This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/rTTUeShcOXNB_38gPBfANBYb9Rg.roa
File:                     rTTUeShcOXNB_38gPBfANBYb9Rg.roa (raw, json)
Hash identifier:          SNHTIMM1yFWrTxfEjv177J1xrcwVvQjJHLgNi04rw5A=
Subject key identifier:   AD:34:D4:79:28:5C:39:73:41:FF:7F:20:3C:17:C0:34:16:1B:F5:18
Certificate issuer:       /CN=a22e61b1ddc81dc4f338a689febd8dfddb44bf44
Certificate serial:       019B77C7525EC8D8B5C83C79EEECB21AEE07
Authority key identifier: A2:2E:61:B1:DD:C8:1D:C4:F3:38:A6:89:FE:BD:8D:FD:DB:44:BF:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/rTTUeShcOXNB_38gPBfANBYb9Rg.roa
Signing time:             Thu 01 Jan 2026 04:18:30 +0000
ROA not before:           Thu 01 Jan 2026 04:18:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204203
IP address blocks:        185.217.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:52:5e:c8:d8:b5:c8:3c:79:ee:ec:b2:1a:ee:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a22e61b1ddc81dc4f338a689febd8dfddb44bf44
        Validity
            Not Before: Jan  1 04:18:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ad34d479285c397341ff7f203c17c034161bf518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b1:a1:58:4e:67:b3:ad:00:3d:59:4c:f4:c4:
                    be:24:1f:91:d3:30:3b:f4:f9:d2:3a:98:94:9f:9e:
                    72:83:95:3e:9a:d1:ad:08:c6:8f:37:25:f2:c8:2b:
                    a0:8a:72:2b:40:da:13:e6:27:02:78:12:0b:3a:43:
                    4e:6f:b5:da:88:b1:a0:3f:71:c4:d2:9b:6f:6f:d2:
                    bb:bc:3a:c2:fa:a4:25:18:c2:dc:f4:80:4c:ad:40:
                    bc:ae:c5:3a:ab:50:4b:74:73:f4:f0:e3:1a:9d:a3:
                    33:78:28:42:e4:c5:43:24:69:be:82:99:cd:ca:23:
                    3e:93:ca:06:04:4f:33:58:56:de:12:91:9e:79:d0:
                    1e:1b:21:0c:42:2b:80:39:f1:70:db:e8:3c:bb:e4:
                    3b:08:e6:5f:f6:b1:2e:81:ba:2f:bf:3b:b3:9f:c0:
                    f2:0a:59:b7:af:d1:1a:18:da:6f:6a:34:bb:a7:c1:
                    54:87:62:ad:36:ae:0f:8c:49:87:23:95:ce:40:f2:
                    ab:7f:f7:de:e1:34:86:af:a8:9b:9f:ed:c9:d6:dc:
                    03:61:6a:2c:f0:3d:49:66:84:e7:8d:48:bb:26:24:
                    7e:aa:e9:58:d0:26:f9:44:79:47:3b:67:35:71:dc:
                    dd:ed:b9:eb:09:ce:69:c2:93:ca:62:f5:a4:e8:24:
                    e1:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:34:D4:79:28:5C:39:73:41:FF:7F:20:3C:17:C0:34:16:1B:F5:18
            X509v3 Authority Key Identifier:
                keyid:A2:2E:61:B1:DD:C8:1D:C4:F3:38:A6:89:FE:BD:8D:FD:DB:44:BF:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/rTTUeShcOXNB_38gPBfANBYb9Rg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d93edd-a807-45a5-8719-7baba2973746/1/oi5hsd3IHcTzOKaJ_r2N_dtEv0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:4f:de:1d:dd:bd:4d:cf:91:7b:f3:45:7e:4e:b4:54:6a:fe:
         2b:74:1e:76:cd:8e:23:8c:d2:93:ac:8c:11:25:64:57:7e:a4:
         75:5f:ba:06:42:fd:62:86:cb:9e:31:ce:13:77:35:3b:df:51:
         a3:09:56:88:84:66:92:5c:81:4c:31:65:94:cf:9b:a3:d2:e0:
         b2:75:f7:e9:e3:6f:7c:7f:f1:25:90:95:d9:51:34:91:40:97:
         45:42:78:cb:00:72:d0:b5:cd:f6:de:d6:f5:c9:b8:4c:4d:27:
         b3:f5:3d:c0:17:46:f9:36:b5:9a:c1:2a:3c:ab:a7:ba:9b:99:
         28:21:63:04:90:d1:1d:dd:15:b6:0f:96:b9:a2:30:49:e8:10:
         d7:3e:ec:06:9b:3b:ef:5f:d5:ad:28:77:75:05:38:08:c3:b8:
         38:16:99:94:74:a9:42:9a:cd:8b:06:ea:3b:c5:e1:c8:c0:dd:
         29:b6:d6:8a:8a:f7:98:f1:4b:e8:df:0f:48:4b:f4:c6:54:08:
         65:dc:86:b3:3f:3d:da:b5:ec:85:7c:22:48:fc:9c:33:a7:36:
         9b:6d:ee:71:17:e7:08:73:14:0c:97:b3:40:cd:b3:47:2b:94:
         4a:8b:1a:41:26:0b:ed:5f:cb:3a:3e:23:60:09:8d:2f:34:01:
         93:06:10:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x1JeyNi1yDx57uyyGu4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmU2MWIxZGRjODFkYzRmMzM4YTY4OWZlYmQ4ZGZkZGI0
NGJmNDQwHhcNMjYwMTAxMDQxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDM0ZDQ3OTI4NWMzOTczNDFmZjdmMjAzYzE3YzAzNDE2MWJmNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbGhWE5ns60APVlM9MS+JB+R0zA7
9PnSOpiUn55yg5U+mtGtCMaPNyXyyCuginIrQNoT5icCeBILOkNOb7XaiLGgP3HE
0ptvb9K7vDrC+qQlGMLc9IBMrUC8rsU6q1BLdHP08OManaMzeChC5MVDJGm+gpnN
yiM+k8oGBE8zWFbeEpGeedAeGyEMQiuAOfFw2+g8u+Q7COZf9rEugbovvzuzn8Dy
Clm3r9EaGNpvajS7p8FUh2KtNq4PjEmHI5XOQPKrf/fe4TSGr6ibn+3J1twDYWos
8D1JZoTnjUi7JiR+qulY0Cb5RHlHO2c1cdzd7bnrCc5pwpPKYvWk6CThewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK001HkoXDlzQf9/IDwXwDQWG/UYMB8GA1UdIwQY
MBaAFKIuYbHdyB3E8zimif69jf3bRL9EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2k1aHNkM0lIY1R6T0thSl9yMk5fZHRFdjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kOTNlZGQtYTgwNy00NWE1LTg3MTkt
N2JhYmEyOTczNzQ2LzEvclRUVWVTaGNPWE5CXzM4Z1BCZkFOQlliOVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kOTNlZGQtYTgwNy00NWE1LTg3MTktN2JhYmEyOTczNzQ2
LzEvb2k1aHNkM0lIY1R6T0thSl9yMk5fZHRFdjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudkGMA0G
CSqGSIb3DQEBCwUAA4IBAQART94d3b1Nz5F780V+TrRUav4rdB52zY4jjNKTrIwR
JWRXfqR1X7oGQv1ihsueMc4TdzU731GjCVaIhGaSXIFMMWWUz5uj0uCydffp4298
f/ElkJXZUTSRQJdFQnjLAHLQtc323tb1ybhMTSez9T3AF0b5NrWawSo8q6e6m5ko
IWMEkNEd3RW2D5a5ojBJ6BDXPuwGmzvvX9WtKHd1BTgIw7g4FpmUdKlCms2LBuo7
xeHIwN0pttaKiveY8Uvo3w9IS/TGVAhl3IazPz3ateyFfCJI/Jwzpzabbe5xF+cI
cxQMl7NAzbNHK5RKixpBJgvtX8s6PiNgCY0vNAGTBhCs
-----END CERTIFICATE-----