This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/6ztTDGBSEjfUz5YPUm3xJqrFtBQ.roa
File:                     6ztTDGBSEjfUz5YPUm3xJqrFtBQ.roa (raw, json)
Hash identifier:          NaCtdBF9yWOeFeahp2D+pL4fXJjohl4aTNmTP8dCNsQ=
Subject key identifier:   EB:3B:53:0C:60:52:12:37:D4:CF:96:0F:52:6D:F1:26:AA:C5:B4:14
Certificate issuer:       /CN=a2b62371ec62efd0f4385fa0473056f08818de73
Certificate serial:       019B7EA73BF94C7F5358345AC9AEC160DBAB
Authority key identifier: A2:B6:23:71:EC:62:EF:D0:F4:38:5F:A0:47:30:56:F0:88:18:DE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orYjcexi79D0OF-gRzBW8IgY3nM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/6ztTDGBSEjfUz5YPUm3xJqrFtBQ.roa
Signing time:             Fri 02 Jan 2026 12:20:47 +0000
ROA not before:           Fri 02 Jan 2026 12:20:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     559
IP address blocks:        185.133.44.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/orYjcexi79D0OF-gRzBW8IgY3nM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/orYjcexi79D0OF-gRzBW8IgY3nM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orYjcexi79D0OF-gRzBW8IgY3nM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a7:3b:f9:4c:7f:53:58:34:5a:c9:ae:c1:60:db:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b62371ec62efd0f4385fa0473056f08818de73
        Validity
            Not Before: Jan  2 12:20:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=eb3b530c60521237d4cf960f526df126aac5b414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:88:13:7e:5c:41:3b:67:2f:fc:0d:8c:4a:75:
                    9a:f0:ec:46:69:11:ec:96:77:fb:a3:9b:c0:fd:97:
                    fb:40:db:36:55:75:ba:a4:a1:44:57:d1:6a:84:4f:
                    80:dc:86:bc:8b:85:37:aa:0d:13:6f:06:5b:2f:f8:
                    fb:49:0b:87:99:b1:de:28:24:8c:3a:ce:98:57:13:
                    59:3f:eb:27:79:a5:4e:b3:1d:5c:91:b1:bf:81:9c:
                    2d:1b:e8:c3:ad:41:39:ff:f6:e1:0e:d4:3e:e1:64:
                    fa:6c:d8:19:bf:06:ed:1a:86:48:b8:1d:7d:e8:a9:
                    86:1c:f1:93:1d:74:cc:1b:ef:b3:00:ec:ce:01:e8:
                    a5:18:d0:a8:a6:09:a8:1f:ee:35:01:00:5f:7f:06:
                    27:f5:1e:c3:f2:64:4b:88:af:77:6a:3b:62:0c:f8:
                    dc:21:a4:94:39:63:88:79:bd:20:87:52:34:05:bf:
                    77:8c:f6:8d:73:32:b7:b9:04:0b:50:d2:8a:06:7f:
                    3c:2d:54:d3:3a:2d:d1:db:7c:cf:d7:cd:d9:52:11:
                    7d:e2:ee:dd:72:16:4f:73:b9:b8:59:7b:81:6c:dc:
                    5f:33:bf:fe:79:dc:7f:2f:42:f7:ec:0b:55:1c:89:
                    50:46:f7:19:b5:eb:67:5b:a4:2f:d6:f6:3e:8d:ad:
                    f3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:3B:53:0C:60:52:12:37:D4:CF:96:0F:52:6D:F1:26:AA:C5:B4:14
            X509v3 Authority Key Identifier:
                keyid:A2:B6:23:71:EC:62:EF:D0:F4:38:5F:A0:47:30:56:F0:88:18:DE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orYjcexi79D0OF-gRzBW8IgY3nM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/6ztTDGBSEjfUz5YPUm3xJqrFtBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0be551-d60d-49bb-8cad-675e07235657/1/orYjcexi79D0OF-gRzBW8IgY3nM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:32:30:e1:31:bb:09:9d:59:b9:3c:62:dc:98:eb:4f:3c:71:
         12:10:55:1b:77:b0:f9:f1:77:02:e3:24:80:61:19:f5:31:43:
         26:89:ce:e0:ce:c6:b7:f2:d5:0b:98:6e:75:3b:33:56:4a:9d:
         5e:a0:36:13:a3:86:b2:49:d1:71:eb:fc:78:95:0f:84:01:68:
         35:3d:0d:21:97:1c:2e:c8:5c:62:d1:81:c1:6a:ab:eb:dd:78:
         db:98:69:5f:07:eb:56:a1:49:06:d1:d2:3f:81:3b:92:84:a0:
         2e:c7:ae:d5:23:7e:3a:47:35:21:98:72:4f:11:c6:86:65:ff:
         e5:1c:02:76:70:15:4a:b3:b6:d7:72:71:9f:c5:97:96:e9:f3:
         f2:4d:78:9b:d5:09:9f:35:3d:e5:12:c3:3e:6a:da:c6:13:44:
         47:c2:6c:ca:18:c1:b8:03:b9:2c:b7:fc:37:5d:47:ad:dc:7a:
         ec:df:3d:24:62:aa:d6:27:c6:e6:16:17:6b:5a:95:20:43:b6:
         e5:77:92:9b:86:90:0f:37:55:ef:0e:20:46:c4:78:dd:46:89:
         66:e7:98:6b:a9:1c:89:92:f0:1f:11:6a:5b:86:a5:20:6c:1b:
         00:4e:99:76:01:e5:d7:9f:22:1e:f5:27:8e:82:c8:47:0c:82:
         cd:92:e5:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pzv5TH9TWDRaya7BYNurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjYyMzcxZWM2MmVmZDBmNDM4NWZhMDQ3MzA1NmYwODgx
OGRlNzMwHhcNMjYwMTAyMTIyMDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNiNTMwYzYwNTIxMjM3ZDRjZjk2MGY1MjZkZjEyNmFhYzViNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArogTflxBO2cv/A2MSnWa8OxGaRHs
lnf7o5vA/Zf7QNs2VXW6pKFEV9FqhE+A3Ia8i4U3qg0TbwZbL/j7SQuHmbHeKCSM
Os6YVxNZP+sneaVOsx1ckbG/gZwtG+jDrUE5//bhDtQ+4WT6bNgZvwbtGoZIuB19
6KmGHPGTHXTMG++zAOzOAeilGNCopgmoH+41AQBffwYn9R7D8mRLiK93ajtiDPjc
IaSUOWOIeb0gh1I0Bb93jPaNczK3uQQLUNKKBn88LVTTOi3R23zP183ZUhF94u7d
chZPc7m4WXuBbNxfM7/+edx/L0L37AtVHIlQRvcZtetnW6Qv1vY+ja3zEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOs7UwxgUhI31M+WD1Jt8SaqxbQUMB8GA1UdIwQY
MBaAFKK2I3HsYu/Q9DhfoEcwVvCIGN5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JZamNleGk3OUQwT0YtZ1J6Qlc4SWdZM25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8wYmU1NTEtZDYwZC00OWJiLThjYWQt
Njc1ZTA3MjM1NjU3LzEvNnp0VERHQlNFamZVejVZUFVtM3hKcXJGdEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8wYmU1NTEtZDYwZC00OWJiLThjYWQtNjc1ZTA3MjM1NjU3
LzEvb3JZamNleGk3OUQwT0YtZ1J6Qlc4SWdZM25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYUsMA0G
CSqGSIb3DQEBCwUAA4IBAQCZMjDhMbsJnVm5PGLcmOtPPHESEFUbd7D58XcC4ySA
YRn1MUMmic7gzsa38tULmG51OzNWSp1eoDYTo4aySdFx6/x4lQ+EAWg1PQ0hlxwu
yFxi0YHBaqvr3XjbmGlfB+tWoUkG0dI/gTuShKAux67VI346RzUhmHJPEcaGZf/l
HAJ2cBVKs7bXcnGfxZeW6fPyTXib1QmfNT3lEsM+atrGE0RHwmzKGMG4A7kst/w3
XUet3Hrs3z0kYqrWJ8bmFhdrWpUgQ7bld5KbhpAPN1XvDiBGxHjdRolm55hrqRyJ
kvAfEWpbhqUgbBsATpl2AeXXnyIe9SeOgshHDILNkuWt
-----END CERTIFICATE-----