This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/mmDF_XsbEQjoCFz-4A-a7bWJg2s.roa
File:                     mmDF_XsbEQjoCFz-4A-a7bWJg2s.roa (raw, json)
Hash identifier:          bGR8CNtU+tqd4+6g36bVeUPx5+nuHxFzXdrs2z2W0fg=
Subject key identifier:   9A:60:C5:FD:7B:1B:11:08:E8:08:5C:FE:E0:0F:9A:ED:B5:89:83:6B
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       019B77596231DB28F785F8C48E0F71D996C3
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/mmDF_XsbEQjoCFz-4A-a7bWJg2s.roa
Signing time:             Thu 01 Jan 2026 02:18:24 +0000
ROA not before:           Thu 01 Jan 2026 02:18:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60403
IP address blocks:        77.81.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:59:62:31:db:28:f7:85:f8:c4:8e:0f:71:d9:96:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  1 02:18:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9a60c5fd7b1b1108e8085cfee00f9aedb589836b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b1:10:31:84:94:81:8f:e7:ae:41:84:0b:b4:
                    30:6a:16:2b:8f:a1:1f:0b:14:74:e2:a3:f2:c3:2a:
                    61:59:14:95:a2:d9:48:bf:2f:f9:56:4a:17:5b:5e:
                    ec:b2:6a:a6:6a:e5:4a:14:97:b1:85:7e:c6:55:40:
                    b8:8e:8d:5e:06:38:a8:30:2e:2e:b0:2d:6d:ca:e3:
                    d4:cb:8c:f0:2e:af:cc:36:ad:4c:c3:86:dd:95:ba:
                    41:15:0e:60:37:1a:06:48:8e:00:71:cb:9e:72:74:
                    28:21:7d:fa:6d:89:66:49:b0:cc:24:e5:7c:93:1e:
                    5d:b0:e5:44:2c:3a:5a:20:a8:12:02:e5:fa:ab:53:
                    77:72:e0:3a:cf:b4:c8:53:b0:c5:2b:99:89:98:23:
                    2f:1b:db:8d:d3:bd:87:ba:d7:50:02:ef:51:d4:4e:
                    15:97:e2:95:ff:86:91:36:02:d1:1b:0b:0e:90:fa:
                    e4:eb:f4:b9:71:98:99:9d:5c:19:c3:f6:47:ef:13:
                    8c:3e:eb:26:ee:25:87:7c:a9:cd:34:ef:14:a7:0f:
                    06:36:f0:da:29:01:0e:b9:8b:9d:15:c7:ae:1b:d9:
                    a5:cd:84:78:c0:cd:1e:65:20:a4:16:9a:4d:db:9e:
                    98:dd:df:a0:17:ef:01:d5:c9:ee:aa:3c:6a:1f:2a:
                    36:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:60:C5:FD:7B:1B:11:08:E8:08:5C:FE:E0:0F:9A:ED:B5:89:83:6B
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/mmDF_XsbEQjoCFz-4A-a7bWJg2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:4c:81:9a:78:39:85:07:b8:4a:30:69:85:7a:df:88:89:76:
         64:97:9b:94:1f:01:41:67:73:de:dc:58:ff:b2:18:ec:e6:ac:
         90:d5:de:11:d2:dc:f6:6b:f1:d5:96:e0:f4:30:a2:f4:80:68:
         ff:1d:98:fe:70:a4:08:ad:17:b9:32:64:da:48:96:49:a8:45:
         d3:59:0f:5c:09:5e:d8:18:dc:b1:23:12:ff:b6:bf:0d:5a:69:
         d4:27:73:67:bc:17:25:b0:d6:4d:b0:8d:59:91:04:57:6e:21:
         6d:5d:b7:d9:be:6e:54:7a:e9:ec:06:3b:6d:32:18:3f:16:74:
         f5:1d:a0:d7:36:16:e3:76:57:34:b4:7e:b9:42:fc:d2:93:39:
         8c:4f:44:fb:26:17:31:a4:e3:09:ab:08:27:83:22:82:ef:a5:
         a9:04:fa:c1:44:9c:49:30:48:9f:e6:ff:f5:32:26:89:d6:13:
         73:21:d8:0a:ee:3f:a5:30:be:7b:29:c6:67:d5:5e:d0:26:5a:
         bf:e3:26:9e:38:22:c8:a0:28:dd:fc:33:fd:c1:0f:22:24:86:
         ac:8b:1b:83:f8:1f:9a:7b:d9:bc:17:e7:0d:a7:9a:1f:ac:db:
         db:6b:ac:a1:cc:74:66:aa:49:00:9d:02:fa:d3:68:ea:88:60:
         40:66:3d:52
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZt3WWIx2yj3hfjEjg9x2ZbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjYwMTAxMDIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYwYzVmZDdiMWIxMTA4ZTgwODVjZmVlMDBmOWFlZGI1ODk4MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7EQMYSUgY/nrkGEC7QwahYrj6Ef
CxR04qPywyphWRSVotlIvy/5VkoXW17ssmqmauVKFJexhX7GVUC4jo1eBjioMC4u
sC1tyuPUy4zwLq/MNq1Mw4bdlbpBFQ5gNxoGSI4AccuecnQoIX36bYlmSbDMJOV8
kx5dsOVELDpaIKgSAuX6q1N3cuA6z7TIU7DFK5mJmCMvG9uN072HutdQAu9R1E4V
l+KV/4aRNgLRGwsOkPrk6/S5cZiZnVwZw/ZH7xOMPusm7iWHfKnNNO8Upw8GNvDa
KQEOuYudFceuG9mlzYR4wM0eZSCkFppN256Y3d+gF+8B1cnuqjxqHyo2RwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJpgxf17GxEI6Ahc/uAPmu21iYNrMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL21tREZfWHNiRVFqb0NGei00QS1hN2JXSmcycy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNUWEw
DQYJKoZIhvcNAQELBQADggEBAI1MgZp4OYUHuEowaYV634iJdmSXm5QfAUFnc97c
WP+yGOzmrJDV3hHS3PZr8dWW4PQwovSAaP8dmP5wpAitF7kyZNpIlkmoRdNZD1wJ
XtgY3LEjEv+2vw1aadQnc2e8FyWw1k2wjVmRBFduIW1dt9m+blR66ewGO20yGD8W
dPUdoNc2FuN2VzS0frlC/NKTOYxPRPsmFzGk4wmrCCeDIoLvpakE+sFEnEkwSJ/m
//UyJonWE3Mh2AruP6UwvnspxmfVXtAmWr/jJp44IsigKN38M/3BDyIkhqyLG4P4
H5p72bwX5w2nmh+s29trrKHMdGaqSQCdAvrTaOqIYEBmPVI=
-----END CERTIFICATE-----