This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/yzlJwvPmp_FWuAYFJVX7D34LL5o.roa
File:                     yzlJwvPmp_FWuAYFJVX7D34LL5o.roa (raw, json)
Hash identifier:          oyzk/Lk1+iN0NJFMafNwk7yqhxfs0bRUTnktsAxu4x8=
Subject key identifier:   CB:39:49:C2:F3:E6:A7:F1:56:B8:06:05:25:55:FB:0F:7E:0B:2F:9A
Certificate issuer:       /CN=45e3a0c1f1d81ee069643b40c323999bb5584631
Certificate serial:       019B7D5BE24C421749C75D47DB66785A3D72
Authority key identifier: 45:E3:A0:C1:F1:D8:1E:E0:69:64:3B:40:C3:23:99:9B:B5:58:46:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ReOgwfHYHuBpZDtAwyOZm7VYRjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/yzlJwvPmp_FWuAYFJVX7D34LL5o.roa
Signing time:             Fri 02 Jan 2026 06:18:52 +0000
ROA not before:           Fri 02 Jan 2026 06:18:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204152
IP address blocks:        185.112.232.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/ReOgwfHYHuBpZDtAwyOZm7VYRjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/ReOgwfHYHuBpZDtAwyOZm7VYRjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ReOgwfHYHuBpZDtAwyOZm7VYRjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 12:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:5b:e2:4c:42:17:49:c7:5d:47:db:66:78:5a:3d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45e3a0c1f1d81ee069643b40c323999bb5584631
        Validity
            Not Before: Jan  2 06:18:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=cb3949c2f3e6a7f156b806052555fb0f7e0b2f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d4:b5:08:33:89:f2:ce:fd:0b:27:85:2f:a1:
                    7d:e4:53:d3:bc:58:ea:a3:f5:dc:97:81:34:37:86:
                    a7:cc:29:c1:c6:c7:db:34:3d:db:7b:da:c4:58:e7:
                    98:37:1f:02:fa:ba:6c:2a:da:6e:8b:52:4f:6e:88:
                    e3:be:30:d8:67:84:14:d8:e5:64:0f:8e:83:3c:62:
                    65:d3:86:e6:f4:6b:1b:98:64:ba:30:32:48:b6:11:
                    96:4a:46:09:0d:1b:d2:50:99:a9:fa:ec:8b:db:8f:
                    ff:c1:16:ac:6f:57:3a:a1:0a:5e:ab:50:0d:c2:f6:
                    66:95:a4:ed:9e:39:48:f2:83:77:0e:73:2c:a9:07:
                    0a:dc:1a:2d:97:de:34:a0:9d:a1:75:15:6e:8d:3d:
                    62:06:d7:12:83:a3:ef:bc:cf:c8:2d:27:65:ec:32:
                    94:17:0a:ec:6f:d3:75:f4:3d:26:61:c4:99:6b:6d:
                    a8:7e:40:07:7a:0a:75:aa:0a:96:66:c8:27:2c:b7:
                    55:8e:eb:2c:1b:53:19:32:81:cb:51:22:59:d4:1b:
                    47:f1:d4:3c:da:4f:58:1f:1e:27:59:9e:25:df:81:
                    08:ba:ea:7f:29:e6:0b:90:dc:78:56:53:2a:84:a2:
                    f7:40:c7:84:18:0b:63:d1:de:47:d7:ff:3f:44:73:
                    15:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:39:49:C2:F3:E6:A7:F1:56:B8:06:05:25:55:FB:0F:7E:0B:2F:9A
            X509v3 Authority Key Identifier:
                keyid:45:E3:A0:C1:F1:D8:1E:E0:69:64:3B:40:C3:23:99:9B:B5:58:46:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ReOgwfHYHuBpZDtAwyOZm7VYRjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/yzlJwvPmp_FWuAYFJVX7D34LL5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cb31da-4491-4f3e-bae5-3d57b66b2134/1/ReOgwfHYHuBpZDtAwyOZm7VYRjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.112.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:e0:a4:33:af:e3:9a:14:c8:c2:34:0d:ac:69:13:5d:1e:e1:
         a3:da:8b:e4:81:7a:cd:e4:7c:d8:29:1b:68:c0:14:85:d4:b6:
         1f:5c:c4:ae:18:bf:1d:f3:f8:9a:65:9a:04:d1:59:aa:15:e3:
         4b:96:3a:d5:0f:03:02:75:76:25:4f:ed:67:d4:07:49:6b:8d:
         0c:ad:31:3c:12:1b:da:d8:5b:65:3a:0d:7f:1b:a5:58:3f:17:
         29:e6:0e:f7:3d:19:0b:e5:9b:58:cd:b0:13:d0:05:a9:36:ad:
         d0:e5:c3:99:fe:56:de:48:ce:4d:bd:31:33:18:73:ab:73:11:
         80:e9:b4:74:72:e1:f2:42:e6:b8:25:77:30:6e:07:c1:5f:f0:
         3d:6b:ff:c6:47:6d:6f:17:67:f8:42:b9:1b:d9:8e:c4:93:d7:
         8c:9c:4a:95:5c:a2:9a:9d:eb:70:ab:0a:7b:97:c7:28:8f:3d:
         22:29:bf:89:66:22:6e:bc:f8:58:65:67:fd:d9:25:4c:87:c0:
         e5:1d:f4:11:2f:5c:30:10:83:d8:96:da:b9:4f:d9:83:49:75:
         f8:42:8b:46:bc:52:e2:ab:77:f6:4a:62:0f:dd:02:04:97:1d:
         43:92:73:26:b8:cf:cc:dd:76:ac:8c:17:87:09:19:b3:2f:31:
         bd:7e:6f:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9W+JMQhdJx11H22Z4Wj1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZTNhMGMxZjFkODFlZTA2OTY0M2I0MGMzMjM5OTliYjU1
ODQ2MzEwHhcNMjYwMTAyMDYxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM5NDljMmYzZTZhN2YxNTZiODA2MDUyNTU1ZmIwZjdlMGIyZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdS1CDOJ8s79CyeFL6F95FPTvFjq
o/Xcl4E0N4anzCnBxsfbND3be9rEWOeYNx8C+rpsKtpui1JPbojjvjDYZ4QU2OVk
D46DPGJl04bm9GsbmGS6MDJIthGWSkYJDRvSUJmp+uyL24//wRasb1c6oQpeq1AN
wvZmlaTtnjlI8oN3DnMsqQcK3Botl940oJ2hdRVujT1iBtcSg6PvvM/ILSdl7DKU
Fwrsb9N19D0mYcSZa22ofkAHegp1qgqWZsgnLLdVjussG1MZMoHLUSJZ1BtH8dQ8
2k9YHx4nWZ4l34EIuup/KeYLkNx4VlMqhKL3QMeEGAtj0d5H1/8/RHMVGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMs5ScLz5qfxVrgGBSVV+w9+Cy+aMB8GA1UdIwQY
MBaAFEXjoMHx2B7gaWQ7QMMjmZu1WEYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmVPZ3dmSFlIdUJwWkR0QXd5T1ptN1ZZUmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jYjMxZGEtNDQ5MS00ZjNlLWJhZTUt
M2Q1N2I2NmIyMTM0LzEveXpsSnd2UG1wX0ZXdUFZRkpWWDdEMzRMTDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jYjMxZGEtNDQ5MS00ZjNlLWJhZTUtM2Q1N2I2NmIyMTM0
LzEvUmVPZ3dmSFlIdUJwWkR0QXd5T1ptN1ZZUmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXDoMA0G
CSqGSIb3DQEBCwUAA4IBAQC04KQzr+OaFMjCNA2saRNdHuGj2ovkgXrN5HzYKRto
wBSF1LYfXMSuGL8d8/iaZZoE0VmqFeNLljrVDwMCdXYlT+1n1AdJa40MrTE8Ehva
2FtlOg1/G6VYPxcp5g73PRkL5ZtYzbAT0AWpNq3Q5cOZ/lbeSM5NvTEzGHOrcxGA
6bR0cuHyQua4JXcwbgfBX/A9a//GR21vF2f4Qrkb2Y7Ek9eMnEqVXKKanetwqwp7
l8cojz0iKb+JZiJuvPhYZWf92SVMh8DlHfQRL1wwEIPYltq5T9mDSXX4QotGvFLi
q3f2SmIP3QIElx1DknMmuM/M3XasjBeHCRmzLzG9fm9Q
-----END CERTIFICATE-----