This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/VytBOYFoUTB0ZXV6rvFwJEuNQFY.roa
File:                     VytBOYFoUTB0ZXV6rvFwJEuNQFY.roa (raw, json)
Hash identifier:          AQ3GtA9rLfN0d3whsarxsaKdzw0hTgS4miKDZ1W15dM=
Subject key identifier:   57:2B:41:39:81:68:51:30:74:65:75:7A:AE:F1:70:24:4B:8D:40:56
Certificate issuer:       /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial:       019B7E390CE8443CB1FE18F0E766130A1D9E
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/VytBOYFoUTB0ZXV6rvFwJEuNQFY.roa
Signing time:             Fri 02 Jan 2026 10:20:26 +0000
ROA not before:           Fri 02 Jan 2026 10:20:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57011
IP address blocks:        188.93.108.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:39:0c:e8:44:3c:b1:fe:18:f0:e7:66:13:0a:1d:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
        Validity
            Not Before: Jan  2 10:20:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=572b4139816851307465757aaef170244b8d4056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:19:35:3d:8d:cd:5f:60:bd:10:74:38:ee:2d:
                    ad:e1:ab:67:cf:b4:e8:3d:74:3d:ae:3c:04:04:19:
                    b2:2e:2e:bf:ce:6b:c9:22:eb:e2:0d:28:a3:5d:3a:
                    4a:a3:8f:c0:dd:38:2e:9c:82:65:48:b6:56:40:98:
                    61:db:13:14:0a:9e:b5:75:2c:7f:0d:47:bf:d3:35:
                    4a:23:87:0a:b5:bc:40:28:74:82:7b:8e:32:df:c3:
                    bb:66:54:c0:7a:f2:62:b7:31:0a:dd:a2:10:89:74:
                    7a:ae:77:f0:0f:fc:4a:c1:74:97:e4:a5:59:b4:7e:
                    ce:ea:fe:5b:c1:b4:06:43:6e:8b:ba:31:d4:57:11:
                    9c:f6:f1:b8:eb:e7:7d:a2:fb:68:d7:9a:1b:83:4f:
                    df:76:fa:3b:e4:03:f3:3c:5b:46:78:3e:ba:d9:4e:
                    d6:71:79:0e:18:00:09:0d:e8:01:01:d5:aa:f4:d1:
                    7a:99:d8:bd:75:65:19:71:d8:1c:bf:ed:61:d5:35:
                    64:b7:e7:a3:0c:86:c0:ce:69:8c:9a:92:92:97:f7:
                    70:85:38:b1:72:c3:19:17:ad:33:d7:0b:f9:af:49:
                    b5:72:6d:4f:14:ae:d9:42:f0:ba:14:78:70:54:f9:
                    43:6a:76:7c:fe:f2:b0:23:d0:41:39:77:9a:52:de:
                    17:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:2B:41:39:81:68:51:30:74:65:75:7A:AE:F1:70:24:4B:8D:40:56
            X509v3 Authority Key Identifier:
                keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/VytBOYFoUTB0ZXV6rvFwJEuNQFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.93.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:0f:7c:08:5d:82:bc:4b:1d:7e:a8:eb:8f:d7:3c:dc:f8:93:
         a2:fc:44:f9:81:c5:e8:f2:66:04:55:13:c0:b7:8c:a5:43:03:
         7b:23:d3:00:93:d1:df:ff:f0:30:8b:b5:98:76:28:aa:a6:a3:
         41:02:b2:76:84:47:ae:d9:80:a9:b2:b9:a3:c6:76:62:af:d3:
         7f:5b:aa:63:b7:95:6e:f5:8c:ea:2a:42:f5:3f:7b:15:13:e9:
         a0:4f:e1:98:b1:e5:3a:2e:f9:ae:8e:2a:0b:f4:da:c9:1a:39:
         3b:ed:2b:7d:ff:47:e5:72:f2:b3:be:84:39:72:79:b0:d0:f3:
         50:f7:c0:49:04:41:c9:5d:73:aa:1c:24:3f:47:49:e6:0a:b2:
         bb:2e:94:4e:7b:4a:c2:24:7a:4d:de:08:9c:ef:28:0e:e4:61:
         91:fc:29:fd:e0:2e:b7:8e:27:1b:4e:62:a8:7b:e5:d9:a5:24:
         58:e0:7c:50:f0:f7:5a:e7:4a:d7:fc:6d:fd:e5:6b:a4:c3:5b:
         61:b8:bd:18:e2:19:fb:1d:8b:3b:98:1a:8f:6b:22:cd:4d:93:
         f3:21:f3:15:af:3a:0a:f4:60:b9:59:7c:c7:4b:b3:66:8f:0b:
         c4:69:d1:19:a5:da:9e:8e:18:f6:3a:e8:96:06:81:e4:4d:cc:
         8a:1f:61:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OQzoRDyx/hjw52YTCh2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwMTAyMTAyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzJiNDEzOTgxNjg1MTMwNzQ2NTc1N2FhZWYxNzAyNDRiOGQ0MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBk1PY3NX2C9EHQ47i2t4atnz7To
PXQ9rjwEBBmyLi6/zmvJIuviDSijXTpKo4/A3TgunIJlSLZWQJhh2xMUCp61dSx/
DUe/0zVKI4cKtbxAKHSCe44y38O7ZlTAevJitzEK3aIQiXR6rnfwD/xKwXSX5KVZ
tH7O6v5bwbQGQ26LujHUVxGc9vG46+d9ovto15obg0/fdvo75APzPFtGeD662U7W
cXkOGAAJDegBAdWq9NF6mdi9dWUZcdgcv+1h1TVkt+ejDIbAzmmMmpKSl/dwhTix
csMZF60z1wv5r0m1cm1PFK7ZQvC6FHhwVPlDanZ8/vKwI9BBOXeaUt4XcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFcrQTmBaFEwdGV1eq7xcCRLjUBWMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvVnl0Qk9ZRm9VVEIwWlhWNnJ2RndKRXVOUUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvF1sMA0G
CSqGSIb3DQEBCwUAA4IBAQBOD3wIXYK8Sx1+qOuP1zzc+JOi/ET5gcXo8mYEVRPA
t4ylQwN7I9MAk9Hf//Awi7WYdiiqpqNBArJ2hEeu2YCpsrmjxnZir9N/W6pjt5Vu
9YzqKkL1P3sVE+mgT+GYseU6LvmujioL9NrJGjk77St9/0flcvKzvoQ5cnmw0PNQ
98BJBEHJXXOqHCQ/R0nmCrK7LpROe0rCJHpN3gic7ygO5GGR/Cn94C63jicbTmKo
e+XZpSRY4HxQ8Pda50rX/G395Wukw1thuL0Y4hn7HYs7mBqPayLNTZPzIfMVrzoK
9GC5WXzHS7NmjwvEadEZpdqejhj2OuiWBoHkTcyKH2Fa
-----END CERTIFICATE-----