This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/tKTKwD-CfqK2XSUkfDX-zb0IMcI.roa
File:                     tKTKwD-CfqK2XSUkfDX-zb0IMcI.roa (raw, json)
Hash identifier:          EIGjeb1RHBDJL7jS5BFIXbJ6UQ3SzaYbnmBK1hQUsVI=
Subject key identifier:   B4:A4:CA:C0:3F:82:7E:A2:B6:5D:25:24:7C:35:FE:CD:BD:08:31:C2
Certificate issuer:       /CN=468b68141796ca95e4c72f4bfa696acea5083af3
Certificate serial:       019AFD406F843C8B8CBEBABD485E4F377BA3
Authority key identifier: 46:8B:68:14:17:96:CA:95:E4:C7:2F:4B:FA:69:6A:CE:A5:08:3A:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/tKTKwD-CfqK2XSUkfDX-zb0IMcI.roa
Signing time:             Mon 08 Dec 2025 09:17:29 +0000
ROA not before:           Mon 08 Dec 2025 09:17:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     200632
IP address blocks:        185.82.68.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Dec 2025 18:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:fd:40:6f:84:3c:8b:8c:be:ba:bd:48:5e:4f:37:7b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468b68141796ca95e4c72f4bfa696acea5083af3
        Validity
            Not Before: Dec  8 09:17:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b4a4cac03f827ea2b65d25247c35fecdbd0831c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:2a:54:82:63:35:27:29:03:60:b3:2c:a3:f6:
                    37:e5:a2:b0:e1:2a:12:7a:02:bc:51:96:c2:58:9a:
                    2f:dd:2f:d9:6c:6c:d2:3c:4e:a3:61:19:3e:f2:4e:
                    b0:01:9c:b7:32:bf:cf:59:24:1c:2b:b5:c1:57:e3:
                    88:44:24:31:65:ec:db:fe:f2:5a:6a:0e:e6:8d:a7:
                    c6:75:99:4a:57:e5:36:5d:24:59:0c:d7:9b:12:8a:
                    23:4f:fe:95:21:6d:bb:2e:b3:d8:87:24:9b:17:8e:
                    b7:30:f1:fb:22:1b:34:89:86:db:a0:af:d0:6f:a3:
                    61:c2:ba:5b:8f:41:a9:f8:4e:e5:b2:3a:5d:3a:a8:
                    5e:f6:b2:d2:52:73:a7:f0:ed:3a:59:18:cb:fd:5c:
                    b6:4a:32:57:d7:bb:72:d9:39:f8:ba:11:88:6c:e8:
                    a8:53:fc:74:28:fb:9a:17:47:42:27:fb:34:89:b2:
                    86:1b:39:78:7e:bf:fb:74:62:be:11:02:2a:ad:a7:
                    6b:d3:e8:f1:a5:4d:a7:ee:ee:ca:14:a7:26:25:23:
                    db:08:43:8c:40:ab:9b:b9:d3:0c:13:33:57:1b:e5:
                    18:47:39:aa:5d:1d:66:1a:03:19:b2:4f:a9:96:78:
                    57:97:d2:f1:c1:f1:1a:38:db:5f:50:01:02:40:71:
                    39:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A4:CA:C0:3F:82:7E:A2:B6:5D:25:24:7C:35:FE:CD:BD:08:31:C2
            X509v3 Authority Key Identifier:
                keyid:46:8B:68:14:17:96:CA:95:E4:C7:2F:4B:FA:69:6A:CE:A5:08:3A:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/tKTKwD-CfqK2XSUkfDX-zb0IMcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:b9:1a:b0:22:9b:77:53:35:b7:cc:05:7b:3a:f1:db:b3:ae:
         d0:ef:26:ba:5c:ad:49:c5:dc:79:60:33:76:85:31:18:67:4e:
         66:2a:45:af:e2:7e:a1:c9:40:1d:8b:75:ea:50:50:c4:d7:09:
         e5:fe:34:82:16:9b:bb:47:06:8b:f0:23:d0:7e:53:fa:a6:75:
         6d:37:f0:a3:ed:db:6c:5b:dc:f7:24:2b:d5:1b:1f:bd:a4:c3:
         41:c0:9a:de:11:30:de:5a:cd:a3:47:ab:ac:b3:29:40:de:c9:
         8a:9c:a7:b1:3f:2c:99:a7:c2:d4:28:ef:85:ff:e1:e2:e9:ae:
         7e:6b:08:8e:9c:cd:da:b8:d5:ac:2e:bc:ae:39:27:d3:0d:bc:
         e4:44:6e:79:ef:45:0e:8a:b2:be:86:a4:0e:f9:16:bf:7f:dd:
         1d:9d:3f:32:aa:76:d7:7c:b0:ff:94:8a:a4:62:2b:d3:21:94:
         ac:9e:53:01:e3:30:b2:68:fb:69:71:c1:44:32:65:c6:a4:b9:
         91:75:1b:f7:39:e0:25:09:41:3f:52:52:2a:07:94:b8:51:d3:
         f7:0b:40:4b:0a:c4:36:6b:c0:ac:b9:46:8a:22:84:ee:2a:b3:
         bd:d8:7b:66:14:ae:48:a7:b8:92:3f:85:43:7b:8d:4f:93:f6:
         88:b9:97:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZr9QG+EPIuMvrq9SF5PN3ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI2ODE0MTc5NmNhOTVlNGM3MmY0YmZhNjk2YWNlYTUw
ODNhZjMwHhcNMjUxMjA4MDkxNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE0Y2FjMDNmODI3ZWEyYjY1ZDI1MjQ3YzM1ZmVjZGJkMDgzMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmipUgmM1JykDYLMso/Y35aKw4SoS
egK8UZbCWJov3S/ZbGzSPE6jYRk+8k6wAZy3Mr/PWSQcK7XBV+OIRCQxZezb/vJa
ag7mjafGdZlKV+U2XSRZDNebEoojT/6VIW27LrPYhySbF463MPH7Ihs0iYbboK/Q
b6Nhwrpbj0Gp+E7lsjpdOqhe9rLSUnOn8O06WRjL/Vy2SjJX17ty2Tn4uhGIbOio
U/x0KPuaF0dCJ/s0ibKGGzl4fr/7dGK+EQIqradr0+jxpU2n7u7KFKcmJSPbCEOM
QKubudMMEzNXG+UYRzmqXR1mGgMZsk+plnhXl9LxwfEaONtfUAECQHE5JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSkysA/gn6itl0lJHw1/s29CDHCMB8GA1UdIwQY
MBaAFEaLaBQXlsqV5McvS/ppas6lCDrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90b0ZCZVd5cFhreHk5TC1tbHF6cVVJT3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81OThlOGItYTYzZi00MjVlLWI0Zjct
NDUyZDZkMzgyNmY3LzEvdEtUS3dELUNmcUsyWFNVa2ZEWC16YjBJTWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81OThlOGItYTYzZi00MjVlLWI0ZjctNDUyZDZkMzgyNmY3
LzEvUm90b0ZCZVd5cFhreHk5TC1tbHF6cVVJT3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVJEMA0G
CSqGSIb3DQEBCwUAA4IBAQAWuRqwIpt3UzW3zAV7OvHbs67Q7ya6XK1Jxdx5YDN2
hTEYZ05mKkWv4n6hyUAdi3XqUFDE1wnl/jSCFpu7RwaL8CPQflP6pnVtN/Cj7dts
W9z3JCvVGx+9pMNBwJreETDeWs2jR6ussylA3smKnKexPyyZp8LUKO+F/+Hi6a5+
awiOnM3auNWsLryuOSfTDbzkRG5570UOirK+hqQO+Ra/f90dnT8yqnbXfLD/lIqk
YivTIZSsnlMB4zCyaPtpccFEMmXGpLmRdRv3OeAlCUE/UlIqB5S4UdP3C0BLCsQ2
a8CsuUaKIoTuKrO92HtmFK5Ip7iSP4VDe41Pk/aIuZdr
-----END CERTIFICATE-----