This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yV2oMTPDTm1TWEpu2kD5QAemRu0.roa
File:                     yV2oMTPDTm1TWEpu2kD5QAemRu0.roa (raw, json)
Hash identifier:          sM2rCmqU4pO3UwoNbds8BRoQEXTCg3X6py2M7iBaZ3w=
Subject key identifier:   C9:5D:A8:31:33:C3:4E:6D:53:58:4A:6E:DA:40:F9:40:07:A6:46:ED
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       019B7B36BE2E9E8070EFE67DB47FEA9DB910
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yV2oMTPDTm1TWEpu2kD5QAemRu0.roa
Signing time:             Thu 01 Jan 2026 20:19:03 +0000
ROA not before:           Thu 01 Jan 2026 20:19:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42831
IP address blocks:        185.226.180.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:be:2e:9e:80:70:ef:e6:7d:b4:7f:ea:9d:b9:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jan  1 20:19:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c95da83133c34e6d53584a6eda40f94007a646ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8d:d5:47:dd:83:60:9d:19:30:ac:ac:83:dd:
                    46:72:6b:1b:59:89:0b:0a:1c:89:06:34:e3:6c:4b:
                    c2:ad:ad:0e:b9:07:54:fa:6b:40:cf:e4:d6:5b:d0:
                    75:f4:e8:59:56:37:fe:4a:fa:30:9d:8e:25:bf:2a:
                    fa:9f:1f:06:96:2f:71:ea:bc:5e:2b:b7:55:c1:41:
                    40:bb:78:9f:02:ae:7d:52:db:ba:4e:ad:a6:a1:49:
                    f0:62:ad:e8:b6:ae:13:54:ef:b6:06:76:f4:c7:0f:
                    67:d7:13:07:98:de:da:72:8a:50:e5:97:dd:49:53:
                    77:6b:90:5c:1a:32:30:22:26:6a:b3:a8:3b:eb:b4:
                    0f:09:eb:70:e4:93:9f:f1:dd:f2:68:2d:0e:95:7b:
                    47:0c:f7:4a:a4:1c:d7:6f:df:f3:de:78:c7:6d:dd:
                    39:55:df:50:da:a7:d4:c1:57:43:8f:f9:55:60:4e:
                    da:07:df:b7:8c:aa:56:df:f4:03:c9:7a:ce:dd:58:
                    78:2b:cb:50:2a:11:fb:62:b5:cf:6d:99:ca:fc:83:
                    ad:8d:6e:5e:9c:71:68:0f:51:f3:75:b1:ee:d5:38:
                    ad:de:db:7b:11:70:cd:c9:4b:79:75:2d:5d:07:cc:
                    d3:b2:ce:a2:84:5e:e7:db:b9:c4:02:23:15:cc:7c:
                    d1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:5D:A8:31:33:C3:4E:6D:53:58:4A:6E:DA:40:F9:40:07:A6:46:ED
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yV2oMTPDTm1TWEpu2kD5QAemRu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:8f:80:36:05:7f:f7:8e:1e:3a:5c:4a:d3:c1:35:ce:a3:8d:
         f3:b0:57:f3:7b:ff:3b:23:fd:3c:d1:cd:33:79:35:63:b0:51:
         0c:8c:25:d6:b1:27:71:5a:f0:69:45:82:79:8e:1a:0a:f4:df:
         21:26:ac:2d:ea:e1:7a:62:02:8e:f3:1b:3e:9b:75:2f:9c:0d:
         4b:d4:b5:d0:1c:71:da:2d:2b:dc:1f:8a:2e:35:9e:44:90:29:
         c5:71:0e:ac:4c:d2:dd:e9:d6:65:88:da:4a:a2:ba:70:a3:ee:
         ec:01:ff:8c:77:b3:97:79:0e:22:dc:36:39:9a:08:9b:70:0f:
         c6:4e:94:75:19:62:58:03:82:97:e7:d8:a1:fd:d4:e2:36:b5:
         11:fd:3d:33:29:81:2f:6b:71:b3:4b:ed:9b:9a:9b:de:59:37:
         6f:43:11:99:e2:99:4a:c8:15:63:40:c7:8a:b4:0c:1a:50:6b:
         1b:95:c2:2c:95:b7:bd:bd:35:1c:18:c7:d0:8c:0b:2c:ee:eb:
         8a:4d:41:c9:0a:d3:3d:df:61:88:3f:30:d6:a7:a8:8e:99:f4:
         70:bb:ca:de:26:c7:a0:72:b3:a3:72:3c:da:ac:e6:8d:a7:53:
         14:7f:bd:91:9d:5c:65:28:1b:e9:d5:8d:41:a5:f9:30:55:90:
         91:2c:41:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7Nr4unoBw7+Z9tH/qnbkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjYwMTAxMjAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVkYTgzMTMzYzM0ZTZkNTM1ODRhNmVkYTQwZjk0MDA3YTY0NmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz43VR92DYJ0ZMKysg91GcmsbWYkL
ChyJBjTjbEvCra0OuQdU+mtAz+TWW9B19OhZVjf+SvownY4lvyr6nx8Gli9x6rxe
K7dVwUFAu3ifAq59Utu6Tq2moUnwYq3otq4TVO+2Bnb0xw9n1xMHmN7acopQ5Zfd
SVN3a5BcGjIwIiZqs6g767QPCetw5JOf8d3yaC0OlXtHDPdKpBzXb9/z3njHbd05
Vd9Q2qfUwVdDj/lVYE7aB9+3jKpW3/QDyXrO3Vh4K8tQKhH7YrXPbZnK/IOtjW5e
nHFoD1HzdbHu1Tit3tt7EXDNyUt5dS1dB8zTss6ihF7n27nEAiMVzHzRawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMldqDEzw05tU1hKbtpA+UAHpkbtMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveVYyb01UUERUbTFUV0VwdTJrRDVRQWVtUnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueK0MA0G
CSqGSIb3DQEBCwUAA4IBAQBVj4A2BX/3jh46XErTwTXOo43zsFfze/87I/080c0z
eTVjsFEMjCXWsSdxWvBpRYJ5jhoK9N8hJqwt6uF6YgKO8xs+m3UvnA1L1LXQHHHa
LSvcH4ouNZ5EkCnFcQ6sTNLd6dZliNpKorpwo+7sAf+Md7OXeQ4i3DY5mgibcA/G
TpR1GWJYA4KX59ih/dTiNrUR/T0zKYEva3GzS+2bmpveWTdvQxGZ4plKyBVjQMeK
tAwaUGsblcIslbe9vTUcGMfQjAss7uuKTUHJCtM932GIPzDWp6iOmfRwu8reJseg
crOjcjzarOaNp1MUf72RnVxlKBvp1Y1BpfkwVZCRLEHl
-----END CERTIFICATE-----