This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/DRi6gZm2ApJ9zWvuSIffTh_44j0.roa
File:                     DRi6gZm2ApJ9zWvuSIffTh_44j0.roa (raw, json)
Hash identifier:          NDQ8jCUezYMaYn3NL3pjn/AqInQQgH2COtpVWhCKawg=
Subject key identifier:   0D:18:BA:81:99:B6:02:92:7D:CD:6B:EE:48:87:DF:4E:1F:F8:E2:3D
Certificate issuer:       /CN=86022e162f6e6b9755ce4ce845120e62939506f7
Certificate serial:       019B791127E8969AC12819A8FC2A9423ACD6
Authority key identifier: 86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/DRi6gZm2ApJ9zWvuSIffTh_44j0.roa
Signing time:             Thu 01 Jan 2026 10:18:46 +0000
ROA not before:           Thu 01 Jan 2026 10:18:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     61049
IP address blocks:        83.136.52.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:11:27:e8:96:9a:c1:28:19:a8:fc:2a:94:23:ac:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86022e162f6e6b9755ce4ce845120e62939506f7
        Validity
            Not Before: Jan  1 10:18:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=0d18ba8199b602927dcd6bee4887df4e1ff8e23d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a8:d1:b7:96:4d:dd:36:c1:7f:83:82:54:6f:
                    b3:97:f3:cf:a6:1e:17:8b:83:e6:ca:cc:dd:89:cc:
                    84:a2:dd:85:df:39:56:c3:9c:cc:9f:66:b3:63:22:
                    1a:f1:73:8c:3d:20:d0:f2:74:0d:f4:25:24:05:a0:
                    77:cb:36:07:cf:35:c2:bf:ab:80:c9:32:08:4f:92:
                    ca:cf:07:ba:bf:cc:3b:7b:6b:84:9b:b2:c9:f1:6b:
                    35:a6:74:3e:66:38:77:c4:29:9a:b4:84:c3:72:b9:
                    e1:74:20:2e:08:66:6c:a3:9f:9e:0c:05:0a:ed:25:
                    44:ca:75:f3:1b:27:b4:ff:5a:19:89:36:a4:8c:ee:
                    98:d5:43:1a:a4:55:4b:51:45:1d:54:8d:91:e6:27:
                    92:d1:03:e9:19:81:9f:67:a8:93:e3:3e:bd:38:71:
                    83:e3:a1:46:20:6b:b4:43:98:dd:2a:5a:b3:2b:69:
                    cc:ed:6d:84:5e:1f:42:5c:58:b8:54:1f:c5:99:e7:
                    a7:7d:f3:06:18:13:42:aa:16:65:f7:36:52:84:1c:
                    8b:65:d9:92:e7:bd:78:1e:4e:76:fd:03:f0:30:24:
                    76:4d:af:09:57:45:45:5a:e6:08:44:40:0d:4e:f7:
                    66:0b:32:a6:ce:d6:ea:bf:c1:7d:14:bd:f6:d6:ec:
                    8b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:18:BA:81:99:B6:02:92:7D:CD:6B:EE:48:87:DF:4E:1F:F8:E2:3D
            X509v3 Authority Key Identifier:
                keyid:86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/DRi6gZm2ApJ9zWvuSIffTh_44j0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.136.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:94:a0:69:61:da:8c:b0:88:a9:6f:d8:d9:03:c8:15:26:1b:
         6f:d0:e0:7a:e2:14:b5:ef:fd:11:0e:2f:b7:2b:d3:47:d6:20:
         f7:41:82:cb:da:cb:00:6f:fb:8d:28:bf:f8:54:76:06:0a:b5:
         08:ff:6c:93:07:a4:7b:ab:f1:2c:dc:23:9f:82:69:af:50:13:
         ca:b8:d3:dd:bd:10:d2:9f:06:74:68:0a:fa:0d:30:40:65:34:
         55:85:48:a6:cb:bb:65:a1:85:b2:f7:4d:81:16:d7:5d:fb:00:
         6c:cf:e8:a9:e9:5a:1a:7e:6d:10:27:f9:36:d1:89:8f:f3:23:
         e0:af:6e:19:34:18:ce:54:ac:da:84:57:59:90:63:b8:1d:1f:
         9f:96:02:38:63:2a:96:0e:d8:69:36:39:7c:f4:b5:24:08:31:
         07:37:2e:10:12:29:11:9a:39:a9:6c:f3:48:ed:d9:dc:f1:09:
         01:ef:36:50:35:4e:11:2f:bc:2b:d2:0b:a3:ff:99:78:5d:f4:
         45:03:16:fd:f5:15:ab:5d:04:d4:55:ed:e5:1e:b3:b0:22:08:
         21:a2:2b:dc:e4:67:a9:46:0f:26:bd:48:12:89:3d:08:02:60:
         07:44:aa:68:cc:e3:3f:04:3e:c6:ed:0d:67:72:87:d8:2f:71:
         08:ff:1e:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5ESfolprBKBmo/CqUI6zWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDIyZTE2MmY2ZTZiOTc1NWNlNGNlODQ1MTIwZTYyOTM5
NTA2ZjcwHhcNMjYwMTAxMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE4YmE4MTk5YjYwMjkyN2RjZDZiZWU0ODg3ZGY0ZTFmZjhlMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6jRt5ZN3TbBf4OCVG+zl/PPph4X
i4PmyszdicyEot2F3zlWw5zMn2azYyIa8XOMPSDQ8nQN9CUkBaB3yzYHzzXCv6uA
yTIIT5LKzwe6v8w7e2uEm7LJ8Ws1pnQ+Zjh3xCmatITDcrnhdCAuCGZso5+eDAUK
7SVEynXzGye0/1oZiTakjO6Y1UMapFVLUUUdVI2R5ieS0QPpGYGfZ6iT4z69OHGD
46FGIGu0Q5jdKlqzK2nM7W2EXh9CXFi4VB/FmeenffMGGBNCqhZl9zZShByLZdmS
5714Hk52/QPwMCR2Ta8JV0VFWuYIREANTvdmCzKmztbqv8F9FL321uyL3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0YuoGZtgKSfc1r7kiH304f+OI9MB8GA1UdIwQY
MBaAFIYCLhYvbmuXVc5M6EUSDmKTlQb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGIt
MDU5ZGJjYzhkY2VmLzEvRFJpNmdabTJBcEo5eld2dVNJZmZUaF80NGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGItMDU5ZGJjYzhkY2Vm
LzEvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU4g0MA0G
CSqGSIb3DQEBCwUAA4IBAQCUlKBpYdqMsIipb9jZA8gVJhtv0OB64hS17/0RDi+3
K9NH1iD3QYLL2ssAb/uNKL/4VHYGCrUI/2yTB6R7q/Es3COfgmmvUBPKuNPdvRDS
nwZ0aAr6DTBAZTRVhUimy7tloYWy902BFtdd+wBsz+ip6Voafm0QJ/k20YmP8yPg
r24ZNBjOVKzahFdZkGO4HR+flgI4YyqWDthpNjl89LUkCDEHNy4QEikRmjmpbPNI
7dnc8QkB7zZQNU4RL7wr0guj/5l4XfRFAxb99RWrXQTUVe3lHrOwIgghoivc5Gep
Rg8mvUgSiT0IAmAHRKpozOM/BD7G7Q1ncofYL3EI/x6o
-----END CERTIFICATE-----