This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/uTaIFz1uKDcuAGI72zb9cgQJSDU.roa
File:                     uTaIFz1uKDcuAGI72zb9cgQJSDU.roa (raw, json)
Hash identifier:          /chT2KHjwm4Z4cMac2BTFt3alYJEDlnfPwAVuuzxgMw=
Subject key identifier:   B9:36:88:17:3D:6E:28:37:2E:00:62:3B:DB:36:FD:72:04:09:48:35
Certificate issuer:       /CN=63416ac9a21937788cadc77b7a9f89b6d4c55a4a
Certificate serial:       019B7E387F2E9A212FB25FAE6E27F94B7BEB
Authority key identifier: 63:41:6A:C9:A2:19:37:78:8C:AD:C7:7B:7A:9F:89:B6:D4:C5:5A:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y0FqyaIZN3iMrcd7ep-JttTFWko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/uTaIFz1uKDcuAGI72zb9cgQJSDU.roa
Signing time:             Fri 02 Jan 2026 10:19:50 +0000
ROA not before:           Fri 02 Jan 2026 10:19:50 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16347
IP address blocks:        185.222.144.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/Y0FqyaIZN3iMrcd7ep-JttTFWko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/Y0FqyaIZN3iMrcd7ep-JttTFWko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y0FqyaIZN3iMrcd7ep-JttTFWko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:7f:2e:9a:21:2f:b2:5f:ae:6e:27:f9:4b:7b:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63416ac9a21937788cadc77b7a9f89b6d4c55a4a
        Validity
            Not Before: Jan  2 10:19:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b93688173d6e28372e00623bdb36fd7204094835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e9:9d:87:07:b4:c1:32:64:22:70:17:14:38:
                    9d:1d:5b:c0:af:7a:11:25:1a:41:6e:c8:06:ba:48:
                    0a:b9:f7:b1:18:9d:7a:a0:d8:93:1c:a3:4a:ea:4c:
                    c2:e8:21:f2:3c:df:64:42:3c:db:c1:6a:b5:f0:38:
                    6b:a2:aa:83:89:76:f5:55:80:7c:4f:9e:b6:59:92:
                    86:88:ec:db:5c:1d:20:2e:c1:16:17:07:a8:a4:8d:
                    26:f4:d2:98:5f:5c:9a:9d:83:9a:e5:e3:60:00:77:
                    63:5e:ea:13:7a:90:47:8a:89:6f:48:cc:de:55:be:
                    bf:10:3f:5f:75:82:ba:66:3a:50:6b:09:60:a9:8f:
                    ee:89:c3:b6:08:d8:5f:c1:f9:7a:c2:22:45:5c:f0:
                    e1:78:f5:27:56:b1:10:e1:15:27:38:c3:59:e1:e5:
                    e3:12:eb:e6:57:9a:a4:3d:37:f3:70:18:22:83:55:
                    65:d4:de:28:54:b8:53:ec:71:7d:7c:27:48:87:c4:
                    de:4a:b9:ac:08:31:92:08:bd:ac:b1:08:29:7f:49:
                    cd:e0:bb:4d:6f:5b:d8:12:01:d3:39:66:bd:46:a6:
                    12:c2:25:a6:02:d9:9b:d4:e7:77:1e:47:a5:49:38:
                    5c:1b:9d:ca:82:9f:55:9b:60:8f:24:f8:87:0f:e3:
                    b2:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:36:88:17:3D:6E:28:37:2E:00:62:3B:DB:36:FD:72:04:09:48:35
            X509v3 Authority Key Identifier:
                keyid:63:41:6A:C9:A2:19:37:78:8C:AD:C7:7B:7A:9F:89:B6:D4:C5:5A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0FqyaIZN3iMrcd7ep-JttTFWko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/uTaIFz1uKDcuAGI72zb9cgQJSDU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/83607f-14b4-4217-b6cd-b7bae910c7ac/1/Y0FqyaIZN3iMrcd7ep-JttTFWko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.222.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:62:3a:30:18:a7:83:2c:fb:a1:f6:c2:f2:74:5a:89:81:02:
         4b:6c:27:7c:04:5a:d0:9e:db:1d:14:f4:7a:60:03:ec:09:be:
         64:fd:8c:f3:68:c9:d9:8c:50:23:d1:c7:7d:24:8e:e9:b8:0a:
         a3:8a:4f:6c:82:80:f7:5c:a2:c2:e7:9d:77:06:28:c9:4b:e7:
         77:02:d1:7c:40:f8:82:5f:0c:46:27:92:79:fb:cd:93:2a:e0:
         f9:bb:3e:b9:b0:b8:c4:ff:78:21:09:f5:e0:f7:91:7e:a0:bd:
         3e:50:fa:23:d0:9b:7b:31:00:2b:7c:0f:3b:ef:0a:10:62:c2:
         52:2d:cb:06:00:d6:fa:c7:cc:ce:0a:d9:af:9b:b6:8c:6b:45:
         1f:3a:e3:ae:65:5c:e4:50:a1:3a:7d:a6:1e:a0:2f:aa:f7:48:
         30:33:cb:8f:8f:1c:bc:e1:3c:bb:04:51:41:f1:16:b4:86:36:
         21:75:44:a6:d2:13:90:39:1e:b9:df:f2:09:88:33:18:36:43:
         96:09:33:04:91:51:67:5f:e8:83:7f:0d:84:25:07:12:ea:c2:
         4b:5a:b9:d1:db:65:c4:37:1c:d0:e2:1a:e3:95:be:a6:2f:44:
         9e:63:b2:4b:cd:fd:36:64:8f:51:2f:a0:1d:e1:d7:df:27:20:
         17:06:81:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OH8umiEvsl+ubif5S3vrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDE2YWM5YTIxOTM3Nzg4Y2FkYzc3YjdhOWY4OWI2ZDRj
NTVhNGEwHhcNMjYwMTAyMTAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTM2ODgxNzNkNmUyODM3MmUwMDYyM2JkYjM2ZmQ3MjA0MDk0ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0emdhwe0wTJkInAXFDidHVvAr3oR
JRpBbsgGukgKufexGJ16oNiTHKNK6kzC6CHyPN9kQjzbwWq18DhroqqDiXb1VYB8
T562WZKGiOzbXB0gLsEWFweopI0m9NKYX1yanYOa5eNgAHdjXuoTepBHiolvSMze
Vb6/ED9fdYK6ZjpQawlgqY/uicO2CNhfwfl6wiJFXPDhePUnVrEQ4RUnOMNZ4eXj
EuvmV5qkPTfzcBgig1Vl1N4oVLhT7HF9fCdIh8TeSrmsCDGSCL2ssQgpf0nN4LtN
b1vYEgHTOWa9RqYSwiWmAtmb1Od3HkelSThcG53Kgp9Vm2CPJPiHD+OyvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLk2iBc9big3LgBiO9s2/XIECUg1MB8GA1UdIwQY
MBaAFGNBasmiGTd4jK3He3qfibbUxVpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBGcXlhSVpOM2lNcmNkN2VwLUp0dFRGV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84MzYwN2YtMTRiNC00MjE3LWI2Y2Qt
YjdiYWU5MTBjN2FjLzEvdVRhSUZ6MXVLRGN1QUdJNzJ6YjljZ1FKU0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84MzYwN2YtMTRiNC00MjE3LWI2Y2QtYjdiYWU5MTBjN2Fj
LzEvWTBGcXlhSVpOM2lNcmNkN2VwLUp0dFRGV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud6QMA0G
CSqGSIb3DQEBCwUAA4IBAQAAYjowGKeDLPuh9sLydFqJgQJLbCd8BFrQntsdFPR6
YAPsCb5k/YzzaMnZjFAj0cd9JI7puAqjik9sgoD3XKLC5513BijJS+d3AtF8QPiC
XwxGJ5J5+82TKuD5uz65sLjE/3ghCfXg95F+oL0+UPoj0Jt7MQArfA877woQYsJS
LcsGANb6x8zOCtmvm7aMa0UfOuOuZVzkUKE6faYeoC+q90gwM8uPjxy84Ty7BFFB
8Ra0hjYhdUSm0hOQOR653/IJiDMYNkOWCTMEkVFnX+iDfw2EJQcS6sJLWrnR22XE
NxzQ4hrjlb6mL0SeY7JLzf02ZI9RL6Ad4dffJyAXBoGp
-----END CERTIFICATE-----