This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/06CiJdO9HY0Au03AcAurjfb-Gbo.roa
File:                     06CiJdO9HY0Au03AcAurjfb-Gbo.roa (raw, json)
Hash identifier:          G2id8BLM47E0KAXCQ9t2IpyzxImdIOcWfQNsmcd/Suw=
Subject key identifier:   D3:A0:A2:25:D3:BD:1D:8D:00:BB:4D:C0:70:0B:AB:8D:F6:FE:19:BA
Certificate issuer:       /CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
Certificate serial:       019B797E516EF2212D2C05CDC831BA747373
Authority key identifier: 26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/06CiJdO9HY0Au03AcAurjfb-Gbo.roa
Signing time:             Thu 01 Jan 2026 12:18:00 +0000
ROA not before:           Thu 01 Jan 2026 12:18:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8412
IP address blocks:        185.225.96.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:51:6e:f2:21:2d:2c:05:cd:c8:31:ba:74:73:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
        Validity
            Not Before: Jan  1 12:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d3a0a225d3bd1d8d00bb4dc0700bab8df6fe19ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:67:c3:d8:c4:48:31:1c:ae:dd:77:30:36:14:
                    6e:0d:8a:71:00:44:cd:86:5c:e0:5c:53:8a:fe:60:
                    d8:43:ea:23:8e:ba:a8:e8:fc:c1:8f:1a:1b:81:59:
                    af:9e:f5:e5:d4:31:39:05:aa:34:2c:46:21:2b:34:
                    93:c6:5d:11:5d:2c:6d:07:c0:ab:0e:9c:3a:69:14:
                    bf:ca:30:0d:5c:3f:00:8e:68:9f:00:45:29:3c:37:
                    81:4b:ba:f8:6a:d4:06:2d:e0:21:e9:94:14:dc:77:
                    59:db:05:37:0a:eb:2d:5e:4f:34:2f:30:af:3b:ee:
                    7a:e0:b8:63:f2:1c:75:4e:60:e1:44:ae:9b:84:ea:
                    7f:7d:af:a3:25:b7:d8:f2:31:70:d5:2a:10:db:2a:
                    61:24:1f:d3:7e:5d:83:b8:cf:3a:69:c9:ee:36:80:
                    98:b3:eb:cc:e5:cd:c7:de:53:3a:a1:10:81:2d:be:
                    81:82:dc:82:2d:5e:24:95:24:9f:9e:14:bc:f4:d2:
                    5b:ef:86:cb:0b:57:a9:0a:6a:88:6d:a9:e4:e5:c6:
                    ac:76:58:9a:9b:e4:f6:9a:3c:71:66:06:c9:33:86:
                    0e:f2:e2:23:2d:8e:28:92:6d:ce:f6:c6:69:4f:2d:
                    08:3e:5e:8e:9a:06:fe:1f:2b:6a:12:cf:f5:b7:3e:
                    9f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:A0:A2:25:D3:BD:1D:8D:00:BB:4D:C0:70:0B:AB:8D:F6:FE:19:BA
            X509v3 Authority Key Identifier:
                keyid:26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/06CiJdO9HY0Au03AcAurjfb-Gbo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:a9:7f:2e:cb:ed:87:69:bd:11:b2:29:c6:1d:36:54:5a:1b:
         1e:e8:bf:0d:11:0d:32:e5:e6:f8:0c:b8:8c:d6:40:db:4b:30:
         67:61:5d:d5:9c:67:d8:ae:50:22:15:24:88:4a:27:82:01:9a:
         9c:eb:43:ff:db:df:65:fb:2b:4b:0f:05:a3:f0:a0:c6:c1:e5:
         40:c1:9c:c0:0f:18:5e:d4:9c:78:41:c7:fb:55:3d:27:b9:c3:
         56:9d:ab:2c:ae:0b:32:40:2a:13:c1:22:d8:89:ba:61:a3:bc:
         30:6b:51:ca:9e:dc:ba:48:f0:3f:48:60:f2:17:74:b7:d1:07:
         8f:39:9a:87:7e:8c:05:97:72:c7:bc:e8:ad:8d:0b:6e:97:97:
         b1:9b:52:1c:c2:f9:e9:e2:1d:6d:36:70:9f:7a:a9:39:a1:17:
         26:7b:70:bb:09:0f:20:ce:a7:0b:6c:72:6b:8f:50:f1:32:14:
         7b:4f:f1:4a:27:72:47:c5:fa:f4:ea:f8:33:2d:be:19:db:1c:
         c5:f2:d5:1b:1d:62:c2:07:30:40:f7:47:8e:f8:be:26:8c:9c:
         46:73:56:a4:11:07:ee:8a:10:fc:73:a3:dc:8c:30:aa:87:65:
         4d:9a:57:77:87:3a:45:1b:26:92:42:be:c7:5d:02:2f:7e:95:
         d3:24:75:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5flFu8iEtLAXNyDG6dHNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDlhMTZjMmZhN2Q0YzM3MGI1MzI1MjE0YmU0NDIwYjYx
MWYxZjkwHhcNMjYwMTAxMTIxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2EwYTIyNWQzYmQxZDhkMDBiYjRkYzA3MDBiYWI4ZGY2ZmUxOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2fD2MRIMRyu3XcwNhRuDYpxAETN
hlzgXFOK/mDYQ+ojjrqo6PzBjxobgVmvnvXl1DE5Bao0LEYhKzSTxl0RXSxtB8Cr
Dpw6aRS/yjANXD8AjmifAEUpPDeBS7r4atQGLeAh6ZQU3HdZ2wU3CustXk80LzCv
O+564Lhj8hx1TmDhRK6bhOp/fa+jJbfY8jFw1SoQ2yphJB/Tfl2DuM86acnuNoCY
s+vM5c3H3lM6oRCBLb6BgtyCLV4klSSfnhS89NJb74bLC1epCmqIbank5casdlia
m+T2mjxxZgbJM4YO8uIjLY4okm3O9sZpTy0IPl6Omgb+HytqEs/1tz6f3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOgoiXTvR2NALtNwHALq432/hm6MB8GA1UdIwQY
MBaAFCbZoWwvp9TDcLUyUhS+RCC2EfH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEt
NDQwMjNjM2I3ODRlLzEvMDZDaUpkTzlIWTBBdTAzQWNBdXJqZmItR2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEtNDQwMjNjM2I3ODRl
LzEvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHqX8uy+2Hab0RsinGHTZUWhse6L8NEQ0y5eb4DLiM
1kDbSzBnYV3VnGfYrlAiFSSISieCAZqc60P/299l+ytLDwWj8KDGweVAwZzADxhe
1Jx4Qcf7VT0nucNWnassrgsyQCoTwSLYibpho7wwa1HKnty6SPA/SGDyF3S30QeP
OZqHfowFl3LHvOitjQtul5exm1Icwvnp4h1tNnCfeqk5oRcme3C7CQ8gzqcLbHJr
j1DxMhR7T/FKJ3JHxfr06vgzLb4Z2xzF8tUbHWLCBzBA90eO+L4mjJxGc1akEQfu
ihD8c6PcjDCqh2VNmld3hzpFGyaSQr7HXQIvfpXTJHXm
-----END CERTIFICATE-----