This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/Vgk0gI2zqL5WXJFX_4UqLzu-E_0.roa
File:                     Vgk0gI2zqL5WXJFX_4UqLzu-E_0.roa (raw, json)
Hash identifier:          NgETn4NiYLdRNXpGtkv1SUgAR+9lJYvf3neTvpj+QGU=
Subject key identifier:   56:09:34:80:8D:B3:A8:BE:56:5C:91:57:FF:85:2A:2F:3B:BE:13:FD
Certificate issuer:       /CN=726b350e9f4f1259e2f9c609b22e65fbd186206b
Certificate serial:       019B77C6DE75CD845D9E386CCE7F08959CA9
Authority key identifier: 72:6B:35:0E:9F:4F:12:59:E2:F9:C6:09:B2:2E:65:FB:D1:86:20:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/Vgk0gI2zqL5WXJFX_4UqLzu-E_0.roa
Signing time:             Thu 01 Jan 2026 04:18:00 +0000
ROA not before:           Thu 01 Jan 2026 04:18:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     30781
IP address blocks:        149.232.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:de:75:cd:84:5d:9e:38:6c:ce:7f:08:95:9c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=726b350e9f4f1259e2f9c609b22e65fbd186206b
        Validity
            Not Before: Jan  1 04:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=560934808db3a8be565c9157ff852a2f3bbe13fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:be:1c:d8:6b:5a:c1:ae:84:c4:23:1e:33:4f:
                    0f:a9:6e:9e:7d:5c:2b:32:9e:9e:1e:40:61:51:51:
                    9d:8f:3c:1f:cc:15:a7:76:e0:78:d0:d7:91:90:bd:
                    17:43:04:9e:1a:42:c8:b0:22:7d:65:53:db:51:91:
                    53:43:71:cf:5f:1d:a9:ca:e6:f7:a9:bd:b5:09:89:
                    78:06:96:be:5d:98:a1:49:a9:d0:36:58:dc:63:fd:
                    91:b9:78:99:e8:34:5f:a1:f1:91:c0:9e:83:7a:dc:
                    38:fc:d8:a4:75:b8:e7:a5:77:62:bb:16:9e:bd:23:
                    f4:05:d7:82:91:df:81:d6:d9:3b:17:72:05:8a:51:
                    32:6c:b6:42:67:9e:91:20:9d:71:cc:9f:5f:54:dc:
                    44:ed:9d:af:ab:45:18:24:b4:2d:a7:ba:48:2c:1f:
                    1b:00:74:6f:ad:1b:8f:3a:5f:97:a4:ee:fd:f8:6a:
                    ed:d2:b5:79:a8:c1:91:1a:25:8d:51:e3:88:d1:90:
                    c0:6f:53:ea:8e:eb:a9:de:74:97:17:c0:56:7a:68:
                    0a:74:46:92:2b:72:58:64:10:a2:5e:e0:3a:e5:03:
                    78:17:56:e3:95:7d:a1:86:c6:6d:ec:22:c4:5a:75:
                    99:15:4b:23:4f:49:b1:c1:4f:a3:c5:85:46:8e:ab:
                    d8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:09:34:80:8D:B3:A8:BE:56:5C:91:57:FF:85:2A:2F:3B:BE:13:FD
            X509v3 Authority Key Identifier:
                keyid:72:6B:35:0E:9F:4F:12:59:E2:F9:C6:09:B2:2E:65:FB:D1:86:20:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/Vgk0gI2zqL5WXJFX_4UqLzu-E_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.232.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:8d:82:8e:12:1f:02:79:d8:64:fd:c6:67:56:8b:61:3b:42:
         6e:e3:c7:4e:68:58:74:71:dc:78:9b:d5:e6:6a:a8:24:1d:d8:
         81:75:0f:d3:e1:2e:cb:ac:19:1e:4d:bc:2c:02:3f:7e:90:d7:
         8d:a5:cc:f7:d4:75:cf:81:1e:d4:d1:59:3c:5a:a3:0e:ee:c2:
         cc:67:03:ef:75:20:19:df:ea:ac:a9:1f:0b:39:be:66:ce:e7:
         52:05:56:c1:e6:ba:0a:82:9a:9b:9f:3f:2e:3d:e9:a1:97:0e:
         9b:76:05:22:18:9c:e2:86:82:a8:29:cc:e8:68:13:cc:db:8f:
         a3:d2:11:60:16:30:68:12:21:ec:3c:c9:af:8b:0a:1e:dc:a2:
         18:49:6e:eb:2d:35:73:32:23:0c:b6:3a:42:ae:d2:23:86:f8:
         0e:9a:85:b7:26:de:a3:89:d2:97:ee:2f:51:c4:80:6f:73:35:
         41:68:70:2f:de:af:8d:ab:15:e0:25:e6:72:14:5a:49:13:09:
         68:f4:72:1b:5c:23:b7:ea:41:d4:64:a9:07:fa:3d:21:10:f8:
         d1:4d:5a:88:e7:da:b3:70:68:c7:52:64:11:0c:8b:50:b2:31:
         5c:6f:f2:cd:ab:48:97:62:51:90:34:a7:ab:44:e9:12:39:b3:
         a9:f6:88:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xt51zYRdnjhszn8IlZypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmIzNTBlOWY0ZjEyNTllMmY5YzYwOWIyMmU2NWZiZDE4
NjIwNmIwHhcNMjYwMTAxMDQxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA5MzQ4MDhkYjNhOGJlNTY1YzkxNTdmZjg1MmEyZjNiYmUxM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL4c2Gtawa6ExCMeM08PqW6efVwr
Mp6eHkBhUVGdjzwfzBWnduB40NeRkL0XQwSeGkLIsCJ9ZVPbUZFTQ3HPXx2pyub3
qb21CYl4Bpa+XZihSanQNljcY/2RuXiZ6DRfofGRwJ6Detw4/NikdbjnpXdiuxae
vSP0BdeCkd+B1tk7F3IFilEybLZCZ56RIJ1xzJ9fVNxE7Z2vq0UYJLQtp7pILB8b
AHRvrRuPOl+XpO79+Grt0rV5qMGRGiWNUeOI0ZDAb1Pqjuup3nSXF8BWemgKdEaS
K3JYZBCiXuA65QN4F1bjlX2hhsZt7CLEWnWZFUsjT0mxwU+jxYVGjqvYDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYJNICNs6i+VlyRV/+FKi87vhP9MB8GA1UdIwQY
MBaAFHJrNQ6fTxJZ4vnGCbIuZfvRhiBrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21zMURwOVBFbG5pLWNZSnNpNWwtOUdHSUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80NzdjODYtYzdkNi00ZTM3LWJmZjYt
YTAwNzJiYWM5ZjQ4LzEvVmdrMGdJMnpxTDVXWEpGWF80VXFMenUtRV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80NzdjODYtYzdkNi00ZTM3LWJmZjYtYTAwNzJiYWM5ZjQ4
LzEvY21zMURwOVBFbG5pLWNZSnNpNWwtOUdHSUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlei8MA0G
CSqGSIb3DQEBCwUAA4IBAQAijYKOEh8Cedhk/cZnVothO0Ju48dOaFh0cdx4m9Xm
aqgkHdiBdQ/T4S7LrBkeTbwsAj9+kNeNpcz31HXPgR7U0Vk8WqMO7sLMZwPvdSAZ
3+qsqR8LOb5mzudSBVbB5roKgpqbnz8uPemhlw6bdgUiGJzihoKoKczoaBPM24+j
0hFgFjBoEiHsPMmviwoe3KIYSW7rLTVzMiMMtjpCrtIjhvgOmoW3Jt6jidKX7i9R
xIBvczVBaHAv3q+NqxXgJeZyFFpJEwlo9HIbXCO36kHUZKkH+j0hEPjRTVqI59qz
cGjHUmQRDItQsjFcb/LNq0iXYlGQNKerROkSObOp9ohi
-----END CERTIFICATE-----