjn1dQB9OdgtJ+vDayAhe4jgKik=
Subject key identifier:   E4:DC:9F:66:D6:6A:F0:8F:DA:DB:6C:3D:7E:A2:03:61:0F:09:DF:3A
Certificate issuer:       /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial:       019B7835446F763B775DAEDE118A1C024EF2
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/5NyfZtZq8I_a22w9fqIDYQ8J3zo.roa
Signing time:             Thu 01 Jan 2026 06:18:35 +0000
ROA not before:           Thu 01 Jan 2026 06:18:35 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207713
IP address blocks:        83.217.11.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 21:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:44:6f:76:3b:77:5d:ae:de:11:8a:1c:02:4e:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
        Validity
            Not Before: Jan  1 06:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e4dc9f66d66af08fdadb6c3d7ea203610f09df3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:96:0f:b5:ed:06:17:2f:1f:80:dd:b6:56:39:
                    38:f5:3d:07:5d:57:1f:23:94:7d:cc:59:f2:68:71:
                    ab:e5:c0:ee:96:71:7f:cd:37:23:d2:3f:75:b0:12:
                    19:2d:af:78:68:53:18:f9:6d:32:6b:42:99:e6:99:
                    d3:a0:f5:14:33:96:90:0a:2d:cd:40:33:bb:9b:e3:
                    43:71:5a:2b:fb:e8:8f:d8:73:10:96:28:a9:24:98:
                    c5:fe:71:ba:ea:70:8f:37:88:63:df:4b:59:ec:84:
                    ac:4c:49:51:15:c6:c4:f6:da:98:40:98:c2:a9:62:
                    cc:5a:0e:46:ae:b6:67:a6:bf:c2:b4:a4:8b:f8:a8:
                    1c:02:6e:56:b2:7a:16:bb:c5:05:0b:c4:fe:f7:ab:
                    41:59:5b:0e:e8:b9:dd:36:9b:ce:3f:ef:ba:b6:87:
                    f9:e1:3b:c2:05:6d:d2:00:64:b3:b3:0e:87:20:a5:
                    ca:7f:67:9a:72:34:e0:6d:9d:4e:e8:4c:f1:1d:04:
                    32:1d:76:b3:af:49:b3:c7:52:9a:1d:bf:12:fd:70:
                    22:6d:0b:c7:57:1b:fd:98:fa:6a:8f:78:4b:13:84:
                    71:a0:5b:31:7a:3d:a5:bc:5d:08:ec:c1:97:b5:ab:
                    ca:e6:a0:86:59:21:01:63:4d:84:a6:19:88:6c:e7:
                    49:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:DC:9F:66:D6:6A:F0:8F:DA:DB:6C:3D:7E:A2:03:61:0F:09:DF:3A
            X509v3 Authority Key Identifier:
                keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/5NyfZtZq8I_a22w9fqIDYQ8J3zo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.217.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:e1:26:83:84:da:7e:d4:2f:6f:f0:6f:5f:13:44:63:7e:6d:
         6c:9e:f3:f1:0f:f4:de:35:6c:50:fb:3d:a3:46:97:74:cd:01:
         bc:27:63:75:66:0e:1b:59:16:e8:ab:3f:0c:41:93:15:02:c8:
         58:ee:43:1e:a3:ee:56:15:bd:3f:12:76:64:e0:bb:3c:fa:aa:
         da:cd:ac:04:32:fb:48:08:4c:f0:0a:1a:92:8a:db:a0:e1:5a:
         1e:c1:89:53:fb:12:c2:3c:ec:53:26:d4:36:52:e8:16:50:2a:
         22:00:29:21:23:86:c7:7f:26:b9:21:77:fd:80:39:81:3e:29:
         71:54:71:76:bd:ec:c2:bf:1e:97:b2:1a:1b:be:09:c6:0e:63:
         c8:69:9b:87:e9:af:6a:fc:ca:0b:eb:fd:eb:75:a9:71:00:e7:
         7c:e0:d1:97:16:88:13:e1:98:a5:26:bb:24:1c:3d:8b:ab:2b:
         32:e1:ca:1a:19:d7:1e:dc:43:15:77:64:0e:cf:03:b6:04:56:
         31:b4:39:30:ee:af:43:84:d7:da:1c:03:26:12:33:b0:58:17:
         8b:7f:7d:41:0c:b7:7c:a1:f5:cf:74:4b:71:61:28:4b:cf:a1:
         54:84:53:e2:57:f6:e7:9a:59:5c:a1:d5:70:93:aa:62:a0:44:
         48:0a:c4:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NURvdjt3Xa7eEYocAk7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDBiNjk0YmJhMDk1MzQ0ZTRiZGI5OWY1MWUxZjEwMjNi
ZTU3Y2UwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjOWY2NmQ2NmFmMDhmZGFkYjZjM2Q3ZWEyMDM2MTBmMDlkZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JYPte0GFy8fgN22Vjk49T0HXVcf
I5R9zFnyaHGr5cDulnF/zTcj0j91sBIZLa94aFMY+W0ya0KZ5pnToPUUM5aQCi3N
QDO7m+NDcVor++iP2HMQliipJJjF/nG66nCPN4hj30tZ7ISsTElRFcbE9tqYQJjC
qWLMWg5GrrZnpr/CtKSL+KgcAm5WsnoWu8UFC8T+96tBWVsO6LndNpvOP++6tof5
4TvCBW3SAGSzsw6HIKXKf2eacjTgbZ1O6EzxHQQyHXazr0mzx1KaHb8S/XAibQvH
Vxv9mPpqj3hLE4RxoFsxej2lvF0I7MGXtavK5qCGWSEBY02EphmIbOdJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTcn2bWavCP2ttsPX6iA2EPCd86MB8GA1UdIwQY
MBaAFClAtpS7oJU0TkvbmfUeHxAjvlfOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzIt
MjdjMWEzNTk3NmRlLzEvNU55Zlp0WnE4SV9hMjJ3OWZxSURZUThKM3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzItMjdjMWEzNTk3NmRl
LzEvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU9kLMA0G
CSqGSIb3DQEBCwUAA4IBAQCi4SaDhNp+1C9v8G9fE0Rjfm1snvPxD/TeNWxQ+z2j
Rpd0zQG8J2N1Zg4bWRboqz8MQZMVAshY7kMeo+5WFb0/EnZk4Ls8+qrazawEMvtI
CEzwChqSitug4VoewYlT+xLCPOxTJtQ2UugWUCoiACkhI4bHfya5IXf9gDmBPilx
VHF2vezCvx6XshobvgnGDmPIaZuH6a9q/MoL6/3rdalxAOd84NGXFogT4ZilJrsk
HD2Lqysy4coaGdce3EMVd2QOzwO2BFYxtDkw7q9DhNfaHAMmEjOwWBeLf31BDLd8
ofXPdEtxYShLz6FUhFPiV/bnmllcodVwk6pioERICsSv
-----END CERTIFICATE-----