This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/a8AaWDiS4UQ2LtGFO2jk8qzSWtI.roa
File:                     a8AaWDiS4UQ2LtGFO2jk8qzSWtI.roa (raw, json)
Hash identifier:          5jfD1LHJDP9QIkilJcJZM/kpy/io3wphZVfs1+qMFbU=
Subject key identifier:   6B:C0:1A:58:38:92:E1:44:36:2E:D1:85:3B:68:E4:F2:AC:D2:5A:D2
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       019B7758EE6A0EA97EDB26769DA0E6A8399C
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/a8AaWDiS4UQ2LtGFO2jk8qzSWtI.roa
Signing time:             Thu 01 Jan 2026 02:17:55 +0000
ROA not before:           Thu 01 Jan 2026 02:17:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     28732
IP address blocks:        77.65.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 11:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:58:ee:6a:0e:a9:7e:db:26:76:9d:a0:e6:a8:39:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 02:17:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6bc01a583892e144362ed1853b68e4f2acd25ad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:88:4f:00:6d:20:22:55:2e:61:e8:50:53:fe:
                    24:d0:58:80:79:29:75:37:35:05:0c:3d:8a:8c:00:
                    99:10:3b:ac:e2:f6:db:30:7f:e3:5b:f1:13:89:b7:
                    42:0f:37:33:9a:1b:8c:69:b4:72:11:62:1b:d6:b1:
                    aa:83:29:8a:e4:06:dd:f6:c1:23:7d:1e:25:a8:34:
                    bc:0e:68:6c:aa:70:9f:c8:f4:cb:93:02:08:e6:ef:
                    d9:4c:a3:b5:e3:2f:4c:2d:61:f1:4f:91:bb:f7:2d:
                    b3:8b:6e:2f:f9:fc:1b:ff:47:7e:31:05:56:fc:2d:
                    16:25:68:8e:6b:e3:a3:fe:cf:7e:a6:fb:56:e8:f0:
                    83:fe:cd:db:0e:98:a6:08:a4:26:86:b3:1d:67:45:
                    70:50:14:8b:18:98:aa:ee:86:7d:22:13:82:eb:c8:
                    cb:de:fe:4c:88:01:1a:11:93:6d:0d:0d:74:7a:8a:
                    2e:b2:a5:20:1c:ad:07:35:c7:71:d6:ab:59:68:f4:
                    2f:84:a0:af:88:3e:33:1e:7b:f8:79:f0:82:87:5a:
                    55:23:64:60:a0:34:2f:04:03:c7:da:62:0d:dd:55:
                    db:75:eb:26:65:bc:a7:d6:7c:b2:4c:08:3f:df:de:
                    08:81:52:ca:86:60:ed:85:e6:ad:36:8c:59:cf:39:
                    15:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:C0:1A:58:38:92:E1:44:36:2E:D1:85:3B:68:E4:F2:AC:D2:5A:D2
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/a8AaWDiS4UQ2LtGFO2jk8qzSWtI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.65.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:dd:60:60:a2:ee:c0:cb:71:32:bb:e1:9b:a6:91:e3:ca:8e:
         c1:c9:1a:63:2d:d7:05:71:7d:a8:24:30:11:33:49:b0:8c:10:
         57:cd:dc:11:3b:aa:91:6c:cf:4b:b4:88:39:26:6c:81:31:95:
         93:b1:3f:39:fc:fa:d8:29:3d:40:03:47:54:d2:e8:90:e0:8a:
         b7:82:c7:c5:53:81:98:7e:8d:91:df:74:2e:ff:8c:21:21:56:
         12:68:b5:3d:31:20:91:e9:4e:07:3e:77:06:db:58:49:34:d9:
         81:4f:5f:e9:ad:46:d2:a7:9b:7e:5b:74:8a:d2:83:1e:a2:fb:
         4c:a4:27:44:fe:bb:8b:08:82:61:09:c2:a8:6e:ad:69:dd:26:
         f3:87:01:2c:aa:49:f5:f3:ea:49:97:62:5d:ec:67:af:bf:b0:
         6f:c1:4d:d7:0b:fd:9e:6c:46:f3:b8:a7:db:f5:ff:cc:96:99:
         e2:eb:c4:ee:56:b6:d3:74:e6:52:5b:77:36:36:6b:e7:25:fd:
         e8:af:7a:a5:c5:7b:1b:a8:6d:2d:43:07:80:56:80:fe:f1:3e:
         aa:9b:93:93:90:67:b0:be:30:39:fa:9b:b9:6d:42:31:0b:ee:
         a9:c2:91:fa:f4:d8:fe:2c:b2:b9:f2:70:84:87:f5:f4:42:c0:
         99:90:6c:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WO5qDql+2yZ2naDmqDmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjYwMTAxMDIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMwMWE1ODM4OTJlMTQ0MzYyZWQxODUzYjY4ZTRmMmFjZDI1YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxohPAG0gIlUuYehQU/4k0FiAeSl1
NzUFDD2KjACZEDus4vbbMH/jW/ETibdCDzczmhuMabRyEWIb1rGqgymK5Abd9sEj
fR4lqDS8DmhsqnCfyPTLkwII5u/ZTKO14y9MLWHxT5G79y2zi24v+fwb/0d+MQVW
/C0WJWiOa+Oj/s9+pvtW6PCD/s3bDpimCKQmhrMdZ0VwUBSLGJiq7oZ9IhOC68jL
3v5MiAEaEZNtDQ10eoousqUgHK0HNcdx1qtZaPQvhKCviD4zHnv4efCCh1pVI2Rg
oDQvBAPH2mIN3VXbdesmZbyn1nyyTAg/394IgVLKhmDtheatNoxZzzkVMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvAGlg4kuFENi7RhTto5PKs0lrSMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvYThBYVdEaVM0VVEyTHRHRk8yams4cXpTV3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUGZMA0G
CSqGSIb3DQEBCwUAA4IBAQAs3WBgou7Ay3Eyu+GbppHjyo7ByRpjLdcFcX2oJDAR
M0mwjBBXzdwRO6qRbM9LtIg5JmyBMZWTsT85/PrYKT1AA0dU0uiQ4Iq3gsfFU4GY
fo2R33Qu/4whIVYSaLU9MSCR6U4HPncG21hJNNmBT1/prUbSp5t+W3SK0oMeovtM
pCdE/ruLCIJhCcKobq1p3SbzhwEsqkn18+pJl2Jd7Gevv7BvwU3XC/2ebEbzuKfb
9f/Mlpni68TuVrbTdOZSW3c2NmvnJf3or3qlxXsbqG0tQweAVoD+8T6qm5OTkGew
vjA5+pu5bUIxC+6pwpH69Nj+LLK58nCEh/X0QsCZkGwS
-----END CERTIFICATE-----