This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/VaQhwNUDpB1f377_pgDC7bKIVs8.roa
File:                     VaQhwNUDpB1f377_pgDC7bKIVs8.roa (raw, json)
Hash identifier:          yIsP2S+y7+H5E1qVaCf/heokAGlt0wDZeCh1+1PijTk=
Subject key identifier:   55:A4:21:C0:D5:03:A4:1D:5F:DF:BE:FF:A6:00:C2:ED:B2:88:56:CF
Certificate issuer:       /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial:       019B7758907D3938CC4721622BEA42713897
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/VaQhwNUDpB1f377_pgDC7bKIVs8.roa
Signing time:             Thu 01 Jan 2026 02:17:31 +0000
ROA not before:           Thu 01 Jan 2026 02:17:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200435
IP address blocks:        185.248.50.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 11:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:58:90:7d:39:38:cc:47:21:62:2b:ea:42:71:38:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
        Validity
            Not Before: Jan  1 02:17:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=55a421c0d503a41d5fdfbeffa600c2edb28856cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f4:e0:c6:4e:4a:9d:18:29:6f:18:a2:65:63:
                    fe:d0:c4:0a:62:26:eb:14:50:8f:3f:1c:af:2b:ba:
                    94:cd:c0:09:fd:82:b8:17:c7:e9:88:04:9a:6c:8a:
                    f0:95:e4:0a:3b:b7:b9:46:b3:27:be:26:b4:10:1b:
                    c1:c7:f7:d6:7a:c9:be:a7:2d:f4:33:f5:0a:a2:ce:
                    f8:c6:d9:d6:87:5b:5c:2b:44:e6:db:8b:b0:9e:1d:
                    74:eb:aa:c7:48:98:c1:64:e3:86:e4:c5:9e:25:6d:
                    3f:ec:a5:4b:d7:e0:69:ed:3a:fd:70:01:52:bb:5f:
                    cd:f5:d5:5e:3f:54:97:f9:24:52:74:aa:af:70:dd:
                    5e:e7:dd:6f:b0:0e:3f:50:23:5c:29:ed:c5:8c:9d:
                    b4:08:87:7b:b5:b2:32:d2:b2:14:ad:da:df:96:86:
                    a7:da:d2:9e:e8:4e:94:c4:cf:a6:35:e8:cc:fa:c8:
                    40:78:cd:17:8f:13:8f:09:df:57:ab:2d:f3:3b:06:
                    d6:34:f4:9a:a8:50:93:c1:55:18:da:61:83:5b:68:
                    97:a7:18:db:fd:34:ef:63:32:c9:24:f0:65:c1:31:
                    cf:28:65:a5:0f:02:f2:db:72:01:1c:f6:14:1d:0f:
                    72:13:54:cf:24:28:fd:d8:fc:fc:a4:01:98:df:e5:
                    65:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:A4:21:C0:D5:03:A4:1D:5F:DF:BE:FF:A6:00:C2:ED:B2:88:56:CF
            X509v3 Authority Key Identifier:
                keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/VaQhwNUDpB1f377_pgDC7bKIVs8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:e9:68:84:83:70:73:3f:90:ae:f0:67:20:e8:39:df:5b:9b:
         34:fb:5f:09:e3:a3:5c:79:2d:75:48:f0:f7:df:f3:7e:da:bb:
         9e:cd:be:e0:aa:5d:5a:77:4d:5b:12:7d:67:6b:a3:44:2f:07:
         27:ba:c0:3a:90:58:d6:c3:89:46:20:84:69:26:55:db:51:3f:
         00:03:8b:9b:6e:8b:fd:01:87:0a:89:4e:5f:69:f5:2a:8a:79:
         c3:a4:75:15:d9:0f:0f:40:a1:dd:ac:f1:83:26:b2:f4:77:87:
         ff:59:20:2c:44:8e:e2:a6:4d:4d:cf:5c:fd:92:87:ee:a8:a1:
         4f:e3:81:95:66:90:0f:a5:46:52:d4:14:fe:27:fe:c7:ec:3e:
         23:80:c0:f6:a5:77:28:50:88:28:fe:64:ee:54:85:bb:81:7e:
         93:e6:5a:5e:48:81:57:64:26:f2:3f:38:0e:e9:33:e5:d5:e8:
         44:eb:41:7f:69:c6:25:aa:1f:10:09:f3:49:9e:c5:82:bf:67:
         92:e8:4c:6f:ea:74:6f:1a:35:98:e0:db:5d:a9:2e:86:a8:9c:
         e9:04:b4:eb:2b:fb:94:8f:53:57:20:a9:2a:0d:83:07:99:e8:
         c6:a5:0f:a5:6b:bf:57:d5:41:c3:5a:01:8d:a0:d8:25:56:10:
         8b:44:82:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WJB9OTjMRyFiK+pCcTiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDE0MTFlOTNlMjVkNWVjNjUwOTk1NjliMWI1YzVmYWRj
MWFlM2QwHhcNMjYwMTAxMDIxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE0MjFjMGQ1MDNhNDFkNWZkZmJlZmZhNjAwYzJlZGIyODg1NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPTgxk5KnRgpbxiiZWP+0MQKYibr
FFCPPxyvK7qUzcAJ/YK4F8fpiASabIrwleQKO7e5RrMnvia0EBvBx/fWesm+py30
M/UKos74xtnWh1tcK0Tm24uwnh1066rHSJjBZOOG5MWeJW0/7KVL1+Bp7Tr9cAFS
u1/N9dVeP1SX+SRSdKqvcN1e591vsA4/UCNcKe3FjJ20CId7tbIy0rIUrdrfloan
2tKe6E6UxM+mNejM+shAeM0XjxOPCd9Xqy3zOwbWNPSaqFCTwVUY2mGDW2iXpxjb
/TTvYzLJJPBlwTHPKGWlDwLy23IBHPYUHQ9yE1TPJCj92Pz8pAGY3+VlAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWkIcDVA6QdX9++/6YAwu2yiFbPMB8GA1UdIwQY
MBaAFNxBQR6T4l1exlCZVpsbXF+twa49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEt
NTEzODdkMTYwYmE5LzEvVmFRaHdOVURwQjFmMzc3X3BnREM3YktJVnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEtNTEzODdkMTYwYmE5
LzEvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgyMA0G
CSqGSIb3DQEBCwUAA4IBAQBK6WiEg3BzP5Cu8Gcg6DnfW5s0+18J46NceS11SPD3
3/N+2ruezb7gql1ad01bEn1na6NELwcnusA6kFjWw4lGIIRpJlXbUT8AA4ubbov9
AYcKiU5fafUqinnDpHUV2Q8PQKHdrPGDJrL0d4f/WSAsRI7ipk1Nz1z9kofuqKFP
44GVZpAPpUZS1BT+J/7H7D4jgMD2pXcoUIgo/mTuVIW7gX6T5lpeSIFXZCbyPzgO
6TPl1ehE60F/acYlqh8QCfNJnsWCv2eS6Exv6nRvGjWY4NtdqS6GqJzpBLTrK/uU
j1NXIKkqDYMHmejGpQ+la79X1UHDWgGNoNglVhCLRILH
-----END CERTIFICATE-----