This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/VUDvlZ3nSAHzKEKmaHgmcWJvSvw.roa
File:                     VUDvlZ3nSAHzKEKmaHgmcWJvSvw.roa (raw, json)
Hash identifier:          iFi7PsloEbqYTaE+ZoaxZ5YffALEaqzMtJKrKwdONy0=
Subject key identifier:   55:40:EF:95:9D:E7:48:01:F3:28:42:A6:68:78:26:71:62:6F:4A:FC
Certificate issuer:       /CN=62719c6d8b9950378a7489315fb078111a18ad55
Certificate serial:       019B7CEDD2765A43F013462C12532E058077
Authority key identifier: 62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/VUDvlZ3nSAHzKEKmaHgmcWJvSvw.roa
Signing time:             Fri 02 Jan 2026 04:18:39 +0000
ROA not before:           Fri 02 Jan 2026 04:18:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200456
IP address blocks:        185.119.197.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 23:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:d2:76:5a:43:f0:13:46:2c:12:53:2e:05:80:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62719c6d8b9950378a7489315fb078111a18ad55
        Validity
            Not Before: Jan  2 04:18:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5540ef959de74801f32842a668782671626f4afc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2d:12:cc:98:76:4d:e1:e9:34:64:6b:ac:f3:
                    06:15:f0:38:45:a0:4d:4f:24:3b:2b:91:93:e1:42:
                    7e:5d:4e:c7:00:92:3f:bc:eb:c7:05:30:4e:12:b9:
                    c4:ca:a1:0f:d5:b1:54:22:bd:e0:79:9b:08:c3:5b:
                    e1:63:02:09:78:8f:59:ee:a3:13:64:b9:00:84:fd:
                    ee:b7:be:6c:ec:af:69:4d:ea:bb:4c:39:e3:2f:a8:
                    8d:58:36:40:8d:5f:ae:1d:71:1b:6d:58:08:0d:65:
                    7b:8a:f6:78:6e:76:4b:44:74:47:8d:e7:19:82:c3:
                    20:6c:63:2e:1f:77:56:1e:7b:1d:5c:be:3b:c6:20:
                    a2:1b:c8:43:be:cd:7b:6b:7e:ae:1c:c4:d9:d6:1f:
                    bb:24:10:3f:bd:ed:1e:68:dd:12:a4:b8:84:bd:e1:
                    bf:df:8b:ce:64:3c:b7:37:b0:6c:d5:b2:66:63:b0:
                    12:48:45:94:c3:8c:7c:f8:0e:47:2f:a7:b5:53:4b:
                    12:8c:e9:4b:06:f1:08:62:c7:82:22:ef:8a:78:37:
                    fc:4a:db:a8:a2:22:b2:6b:31:ca:af:fa:cd:b6:d8:
                    98:97:b4:ed:de:4f:53:d4:98:3d:3f:a3:36:58:f7:
                    d9:fa:33:9d:3d:f9:d8:64:e5:05:04:e1:f2:d5:84:
                    e1:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:40:EF:95:9D:E7:48:01:F3:28:42:A6:68:78:26:71:62:6F:4A:FC
            X509v3 Authority Key Identifier:
                keyid:62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/VUDvlZ3nSAHzKEKmaHgmcWJvSvw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:4c:32:22:c9:c2:59:aa:7b:e7:bb:39:c2:51:77:5e:59:1e:
         a2:53:fa:12:fc:b8:1d:f2:d4:a1:71:27:56:c1:13:30:e6:6b:
         50:0f:51:00:47:3e:78:17:b3:af:fc:65:76:11:41:d7:eb:cb:
         be:88:1a:79:dc:50:60:bb:9d:a5:2c:ba:88:8d:05:5e:e6:27:
         27:5b:ee:7c:e1:fd:cf:8c:7f:f4:19:87:29:2b:3d:85:7d:f8:
         a4:a7:ef:e3:5d:4f:58:75:09:66:65:80:a8:b9:be:e4:4c:f4:
         27:b4:97:31:0d:c2:4f:d3:15:7c:15:58:2e:30:d7:86:30:82:
         f7:44:61:2d:b3:6d:ed:d6:ae:f4:97:41:c3:01:91:18:af:c6:
         b6:2e:54:71:b8:2a:27:5e:5e:53:5f:d5:50:66:92:18:f2:c8:
         c1:25:57:1c:f4:ef:5c:e0:c0:71:64:c6:f8:51:32:67:5e:63:
         de:af:f6:9a:0c:7e:ea:d4:b5:de:67:8c:dc:75:77:5f:9f:48:
         dd:38:39:d0:f2:9b:8b:aa:50:d0:96:6d:60:ee:4b:d3:f7:7f:
         3f:4f:10:19:7f:e4:4f:01:fd:8e:9e:c2:90:dd:33:f7:32:8b:
         2a:e9:d2:cc:d7:b8:5a:04:cd:2d:5d:f3:ea:c6:63:f2:91:27:
         09:a2:c0:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87dJ2WkPwE0YsElMuBYB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzE5YzZkOGI5OTUwMzc4YTc0ODkzMTVmYjA3ODExMWEx
OGFkNTUwHhcNMjYwMTAyMDQxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTQwZWY5NTlkZTc0ODAxZjMyODQyYTY2ODc4MjY3MTYyNmY0YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi0SzJh2TeHpNGRrrPMGFfA4RaBN
TyQ7K5GT4UJ+XU7HAJI/vOvHBTBOErnEyqEP1bFUIr3geZsIw1vhYwIJeI9Z7qMT
ZLkAhP3ut75s7K9pTeq7TDnjL6iNWDZAjV+uHXEbbVgIDWV7ivZ4bnZLRHRHjecZ
gsMgbGMuH3dWHnsdXL47xiCiG8hDvs17a36uHMTZ1h+7JBA/ve0eaN0SpLiEveG/
34vOZDy3N7Bs1bJmY7ASSEWUw4x8+A5HL6e1U0sSjOlLBvEIYseCIu+KeDf8Stuo
oiKyazHKr/rNttiYl7Tt3k9T1Jg9P6M2WPfZ+jOdPfnYZOUFBOHy1YTh6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVA75Wd50gB8yhCpmh4JnFib0r8MB8GA1UdIwQY
MBaAFGJxnG2LmVA3inSJMV+weBEaGK1VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQt
NzVmYTI5NTQxMWY1LzEvVlVEdmxaM25TQUh6S0VLbWFIZ21jV0p2U3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQtNzVmYTI5NTQxMWY1
LzEvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXfFMA0G
CSqGSIb3DQEBCwUAA4IBAQAcTDIiycJZqnvnuznCUXdeWR6iU/oS/Lgd8tShcSdW
wRMw5mtQD1EARz54F7Ov/GV2EUHX68u+iBp53FBgu52lLLqIjQVe5icnW+584f3P
jH/0GYcpKz2Fffikp+/jXU9YdQlmZYCoub7kTPQntJcxDcJP0xV8FVguMNeGMIL3
RGEts23t1q70l0HDAZEYr8a2LlRxuConXl5TX9VQZpIY8sjBJVcc9O9c4MBxZMb4
UTJnXmPer/aaDH7q1LXeZ4zcdXdfn0jdODnQ8puLqlDQlm1g7kvT938/TxAZf+RP
Af2OnsKQ3TP3Mosq6dLM17haBM0tXfPqxmPykScJosDJ
-----END CERTIFICATE-----