This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/vUEAM-YPMOE_bnpwdo0XUZOektc.roa
File:                     vUEAM-YPMOE_bnpwdo0XUZOektc.roa (raw, json)
Hash identifier:          zwIeH3cOS34rB1Ez6T+f1Zfu0JaPz2Ntp3EY+zq8h/o=
Subject key identifier:   BD:41:00:33:E6:0F:30:E1:3F:6E:7A:70:76:8D:17:51:93:9E:92:D7
Certificate issuer:       /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial:       019B7F85125484337FD0C91332B8A663C96F
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/vUEAM-YPMOE_bnpwdo0XUZOektc.roa
Signing time:             Fri 02 Jan 2026 16:23:05 +0000
ROA not before:           Fri 02 Jan 2026 16:23:05 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214920
IP address blocks:        185.7.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:12:54:84:33:7f:d0:c9:13:32:b8:a6:63:c9:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
        Validity
            Not Before: Jan  2 16:23:05 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bd410033e60f30e13f6e7a70768d1751939e92d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c4:00:4f:6d:ef:d8:9a:11:92:f9:bf:30:5c:
                    15:b2:36:ff:79:d7:88:32:ca:b1:a9:3e:af:ba:b0:
                    3b:93:0a:a7:9c:de:1f:6f:e9:47:ef:4f:03:12:ae:
                    3c:fe:d6:d2:f8:aa:88:88:60:04:8e:af:95:93:f8:
                    46:21:b3:dc:b1:c8:9c:aa:09:a6:81:ec:c3:8a:70:
                    f8:ca:02:2d:54:34:c5:d9:48:9c:d7:09:0b:2d:15:
                    33:d1:41:2a:88:59:ea:6f:fa:23:52:69:75:0d:80:
                    a8:86:c0:5d:ad:3d:31:b1:f2:54:3e:d3:5d:86:0e:
                    98:e8:1f:90:82:8b:9f:26:af:04:56:f7:3f:d4:bf:
                    89:45:07:2c:c0:5a:5f:f7:13:58:3f:ba:0a:0e:b8:
                    34:eb:ae:c6:13:68:be:2a:43:87:86:70:91:6b:db:
                    b7:69:11:0b:f0:87:0a:7b:af:c0:93:19:c7:7d:cc:
                    34:eb:89:29:5a:94:94:7a:dc:68:00:ef:bc:1b:1b:
                    a3:ff:72:7a:c2:22:3a:42:db:8f:7d:fc:9a:8f:ca:
                    f8:57:4b:b5:c9:1c:70:23:ed:50:df:a4:33:ff:89:
                    a6:b9:41:f7:aa:92:1a:a9:40:ea:6f:09:45:bd:90:
                    99:10:50:ab:63:ba:bd:c7:1b:5d:a1:f5:90:7b:e6:
                    52:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:41:00:33:E6:0F:30:E1:3F:6E:7A:70:76:8D:17:51:93:9E:92:D7
            X509v3 Authority Key Identifier:
                keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/vUEAM-YPMOE_bnpwdo0XUZOektc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.7.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:f1:78:5d:21:3d:b1:87:c8:81:66:2b:ac:71:e6:c0:97:be:
         ee:f0:46:44:42:cb:c4:21:c1:6e:66:e0:c7:38:1b:72:1e:83:
         51:da:b7:5a:82:4b:27:23:0c:a6:e3:e3:00:e2:e7:9a:ed:04:
         d2:42:c6:a3:08:77:af:19:21:1c:a1:1e:3c:4c:ec:56:9e:43:
         63:36:63:78:09:8c:66:52:bc:37:b8:1d:17:83:6f:98:2d:cd:
         b5:14:43:37:92:7b:64:ff:70:a0:00:de:08:64:a7:b2:49:61:
         42:2d:6d:5a:1a:7d:67:5d:00:1e:74:5b:c4:ad:9f:b9:9c:ca:
         9a:7e:17:89:cb:ae:74:c0:52:b9:ff:37:8c:c6:39:79:94:ae:
         83:3a:8f:b3:bf:bc:2c:f0:90:34:a7:2c:20:dd:e9:f3:47:de:
         20:84:5e:4d:f6:a2:0c:b4:58:af:d6:e6:d4:cf:53:c2:d1:7f:
         3a:6b:a5:e3:7e:49:57:f3:f8:1f:4e:8f:34:cb:9d:3d:9f:85:
         d4:44:9b:a8:a4:5f:c6:1c:08:3a:9b:4b:74:e6:a2:95:1f:38:
         0a:78:53:8a:b2:86:76:b0:fd:f0:60:d2:77:1d:b9:0c:48:de:
         7a:69:48:46:bc:f8:20:df:21:75:5f:03:42:88:5e:57:c9:da:
         21:04:ec:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hRJUhDN/0MkTMrimY8lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzIzMDNkMTYzOGUwNzM1MjQwNDkxYWFhOWU0MmIxODg3
YWRhY2EwHhcNMjYwMTAyMTYyMzA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQxMDAzM2U2MGYzMGUxM2Y2ZTdhNzA3NjhkMTc1MTkzOWU5MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMQAT23v2JoRkvm/MFwVsjb/edeI
MsqxqT6vurA7kwqnnN4fb+lH708DEq48/tbS+KqIiGAEjq+Vk/hGIbPcscicqgmm
gezDinD4ygItVDTF2Uic1wkLLRUz0UEqiFnqb/ojUml1DYCohsBdrT0xsfJUPtNd
hg6Y6B+QgoufJq8EVvc/1L+JRQcswFpf9xNYP7oKDrg0667GE2i+KkOHhnCRa9u3
aREL8IcKe6/AkxnHfcw064kpWpSUetxoAO+8Gxuj/3J6wiI6QtuPffyaj8r4V0u1
yRxwI+1Q36Qz/4mmuUH3qpIaqUDqbwlFvZCZEFCrY7q9xxtdofWQe+ZSBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1BADPmDzDhP256cHaNF1GTnpLXMB8GA1UdIwQY
MBaAFBIyMD0WOOBzUkBJGqqeQrGIetrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEt
MDY0NDE0ZDAzNDBmLzEvdlVFQU0tWVBNT0VfYm5wd2RvMFhVWk9la3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEtMDY0NDE0ZDAzNDBm
LzEvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQd7MA0G
CSqGSIb3DQEBCwUAA4IBAQCY8XhdIT2xh8iBZiuscebAl77u8EZEQsvEIcFuZuDH
OBtyHoNR2rdagksnIwym4+MA4uea7QTSQsajCHevGSEcoR48TOxWnkNjNmN4CYxm
Urw3uB0Xg2+YLc21FEM3kntk/3CgAN4IZKeySWFCLW1aGn1nXQAedFvErZ+5nMqa
fheJy650wFK5/zeMxjl5lK6DOo+zv7ws8JA0pywg3enzR94ghF5N9qIMtFiv1ubU
z1PC0X86a6XjfklX8/gfTo80y509n4XURJuopF/GHAg6m0t05qKVHzgKeFOKsoZ2
sP3wYNJ3HbkMSN56aUhGvPgg3yF1XwNCiF5XydohBOxe
-----END CERTIFICATE-----