This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/pyzNTgyDpRY88na56omeNzoc2p8.roa
File:                     pyzNTgyDpRY88na56omeNzoc2p8.roa (raw, json)
Hash identifier:          AtQp7azQyTl2ubez83Xz2smb6q4U417Sym3wqe3HC6M=
Subject key identifier:   A7:2C:CD:4E:0C:83:A5:16:3C:F2:76:B9:EA:89:9E:37:3A:1C:DA:9F
Certificate issuer:       /CN=a7a538aac33778460e19701aab5952c7aa25f05c
Certificate serial:       019B7A59D245073ED57DB937ADAC3A88FEC0
Authority key identifier: A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/pyzNTgyDpRY88na56omeNzoc2p8.roa
Signing time:             Thu 01 Jan 2026 16:17:45 +0000
ROA not before:           Thu 01 Jan 2026 16:17:45 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207718
IP address blocks:        194.147.32.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:59:d2:45:07:3e:d5:7d:b9:37:ad:ac:3a:88:fe:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7a538aac33778460e19701aab5952c7aa25f05c
        Validity
            Not Before: Jan  1 16:17:45 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a72ccd4e0c83a5163cf276b9ea899e373a1cda9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:65:36:8d:5f:a2:ad:b4:ee:72:eb:97:08:28:
                    8f:59:77:6d:43:72:6e:e4:bc:5b:73:85:38:61:63:
                    4f:70:15:db:84:51:a7:85:9c:bb:53:28:01:eb:eb:
                    bf:25:83:1b:7d:14:98:f4:95:16:fd:e0:de:9e:dc:
                    c7:07:21:62:fc:b3:2f:ea:10:43:59:47:81:75:b1:
                    87:ff:fa:9f:b6:6a:b4:01:4d:76:a1:5e:ce:db:ef:
                    9b:f5:86:d9:74:92:fa:4e:0f:7a:f7:b2:ec:0b:ac:
                    5a:80:b1:ae:1e:40:45:2d:2e:86:59:1c:ff:73:31:
                    2f:5e:c7:2e:da:a4:e7:fe:b0:09:b8:d7:37:28:4e:
                    2d:94:ac:20:4e:c1:74:63:45:eb:b3:ce:de:15:70:
                    16:4b:a8:56:16:0c:62:2a:f5:17:2d:4e:97:76:46:
                    dd:eb:0c:03:3c:e1:8b:2b:46:be:f2:eb:c1:c7:d4:
                    27:ac:a1:09:74:f6:6d:bf:48:4f:50:11:4b:af:3a:
                    2d:8b:41:34:bf:83:44:6f:63:de:f5:46:27:3f:fd:
                    64:47:93:c6:57:28:96:4a:a2:40:02:25:63:26:a9:
                    54:e4:8c:27:45:29:68:a5:ba:68:61:35:d8:4a:a8:
                    59:09:21:a0:e9:96:b0:a3:bd:08:0c:f1:db:db:ff:
                    42:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:2C:CD:4E:0C:83:A5:16:3C:F2:76:B9:EA:89:9E:37:3A:1C:DA:9F
            X509v3 Authority Key Identifier:
                keyid:A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/pyzNTgyDpRY88na56omeNzoc2p8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:a9:07:c4:66:4c:47:48:9a:5c:ec:71:01:5d:07:d5:e3:d1:
         de:0f:f9:7b:93:9d:43:df:b5:f2:62:28:4d:cf:3d:55:03:b3:
         a6:c2:1e:29:27:a9:d1:35:a9:6b:74:4c:0d:13:cd:d2:b4:15:
         77:2a:0d:88:a1:9f:84:06:a3:b3:52:8b:1b:32:fd:61:80:ba:
         1a:89:f3:71:d8:3b:ff:19:e3:bd:e6:ad:74:7c:e7:72:8d:6a:
         d8:15:c8:c2:a9:b7:89:e4:63:ff:fc:8f:4e:63:00:01:bb:93:
         a8:ae:f0:9a:45:4b:48:fd:da:81:12:cd:a8:a6:bf:58:d8:61:
         c2:04:87:ba:9e:17:14:52:f9:26:d5:89:5d:37:40:52:88:25:
         97:30:fc:ab:9b:1f:67:13:32:58:63:60:07:0e:28:9b:32:65:
         d3:dc:9e:bb:c2:24:28:bd:f3:c3:5f:ec:13:52:3e:25:c3:6c:
         0f:0e:f2:29:8b:63:a8:29:19:a2:dd:37:14:b4:35:90:b9:c5:
         e5:6c:cc:c3:8e:f5:d3:6b:00:84:61:fb:37:67:c3:35:49:cc:
         bd:c9:c7:bc:33:1c:71:19:af:77:28:4f:73:20:05:fc:32:65:
         d6:bd:70:59:85:37:82:fc:90:6f:f4:b2:9a:54:70:7f:32:be:
         ac:19:cb:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6WdJFBz7Vfbk3raw6iP7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTUzOGFhYzMzNzc4NDYwZTE5NzAxYWFiNTk1MmM3YWEy
NWYwNWMwHhcNMjYwMTAxMTYxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJjY2Q0ZTBjODNhNTE2M2NmMjc2YjllYTg5OWUzNzNhMWNkYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumU2jV+irbTucuuXCCiPWXdtQ3Ju
5Lxbc4U4YWNPcBXbhFGnhZy7UygB6+u/JYMbfRSY9JUW/eDentzHByFi/LMv6hBD
WUeBdbGH//qftmq0AU12oV7O2++b9YbZdJL6Tg9697LsC6xagLGuHkBFLS6GWRz/
czEvXscu2qTn/rAJuNc3KE4tlKwgTsF0Y0Xrs87eFXAWS6hWFgxiKvUXLU6Xdkbd
6wwDPOGLK0a+8uvBx9QnrKEJdPZtv0hPUBFLrzoti0E0v4NEb2Pe9UYnP/1kR5PG
VyiWSqJAAiVjJqlU5IwnRSlopbpoYTXYSqhZCSGg6Zawo70IDPHb2/9CCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcszU4Mg6UWPPJ2ueqJnjc6HNqfMB8GA1UdIwQY
MBaAFKelOKrDN3hGDhlwGqtZUseqJfBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEt
ODdiMDEwZWE2MjM1LzEvcHl6TlRneURwUlk4OG5hNTZvbWVOem9jMnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEtODdiMDEwZWE2MjM1
LzEvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpMgMA0G
CSqGSIb3DQEBCwUAA4IBAQCSqQfEZkxHSJpc7HEBXQfV49HeD/l7k51D37XyYihN
zz1VA7Omwh4pJ6nRNalrdEwNE83StBV3Kg2IoZ+EBqOzUosbMv1hgLoaifNx2Dv/
GeO95q10fOdyjWrYFcjCqbeJ5GP//I9OYwABu5OorvCaRUtI/dqBEs2opr9Y2GHC
BIe6nhcUUvkm1YldN0BSiCWXMPyrmx9nEzJYY2AHDiibMmXT3J67wiQovfPDX+wT
Uj4lw2wPDvIpi2OoKRmi3TcUtDWQucXlbMzDjvXTawCEYfs3Z8M1Scy9yce8Mxxx
Ga93KE9zIAX8MmXWvXBZhTeC/JBv9LKaVHB/Mr6sGctH
-----END CERTIFICATE-----