This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/VGyi3_XM7fe5glWnkMXs_96XfgY.roa
File:                     VGyi3_XM7fe5glWnkMXs_96XfgY.roa (raw, json)
Hash identifier:          5b1Wuvrw9UByaw3AW1uJ5o3W+F06ZtJx4zNpuEiuZ3Q=
Subject key identifier:   54:6C:A2:DF:F5:CC:ED:F7:B9:82:55:A7:90:C5:EC:FF:DE:97:7E:06
Certificate issuer:       /CN=72e12a3876ff7bd00d9d9ebb972ab1e621ea1e8d
Certificate serial:       019B7CEE1673E6E1DFBE0410C684DE2EBDD4
Authority key identifier: 72:E1:2A:38:76:FF:7B:D0:0D:9D:9E:BB:97:2A:B1:E6:21:EA:1E:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cuEqOHb_e9ANnZ67lyqx5iHqHo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/VGyi3_XM7fe5glWnkMXs_96XfgY.roa
Signing time:             Fri 02 Jan 2026 04:18:56 +0000
ROA not before:           Fri 02 Jan 2026 04:18:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     12414
IP address blocks:        91.235.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/cuEqOHb_e9ANnZ67lyqx5iHqHo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/cuEqOHb_e9ANnZ67lyqx5iHqHo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cuEqOHb_e9ANnZ67lyqx5iHqHo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ee:16:73:e6:e1:df:be:04:10:c6:84:de:2e:bd:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72e12a3876ff7bd00d9d9ebb972ab1e621ea1e8d
        Validity
            Not Before: Jan  2 04:18:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=546ca2dff5ccedf7b98255a790c5ecffde977e06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c6:ba:9f:f4:46:20:05:bb:33:50:9b:aa:56:
                    29:50:99:48:99:9d:15:cb:2f:9d:c4:75:6c:e3:9e:
                    5e:28:c8:18:e2:c6:36:fd:2d:d5:7b:84:ee:11:01:
                    85:32:51:46:8a:f8:e3:d7:60:49:a3:2d:7a:da:bb:
                    6a:bf:c7:dd:33:b7:08:a5:34:1f:dc:0f:10:b6:e7:
                    cc:17:79:60:e9:8a:24:c6:31:7a:06:0e:a8:c1:c3:
                    a4:8e:b8:66:e9:9b:d9:5e:46:86:7d:57:45:88:59:
                    2b:a3:df:7c:08:b5:99:ba:be:15:74:22:52:b5:2f:
                    3f:38:aa:29:91:a0:0e:b2:a7:c1:b9:fb:7d:4c:6c:
                    1c:ed:0b:d1:45:35:fe:79:e2:ff:09:ba:9b:73:28:
                    cb:19:7d:c3:3d:b6:0b:7c:c5:19:12:50:a5:af:d7:
                    ec:db:e5:cb:20:ac:1c:79:c4:f9:16:9d:27:c9:3b:
                    bd:e6:a2:90:3e:92:3f:57:f3:0e:be:48:07:00:97:
                    20:8f:9b:07:b2:a8:cc:38:90:77:4f:9e:56:bf:71:
                    25:83:e5:05:f7:03:3a:88:e8:de:75:9e:93:10:43:
                    f5:db:c0:00:2e:94:f5:57:bc:06:4f:2f:19:12:28:
                    e8:12:4c:a0:f5:38:35:f7:34:b0:78:3d:2a:80:75:
                    dd:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:6C:A2:DF:F5:CC:ED:F7:B9:82:55:A7:90:C5:EC:FF:DE:97:7E:06
            X509v3 Authority Key Identifier:
                keyid:72:E1:2A:38:76:FF:7B:D0:0D:9D:9E:BB:97:2A:B1:E6:21:EA:1E:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuEqOHb_e9ANnZ67lyqx5iHqHo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/VGyi3_XM7fe5glWnkMXs_96XfgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/cuEqOHb_e9ANnZ67lyqx5iHqHo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:29:c1:bd:e4:60:60:90:6f:de:53:43:6e:5a:fa:53:8f:93:
         b9:14:2d:59:0c:2e:d7:59:4e:85:96:b0:56:df:65:9f:3f:b8:
         a8:ef:27:a2:bd:cd:08:60:b1:06:92:ab:e0:99:3e:84:75:c7:
         8b:47:e2:0f:46:00:54:c0:58:59:1e:40:fc:9d:4c:0d:d2:f8:
         6a:36:d4:ea:7f:79:9f:c3:76:c0:53:e4:23:0f:a4:55:1d:e6:
         a3:32:3a:11:69:e9:6f:8e:80:36:6f:b2:5a:ba:54:90:58:a9:
         61:07:11:a4:1b:4e:57:b9:cf:0b:97:1a:aa:a3:8a:0a:e5:3a:
         15:e9:d6:95:17:9c:2e:17:62:33:33:d6:0a:25:b1:71:f7:66:
         15:8b:d2:6d:26:09:5c:77:30:a5:b5:3a:5b:41:c6:41:f0:c7:
         e5:79:10:a7:cc:a3:73:7e:e5:57:d8:c0:20:5d:d6:f5:15:3b:
         5c:dc:6a:94:ce:88:69:6a:02:6c:1b:8f:d2:d6:39:2c:32:a0:
         36:ce:d6:0c:60:8a:95:62:cb:74:03:0d:95:74:74:06:6e:72:
         b6:41:29:f1:0d:90:23:17:1a:25:49:3c:b3:f2:13:c9:46:b6:
         cd:5e:67:cc:49:0d:81:84:51:86:cf:2d:72:10:b1:23:f9:0a:
         c9:7b:57:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87hZz5uHfvgQQxoTeLr3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTEyYTM4NzZmZjdiZDAwZDlkOWViYjk3MmFiMWU2MjFl
YTFlOGQwHhcNMjYwMTAyMDQxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZjYTJkZmY1Y2NlZGY3Yjk4MjU1YTc5MGM1ZWNmZmRlOTc3ZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmca6n/RGIAW7M1CbqlYpUJlImZ0V
yy+dxHVs455eKMgY4sY2/S3Ve4TuEQGFMlFGivjj12BJoy162rtqv8fdM7cIpTQf
3A8QtufMF3lg6YokxjF6Bg6owcOkjrhm6ZvZXkaGfVdFiFkro998CLWZur4VdCJS
tS8/OKopkaAOsqfBuft9TGwc7QvRRTX+eeL/CbqbcyjLGX3DPbYLfMUZElClr9fs
2+XLIKwcecT5Fp0nyTu95qKQPpI/V/MOvkgHAJcgj5sHsqjMOJB3T55Wv3Elg+UF
9wM6iOjedZ6TEEP128AALpT1V7wGTy8ZEijoEkyg9Tg19zSweD0qgHXdNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRsot/1zO33uYJVp5DF7P/el34GMB8GA1UdIwQY
MBaAFHLhKjh2/3vQDZ2eu5cqseYh6h6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VFcU9IYl9lOUFOblo2N2x5cXg1aUhxSG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZmFhMjQtZjA4Ni00YjQ4LWIxYmQt
NDU1MjdlOGU0NGQyLzEvVkd5aTNfWE03ZmU1Z2xXbmtNWHNfOTZYZmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZmFhMjQtZjA4Ni00YjQ4LWIxYmQtNDU1MjdlOGU0NGQy
LzEvY3VFcU9IYl9lOUFOblo2N2x5cXg1aUhxSG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+vtMA0G
CSqGSIb3DQEBCwUAA4IBAQB3KcG95GBgkG/eU0NuWvpTj5O5FC1ZDC7XWU6FlrBW
32WfP7io7yeivc0IYLEGkqvgmT6EdceLR+IPRgBUwFhZHkD8nUwN0vhqNtTqf3mf
w3bAU+QjD6RVHeajMjoRaelvjoA2b7JaulSQWKlhBxGkG05Xuc8Llxqqo4oK5ToV
6daVF5wuF2IzM9YKJbFx92YVi9JtJglcdzCltTpbQcZB8MfleRCnzKNzfuVX2MAg
Xdb1FTtc3GqUzohpagJsG4/S1jksMqA2ztYMYIqVYst0Aw2VdHQGbnK2QSnxDZAj
FxolSTyz8hPJRrbNXmfMSQ2BhFGGzy1yELEj+QrJe1fx
-----END CERTIFICATE-----