This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Jy6to4JU60s2nWvxByzwqstg1Wg.roa
File:                     Jy6to4JU60s2nWvxByzwqstg1Wg.roa (raw, json)
Hash identifier:          5Hcb8InbZ8BcFPvRcvasAVB4WkTn9bMp0DeeE5xCO0c=
Subject key identifier:   27:2E:AD:A3:82:54:EB:4B:36:9D:6B:F1:07:2C:F0:AA:CB:60:D5:68
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       019B77594503011583B9CAD02E5F7229232A
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Jy6to4JU60s2nWvxByzwqstg1Wg.roa
Signing time:             Thu 01 Jan 2026 02:18:17 +0000
ROA not before:           Thu 01 Jan 2026 02:18:17 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34951
IP address blocks:        85.204.199.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:45:03:01:15:83:b9:ca:d0:2e:5f:72:29:23:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  1 02:18:17 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=272eada38254eb4b369d6bf1072cf0aacb60d568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c7:67:e7:fd:83:c1:24:2c:73:d1:ce:90:43:
                    9e:df:e6:ab:f7:0c:87:7b:9e:f5:40:22:a7:c1:f8:
                    6b:84:c6:51:88:b5:e9:ca:13:6e:9a:5e:bd:91:0b:
                    e9:d4:58:20:c1:27:7c:95:09:2e:e2:28:be:98:81:
                    01:96:61:68:f3:63:d4:22:c6:46:1b:85:b7:af:f2:
                    09:dd:9a:9f:26:09:f4:f6:78:ca:f0:f1:04:89:13:
                    07:85:2c:aa:27:35:47:e0:26:3c:2c:c1:24:a9:2b:
                    78:d2:91:6f:9c:af:9d:da:ad:95:9c:1d:80:be:f3:
                    00:1a:fd:37:2c:c9:15:fa:32:23:86:55:74:62:01:
                    49:9a:cd:8a:ff:16:0f:7d:a3:03:0b:0e:4d:5c:7f:
                    64:28:c3:aa:32:40:10:36:74:49:8f:09:81:62:53:
                    47:b9:03:37:e5:9e:58:2a:d4:0d:42:79:0d:5b:06:
                    39:f3:b0:5a:22:e2:33:cd:cb:d0:ec:75:2a:68:33:
                    59:b8:76:37:7e:e4:d9:4a:3e:cf:86:be:9f:c5:02:
                    65:0a:81:20:0f:bd:1b:a8:b6:3c:15:60:07:a8:4f:
                    0c:e5:29:22:90:a9:9a:0c:73:11:48:04:10:2a:8f:
                    03:c2:fc:05:e3:ed:e6:34:4d:ad:b7:87:8c:7c:77:
                    b1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:2E:AD:A3:82:54:EB:4B:36:9D:6B:F1:07:2C:F0:AA:CB:60:D5:68
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Jy6to4JU60s2nWvxByzwqstg1Wg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:6d:d7:6b:9a:13:c8:a9:28:69:19:1c:dd:46:b7:32:b9:01:
         3e:c3:c6:7a:b3:c9:49:5c:b9:27:be:27:09:64:68:71:03:68:
         2d:db:c9:1b:0f:22:65:bc:02:a5:a9:bd:30:c2:a0:d0:e3:dd:
         1b:9d:a3:1d:c3:f1:8e:3a:0c:3a:c4:51:c4:bd:f1:ad:53:43:
         2f:2b:5c:6d:1f:b4:4d:a8:6d:8c:9f:ee:f6:2f:2f:ea:02:b7:
         cf:53:ac:a9:11:9a:a0:57:e0:19:25:04:3f:28:10:0e:69:c8:
         96:c4:f1:63:23:93:45:be:7c:c6:58:74:0e:10:93:6f:63:45:
         30:7c:12:af:8e:92:23:bb:ba:b5:ee:61:5b:89:3d:ac:1c:ab:
         1c:50:25:f8:c2:28:5b:80:64:bc:06:86:70:03:0a:02:27:d1:
         6a:e8:d7:b0:1e:63:57:af:ef:2b:db:09:61:18:e7:bc:24:4b:
         3f:a8:05:88:52:4f:b9:a3:d5:f0:b6:a9:dc:a8:8c:47:9e:49:
         c1:fa:38:f2:70:42:06:fa:70:eb:bd:6a:55:2d:09:77:90:2e:
         5f:44:0e:1a:2c:2b:ec:90:d6:5c:83:e7:2d:9f:70:40:7d:31:
         87:e0:5d:30:e8:f4:6b:80:0d:1e:e4:fe:0a:0f:0e:60:ce:3a:
         ed:af:46:38
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZt3WUUDARWDucrQLl9yKSMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjYwMTAxMDIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzJlYWRhMzgyNTRlYjRiMzY5ZDZiZjEwNzJjZjBhYWNiNjBkNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMdn5/2DwSQsc9HOkEOe3+ar9wyH
e571QCKnwfhrhMZRiLXpyhNuml69kQvp1FggwSd8lQku4ii+mIEBlmFo82PUIsZG
G4W3r/IJ3ZqfJgn09njK8PEEiRMHhSyqJzVH4CY8LMEkqSt40pFvnK+d2q2VnB2A
vvMAGv03LMkV+jIjhlV0YgFJms2K/xYPfaMDCw5NXH9kKMOqMkAQNnRJjwmBYlNH
uQM35Z5YKtQNQnkNWwY587BaIuIzzcvQ7HUqaDNZuHY3fuTZSj7Phr6fxQJlCoEg
D70bqLY8FWAHqE8M5SkikKmaDHMRSAQQKo8DwvwF4+3mNE2tt4eMfHexKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCcuraOCVOtLNp1r8Qcs8KrLYNVoMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0p5NnRvNEpVNjBzMm5XdnhCeXp3cXN0ZzFXZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzMcw
DQYJKoZIhvcNAQELBQADggEBAJtt12uaE8ipKGkZHN1GtzK5AT7DxnqzyUlcuSe+
JwlkaHEDaC3byRsPImW8AqWpvTDCoNDj3Rudox3D8Y46DDrEUcS98a1TQy8rXG0f
tE2obYyf7vYvL+oCt89TrKkRmqBX4BklBD8oEA5pyJbE8WMjk0W+fMZYdA4Qk29j
RTB8Eq+OkiO7urXuYVuJPawcqxxQJfjCKFuAZLwGhnADCgIn0Wro17AeY1ev7yvb
CWEY57wkSz+oBYhST7mj1fC2qdyojEeeScH6OPJwQgb6cOu9alUtCXeQLl9EDhos
K+yQ1lyD5y2fcEB9MYfgXTDo9GuADR7k/goPDmDOOu2vRjg=
-----END CERTIFICATE-----