This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OgIwK6Tx2zwA1fHLJIrCrqm3UeA.roa
File:                     OgIwK6Tx2zwA1fHLJIrCrqm3UeA.roa (raw, json)
Hash identifier:          FbVZVXDOVwj+y5SQt1PDmIRVmyobtsKEfJnsZp3Qjb4=
Subject key identifier:   3A:02:30:2B:A4:F1:DB:3C:00:D5:F1:CB:24:8A:C2:AE:A9:B7:51:E0
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       019B7C138880B6DB9C616DF5829F0866A047
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OgIwK6Tx2zwA1fHLJIrCrqm3UeA.roa
Signing time:             Fri 02 Jan 2026 00:20:13 +0000
ROA not before:           Fri 02 Jan 2026 00:20:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205896
IP address blocks:        185.220.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 23:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:88:80:b6:db:9c:61:6d:f5:82:9f:08:66:a0:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 00:20:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3a02302ba4f1db3c00d5f1cb248ac2aea9b751e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7c:7b:6e:0b:44:05:d2:f9:a3:7f:1b:bb:d8:
                    64:c6:a4:20:ac:19:5d:b0:d9:cf:bc:07:fa:66:dc:
                    80:d0:5d:54:d2:0e:4f:87:cd:3d:44:93:fe:be:f5:
                    06:0d:3d:11:07:12:ce:76:bf:a3:6b:be:7d:d0:5d:
                    b4:eb:9e:34:31:a4:fe:50:65:5f:13:7f:95:ec:a1:
                    22:d6:4e:8e:9c:0a:5f:cd:e4:0b:3f:53:45:8c:cf:
                    ef:4b:81:57:02:d9:39:83:9f:f8:ae:40:4c:ca:ab:
                    89:c8:f8:f2:d6:fc:6c:7d:5b:54:fa:d1:4b:f6:3b:
                    12:32:3e:22:f7:ef:2e:0f:e7:85:be:9d:b7:91:ec:
                    77:f5:0d:0b:cf:85:49:b0:1e:f5:df:63:03:e8:61:
                    7e:f6:d5:d6:0a:68:ad:27:dc:3c:0f:56:9e:c1:2d:
                    d7:2d:b1:57:3e:6e:76:19:96:ad:b0:8d:86:9a:22:
                    e4:c8:30:15:5b:f9:cf:a3:42:21:ad:e5:bb:d0:9d:
                    4a:46:a1:b1:a2:c0:e3:d5:72:8e:32:ab:24:00:36:
                    e0:62:27:2c:dc:e0:02:30:4f:5d:e0:68:06:fd:0a:
                    93:63:a3:72:22:cc:2e:ce:99:8d:c8:52:b8:df:34:
                    f9:b8:db:52:e6:ae:19:2c:e7:91:ec:8a:68:0a:45:
                    36:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:02:30:2B:A4:F1:DB:3C:00:D5:F1:CB:24:8A:C2:AE:A9:B7:51:E0
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OgIwK6Tx2zwA1fHLJIrCrqm3UeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:06:80:f4:06:a6:c7:d5:3c:f3:4d:52:57:8d:65:99:c4:63:
         aa:91:43:49:7a:fb:b4:66:96:05:9b:da:14:8a:8b:3f:e6:6e:
         98:3a:ea:7c:12:1a:df:82:bc:30:61:10:b7:ef:00:64:47:63:
         f0:63:de:1e:8c:06:b8:b9:d4:47:ae:44:7c:e4:10:ea:7c:01:
         84:f8:6f:01:ed:a4:86:eb:3a:70:e4:6e:ea:a8:a0:15:36:88:
         7c:89:2d:30:10:08:d1:64:26:3b:d6:04:83:1f:19:85:4b:c9:
         f5:4f:78:0d:1c:19:f3:c0:d7:e7:c8:40:87:0f:a0:0a:dc:f0:
         9a:20:48:06:96:a6:26:00:19:92:59:57:c0:a9:e8:e9:92:93:
         d1:69:9c:fd:7e:bb:d9:c9:46:b3:bd:54:f2:55:a8:30:c2:9a:
         8f:36:73:81:d1:eb:95:3f:07:d9:29:d1:15:87:d4:80:c6:b4:
         58:bc:7a:69:51:3e:31:d9:55:94:b9:75:57:92:68:08:85:64:
         53:9e:fc:bc:76:c6:67:bf:b2:6c:43:2f:73:2d:82:7c:2d:6e:
         f4:31:cd:04:4c:67:9b:2d:82:b9:55:dd:64:12:52:0f:2d:71:
         52:91:45:ea:26:d2:0b:b7:e3:d6:5c:75:b2:dc:c8:89:40:00:
         0f:9c:f3:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8E4iAttucYW31gp8IZqBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMTAyMDAyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAyMzAyYmE0ZjFkYjNjMDBkNWYxY2IyNDhhYzJhZWE5Yjc1MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3x7bgtEBdL5o38bu9hkxqQgrBld
sNnPvAf6ZtyA0F1U0g5Ph809RJP+vvUGDT0RBxLOdr+ja7590F206540MaT+UGVf
E3+V7KEi1k6OnApfzeQLP1NFjM/vS4FXAtk5g5/4rkBMyquJyPjy1vxsfVtU+tFL
9jsSMj4i9+8uD+eFvp23kex39Q0Lz4VJsB7132MD6GF+9tXWCmitJ9w8D1aewS3X
LbFXPm52GZatsI2GmiLkyDAVW/nPo0IhreW70J1KRqGxosDj1XKOMqskADbgYics
3OACME9d4GgG/QqTY6NyIswuzpmNyFK43zT5uNtS5q4ZLOeR7IpoCkU26QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoCMCuk8ds8ANXxyySKwq6pt1HgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT2dJd0s2VHgyendBMWZITEpJckNycW0zVWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudz5MA0G
CSqGSIb3DQEBCwUAA4IBAQAoBoD0BqbH1TzzTVJXjWWZxGOqkUNJevu0ZpYFm9oU
ios/5m6YOup8EhrfgrwwYRC37wBkR2PwY94ejAa4udRHrkR85BDqfAGE+G8B7aSG
6zpw5G7qqKAVNoh8iS0wEAjRZCY71gSDHxmFS8n1T3gNHBnzwNfnyECHD6AK3PCa
IEgGlqYmABmSWVfAqejpkpPRaZz9frvZyUazvVTyVagwwpqPNnOB0euVPwfZKdEV
h9SAxrRYvHppUT4x2VWUuXVXkmgIhWRTnvy8dsZnv7JsQy9zLYJ8LW70Mc0ETGeb
LYK5Vd1kElIPLXFSkUXqJtILt+PWXHWy3MiJQAAPnPP3
-----END CERTIFICATE-----