This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/Ayy3FQCZfsnrrkGpwiilXLbjkWM.roa
File:                     Ayy3FQCZfsnrrkGpwiilXLbjkWM.roa (raw, json)
Hash identifier:          esgmCzM37dMW6UxbTfw9yQ8cfp/xjD2YDV7D5NJMYIE=
Subject key identifier:   03:2C:B7:15:00:99:7E:C9:EB:AE:41:A9:C2:28:A5:5C:B6:E3:91:63
Certificate issuer:       /CN=a90e28f2e509fe37ac5c3401a0a8c11029b621e4
Certificate serial:       019B7834F7FDE51CBF1B99185D50B8EC8A50
Authority key identifier: A9:0E:28:F2:E5:09:FE:37:AC:5C:34:01:A0:A8:C1:10:29:B6:21:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/Ayy3FQCZfsnrrkGpwiilXLbjkWM.roa
Signing time:             Thu 01 Jan 2026 06:18:15 +0000
ROA not before:           Thu 01 Jan 2026 06:18:15 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     12874
IP address blocks:        45.82.228.0/22 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 15:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:f7:fd:e5:1c:bf:1b:99:18:5d:50:b8:ec:8a:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90e28f2e509fe37ac5c3401a0a8c11029b621e4
        Validity
            Not Before: Jan  1 06:18:15 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=032cb71500997ec9ebae41a9c228a55cb6e39163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ce:f0:c7:8e:a8:3b:b6:75:e3:16:6d:68:89:
                    0a:e7:7d:15:06:f2:53:f9:44:e9:50:f7:38:4a:42:
                    1d:1f:e2:63:50:06:6d:0b:7c:3b:64:e8:b8:79:31:
                    86:59:fc:f7:f7:19:ae:68:7b:13:b0:65:9a:51:b7:
                    0e:ec:35:f5:22:0a:7a:97:37:f1:f4:33:b6:0d:96:
                    ff:4c:35:f0:cf:5d:f9:1d:da:57:77:d5:6c:00:ef:
                    4b:c9:4d:46:a3:d5:dd:ed:ff:a9:7b:b5:b5:88:4a:
                    ab:77:95:1d:d7:de:47:68:32:fb:34:9b:33:f5:2f:
                    30:a2:12:57:3d:75:f8:81:b3:ba:4b:0d:5d:f4:34:
                    50:35:48:c5:66:b1:55:fc:e0:58:1a:59:1f:16:2d:
                    0a:bb:0d:3b:e9:b2:64:a3:82:f6:67:c1:09:e3:f1:
                    92:55:54:30:32:8b:93:65:0c:0d:28:83:8f:06:01:
                    f6:41:68:c5:2d:02:f2:17:d1:ec:04:e7:12:2f:03:
                    47:45:f5:c8:65:23:08:0f:ac:51:ca:65:6e:bc:68:
                    27:c7:48:b7:73:7b:41:7a:bf:2c:71:ea:11:a0:c3:
                    c1:b6:5e:3b:8d:8b:1f:7b:59:eb:f2:66:01:7b:42:
                    41:fe:b4:63:d1:3e:d4:e3:60:1a:94:05:26:05:43:
                    f2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:2C:B7:15:00:99:7E:C9:EB:AE:41:A9:C2:28:A5:5C:B6:E3:91:63
            X509v3 Authority Key Identifier:
                keyid:A9:0E:28:F2:E5:09:FE:37:AC:5C:34:01:A0:A8:C1:10:29:B6:21:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/Ayy3FQCZfsnrrkGpwiilXLbjkWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/99e585-a652-44f3-a531-a003bfdf4e45/1/qQ4o8uUJ_jesXDQBoKjBECm2IeQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:ac:b9:ad:f1:40:df:ca:55:b3:e7:86:66:03:3a:e2:a1:bb:
         26:f3:ac:11:bd:a3:48:96:4b:b1:23:91:5a:ea:20:6a:e9:d6:
         9a:61:c2:12:fc:ef:58:fb:d0:78:ea:cb:2f:86:45:b2:c9:3a:
         66:93:50:b6:62:fc:c4:e8:51:9a:f4:94:f0:30:48:ff:72:9d:
         cc:b6:da:5a:2f:99:68:e4:0c:ba:a7:f5:74:c5:62:50:48:bf:
         51:45:5b:55:c8:88:4f:15:94:b0:93:d8:4f:4b:62:29:c0:19:
         b9:09:9b:24:06:76:ac:39:01:c3:0b:76:c1:f0:5b:cf:90:f0:
         40:f8:6c:64:2f:b6:1b:06:95:42:38:b0:71:e4:a4:db:36:eb:
         05:99:9e:5b:be:81:e9:02:b2:a6:a3:59:c9:77:a5:e6:6d:25:
         bc:ea:95:1f:ab:7c:9b:67:af:ef:33:d8:2d:9b:c9:45:d7:96:
         7c:37:d0:8f:dc:b5:64:5a:ba:c3:3b:34:af:cd:33:1d:7c:30:
         77:2b:50:92:95:9c:2e:ea:29:45:3d:7a:a2:c1:4f:3b:47:61:
         56:09:21:bb:f2:e8:ae:d8:cd:a9:60:29:e2:2f:be:23:0d:4f:
         9f:73:7c:3b:bc:35:e3:7d:46:4d:e5:28:ee:6a:3d:33:16:3a:
         2e:a6:3e:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NPf95Ry/G5kYXVC47IpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGUyOGYyZTUwOWZlMzdhYzVjMzQwMWEwYThjMTEwMjli
NjIxZTQwHhcNMjYwMTAxMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzJjYjcxNTAwOTk3ZWM5ZWJhZTQxYTljMjI4YTU1Y2I2ZTM5MTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr87wx46oO7Z14xZtaIkK530VBvJT
+UTpUPc4SkIdH+JjUAZtC3w7ZOi4eTGGWfz39xmuaHsTsGWaUbcO7DX1Igp6lzfx
9DO2DZb/TDXwz135HdpXd9VsAO9LyU1Go9Xd7f+pe7W1iEqrd5Ud195HaDL7NJsz
9S8wohJXPXX4gbO6Sw1d9DRQNUjFZrFV/OBYGlkfFi0Kuw076bJko4L2Z8EJ4/GS
VVQwMouTZQwNKIOPBgH2QWjFLQLyF9HsBOcSLwNHRfXIZSMID6xRymVuvGgnx0i3
c3tBer8sceoRoMPBtl47jYsfe1nr8mYBe0JB/rRj0T7U42AalAUmBUPydwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMstxUAmX7J665BqcIopVy245FjMB8GA1UdIwQY
MBaAFKkOKPLlCf43rFw0AaCowRAptiHkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVE0bzh1VUpfamVzWERRQm9LakJFQ20ySWVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85OWU1ODUtYTY1Mi00NGYzLWE1MzEt
YTAwM2JmZGY0ZTQ1LzEvQXl5M0ZRQ1pmc25ycmtHcHdpaWxYTGJqa1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85OWU1ODUtYTY1Mi00NGYzLWE1MzEtYTAwM2JmZGY0ZTQ1
LzEvcVE0bzh1VUpfamVzWERRQm9LakJFQ20ySWVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVLkMA0G
CSqGSIb3DQEBCwUAA4IBAQAjrLmt8UDfylWz54ZmAzriobsm86wRvaNIlkuxI5Fa
6iBq6daaYcIS/O9Y+9B46ssvhkWyyTpmk1C2YvzE6FGa9JTwMEj/cp3MttpaL5lo
5Ay6p/V0xWJQSL9RRVtVyIhPFZSwk9hPS2IpwBm5CZskBnasOQHDC3bB8FvPkPBA
+GxkL7YbBpVCOLBx5KTbNusFmZ5bvoHpArKmo1nJd6XmbSW86pUfq3ybZ6/vM9gt
m8lF15Z8N9CP3LVkWrrDOzSvzTMdfDB3K1CSlZwu6ilFPXqiwU87R2FWCSG78uiu
2M2pYCniL74jDU+fc3w7vDXjfUZN5Sjuaj0zFjoupj5B
-----END CERTIFICATE-----
Generated at Mon Jan 26 01:15:06 2026 by rpki-client