This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/coIeZGT-k9QYlQ2hDYjPtjE_dNQ.roa
File:                     coIeZGT-k9QYlQ2hDYjPtjE_dNQ.roa (raw, json)
Hash identifier:          h7XyY5WQDRSwEq91uLAvyufN4TBb6nmzlUyI8AwqXkM=
Subject key identifier:   72:82:1E:64:64:FE:93:D4:18:95:0D:A1:0D:88:CF:B6:31:3F:74:D4
Certificate issuer:       /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial:       019B7F846A658F885261BA2266535C8C5442
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/coIeZGT-k9QYlQ2hDYjPtjE_dNQ.roa
Signing time:             Fri 02 Jan 2026 16:22:22 +0000
ROA not before:           Fri 02 Jan 2026 16:22:22 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     61347
IP address blocks:        85.153.211.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:84:6a:65:8f:88:52:61:ba:22:66:53:5c:8c:54:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
        Validity
            Not Before: Jan  2 16:22:22 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=72821e6464fe93d418950da10d88cfb6313f74d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:02:fe:0c:82:92:3c:92:88:cd:69:a1:0a:2e:
                    d2:7e:6f:92:d1:8a:b5:06:b2:05:d6:b2:25:36:9e:
                    7e:4a:82:cf:58:84:bf:db:bc:bd:07:45:dc:ec:ca:
                    6b:48:41:de:b3:90:0a:52:5f:35:aa:b7:33:06:cb:
                    da:13:66:3a:67:9e:f2:a2:25:d9:95:96:b0:d3:c3:
                    ee:2b:e3:8b:bf:d3:1d:9c:bf:8f:29:e0:99:07:aa:
                    63:17:dd:d4:97:04:8a:99:02:e2:9f:6a:83:64:f7:
                    79:67:b9:c0:90:08:e2:d1:bc:d3:48:a6:56:6a:10:
                    37:a1:6c:ac:8a:e8:84:f6:d4:31:d8:f6:f3:88:91:
                    92:c2:89:57:1c:92:0d:75:7c:0a:60:89:3f:8a:c5:
                    58:c1:2b:93:6b:80:53:6f:78:9d:09:d7:24:49:83:
                    47:be:78:49:a4:33:e9:51:bf:39:d6:2b:7e:12:af:
                    c3:e2:7d:5b:c6:5d:07:1a:25:02:f8:6c:5c:26:59:
                    53:86:56:62:2b:89:28:1c:ed:a8:b2:7f:23:f7:76:
                    1b:f9:f6:a0:9e:df:d4:cd:da:77:5a:82:18:a5:13:
                    f7:ff:13:5b:c3:38:6f:52:be:ad:20:16:80:4b:eb:
                    60:7e:f5:8b:01:a3:e6:c3:6f:93:b5:c2:dc:97:4e:
                    94:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:82:1E:64:64:FE:93:D4:18:95:0D:A1:0D:88:CF:B6:31:3F:74:D4
            X509v3 Authority Key Identifier:
                keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/coIeZGT-k9QYlQ2hDYjPtjE_dNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.153.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:7b:3d:89:16:dd:12:4c:3d:0d:82:7f:94:6f:66:ab:6c:61:
         1c:a8:60:f6:8e:96:49:3e:98:4d:92:f3:d2:e6:0c:4f:30:2e:
         ec:ef:33:dd:2f:42:53:c9:47:72:0e:70:87:1e:da:58:33:ab:
         c2:ad:19:5b:b5:b3:52:2e:e3:a9:a1:9e:ba:4f:4b:67:ae:c4:
         14:9e:1d:e6:56:0a:b6:b1:58:e4:4c:e4:4e:e2:58:48:71:1b:
         ca:db:88:3d:d8:13:13:27:06:a8:c1:42:94:4a:21:f9:02:19:
         69:e5:e9:f0:a6:27:a6:50:51:de:42:3f:d5:25:5e:97:7e:b3:
         e8:84:09:c2:e8:89:9f:73:fe:97:16:c8:91:32:18:46:95:20:
         26:72:31:b7:43:5f:ed:a7:ed:fd:e8:ef:88:0b:fe:08:73:a4:
         61:70:d4:53:42:5f:ac:6b:42:25:f7:4a:2f:1e:4d:58:f8:4c:
         46:08:0a:b3:e2:31:e0:63:16:2b:b1:1b:46:db:56:e4:8b:ad:
         fd:b5:61:01:1a:9d:4a:e6:50:2a:8a:f1:d1:19:00:39:21:14:
         e2:47:44:d3:61:b0:a0:66:75:fd:a1:a2:10:95:e1:64:5c:43:
         e8:c2:27:ed:3a:1d:d6:99:8c:51:fa:45:a7:b3:47:67:0e:7d:
         33:93:16:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/hGplj4hSYboiZlNcjFRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjYwMTAyMTYyMjIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgyMWU2NDY0ZmU5M2Q0MTg5NTBkYTEwZDg4Y2ZiNjMxM2Y3NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQL+DIKSPJKIzWmhCi7Sfm+S0Yq1
BrIF1rIlNp5+SoLPWIS/27y9B0Xc7MprSEHes5AKUl81qrczBsvaE2Y6Z57yoiXZ
lZaw08PuK+OLv9MdnL+PKeCZB6pjF93UlwSKmQLin2qDZPd5Z7nAkAji0bzTSKZW
ahA3oWysiuiE9tQx2PbziJGSwolXHJINdXwKYIk/isVYwSuTa4BTb3idCdckSYNH
vnhJpDPpUb851it+Eq/D4n1bxl0HGiUC+GxcJllThlZiK4koHO2osn8j93Yb+fag
nt/Uzdp3WoIYpRP3/xNbwzhvUr6tIBaAS+tgfvWLAaPmw2+TtcLcl06UPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKCHmRk/pPUGJUNoQ2Iz7YxP3TUMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvY29JZVpHVC1rOVFZbFEyaERZalB0akVfZE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZnTMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ez2JFt0STD0Ngn+Ub2arbGEcqGD2jpZJPphNkvPS
5gxPMC7s7zPdL0JTyUdyDnCHHtpYM6vCrRlbtbNSLuOpoZ66T0tnrsQUnh3mVgq2
sVjkTORO4lhIcRvK24g92BMTJwaowUKUSiH5Ahlp5enwpiemUFHeQj/VJV6XfrPo
hAnC6Imfc/6XFsiRMhhGlSAmcjG3Q1/tp+396O+IC/4Ic6RhcNRTQl+sa0Il90ov
Hk1Y+ExGCAqz4jHgYxYrsRtG21bki639tWEBGp1K5lAqivHRGQA5IRTiR0TTYbCg
ZnX9oaIQleFkXEPowiftOh3WmYxR+kWns0dnDn0zkxYf
-----END CERTIFICATE-----