This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/DIGCQbMEvX3S2DQ7VERDwaNmPgI.roa
File:                     DIGCQbMEvX3S2DQ7VERDwaNmPgI.roa (raw, json)
Hash identifier:          vrQP6CoSztwA+KPM4HiP9pP5zfEZ7MxF+t1JeC7UBYM=
Subject key identifier:   0C:81:82:41:B3:04:BD:7D:D2:D8:34:3B:54:44:43:C1:A3:66:3E:02
Certificate issuer:       /CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
Certificate serial:       019B7910C65C37074C20A1A47B564397634A
Authority key identifier: 5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/DIGCQbMEvX3S2DQ7VERDwaNmPgI.roa
Signing time:             Thu 01 Jan 2026 10:18:20 +0000
ROA not before:           Thu 01 Jan 2026 10:18:20 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60558
IP address blocks:        83.229.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:c6:5c:37:07:4c:20:a1:a4:7b:56:43:97:63:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
        Validity
            Not Before: Jan  1 10:18:20 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0c818241b304bd7dd2d8343b544443c1a3663e02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fb:60:91:fe:2d:c0:95:5d:8a:c0:18:78:b4:
                    3f:f0:39:84:51:5d:8a:40:cc:b7:7d:b1:84:41:56:
                    e2:ab:01:a8:29:c8:82:f1:79:8e:35:64:6e:1d:d0:
                    f7:58:db:4c:3e:4b:9b:64:fa:65:eb:0a:28:1c:a8:
                    2e:20:94:f3:17:30:54:31:7d:e4:81:73:cc:29:af:
                    74:24:b8:53:12:48:91:e8:e5:c2:c2:6d:46:38:77:
                    45:4f:9a:f4:6e:a3:45:da:df:f7:26:5a:07:57:eb:
                    17:df:c9:13:63:c2:de:c4:8e:00:1e:ef:72:d6:e7:
                    ab:b9:27:92:fb:18:33:25:01:a4:5e:97:be:3e:4c:
                    12:b0:95:c9:8e:88:d4:c0:72:49:56:6a:eb:45:9b:
                    e6:cb:6e:8f:5b:62:74:b4:06:c0:0c:56:81:cb:e4:
                    55:4f:b2:2c:11:4e:40:8c:9f:1d:7a:96:a1:b9:e8:
                    e3:b6:af:1b:df:9d:0c:5e:c2:d6:33:e7:34:c7:27:
                    f9:64:88:5c:e2:e8:fa:b9:8d:50:f2:c2:95:c2:46:
                    07:13:a7:6b:c1:08:3c:78:dc:9e:8e:d5:2e:92:1e:
                    14:46:24:37:2a:af:18:71:4c:44:30:a0:64:82:20:
                    60:c8:17:1f:eb:70:78:03:1c:50:b2:e0:82:ae:25:
                    27:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:81:82:41:B3:04:BD:7D:D2:D8:34:3B:54:44:43:C1:A3:66:3E:02
            X509v3 Authority Key Identifier:
                keyid:5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/DIGCQbMEvX3S2DQ7VERDwaNmPgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.229.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:20:5f:9d:03:e0:41:2f:b8:69:30:18:ec:9f:cb:ec:2b:f0:
         75:0e:f0:d8:ac:83:47:d8:62:69:c6:72:85:08:ec:1a:d3:e8:
         17:4b:ed:af:5f:2e:80:58:e2:ab:98:36:86:a1:87:5a:b4:9d:
         5b:1f:d1:5f:6b:60:01:e6:f0:58:7b:b6:49:1f:37:f8:a5:2f:
         01:7d:a3:e7:2d:c7:31:59:c4:b5:90:5d:8a:aa:19:91:e4:69:
         a1:b5:00:57:cd:be:8a:08:3e:3c:4e:26:f8:9f:37:c2:e3:dd:
         30:29:c8:3a:e4:72:f8:37:7e:ec:ba:1e:b7:b5:7e:90:3c:f9:
         ee:7f:16:bc:d8:a5:0f:2c:a9:e8:1f:a7:59:b3:95:42:d8:c2:
         a6:a9:e3:25:b2:98:10:70:5e:38:22:60:2d:a4:d8:a7:60:d1:
         85:d3:ef:6d:ba:e7:45:55:54:30:9c:30:31:0b:3f:1a:af:64:
         eb:f2:01:4e:c7:85:37:43:a4:71:c6:34:be:5a:c0:bd:2f:9e:
         89:24:04:b1:0b:09:ad:97:77:a3:51:29:0a:43:9b:48:88:40:
         e4:53:c1:86:ac:7e:e7:c4:a1:84:d5:33:83:0a:97:47:ca:44:
         cc:86:1f:54:ba:a7:c9:b7:f3:6d:79:d7:94:b7:06:c2:a9:4c:
         0f:d0:77:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EMZcNwdMIKGke1ZDl2NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNWJmZjlkNDFmNzE5ZjYyNjAwYzMyZDM0MTBkZGI5OWVj
Y2IzMGMwHhcNMjYwMTAxMTAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzgxODI0MWIzMDRiZDdkZDJkODM0M2I1NDQ0NDNjMWEzNjYzZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPtgkf4twJVdisAYeLQ/8DmEUV2K
QMy3fbGEQVbiqwGoKciC8XmONWRuHdD3WNtMPkubZPpl6wooHKguIJTzFzBUMX3k
gXPMKa90JLhTEkiR6OXCwm1GOHdFT5r0bqNF2t/3JloHV+sX38kTY8LexI4AHu9y
1ueruSeS+xgzJQGkXpe+PkwSsJXJjojUwHJJVmrrRZvmy26PW2J0tAbADFaBy+RV
T7IsEU5AjJ8depahuejjtq8b350MXsLWM+c0xyf5ZIhc4uj6uY1Q8sKVwkYHE6dr
wQg8eNyejtUukh4URiQ3Kq8YcUxEMKBkgiBgyBcf63B4AxxQsuCCriUnQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyBgkGzBL190tg0O1REQ8GjZj4CMB8GA1UdIwQY
MBaAFFtb/51B9xn2JgDDLTQQ3bmezLMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEt
ZjBjNjI1OGI5YTA0LzEvRElHQ1FiTUV2WDNTMkRRN1ZFUkR3YU5tUGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEtZjBjNjI1OGI5YTA0
LzEvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU+VkMA0G
CSqGSIb3DQEBCwUAA4IBAQBFIF+dA+BBL7hpMBjsn8vsK/B1DvDYrINH2GJpxnKF
COwa0+gXS+2vXy6AWOKrmDaGoYdatJ1bH9Ffa2AB5vBYe7ZJHzf4pS8BfaPnLccx
WcS1kF2KqhmR5GmhtQBXzb6KCD48Tib4nzfC490wKcg65HL4N37suh63tX6QPPnu
fxa82KUPLKnoH6dZs5VC2MKmqeMlspgQcF44ImAtpNinYNGF0+9tuudFVVQwnDAx
Cz8ar2Tr8gFOx4U3Q6RxxjS+WsC9L56JJASxCwmtl3ejUSkKQ5tIiEDkU8GGrH7n
xKGE1TODCpdHykTMhh9UuqfJt/NtedeUtwbCqUwP0Hc/
-----END CERTIFICATE-----
Generated at Sun Jan 25 22:31:03 2026 by rpki-client