This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/An2l5nFXJ60Dmnc7ytV8xeoA-4w.roa
File:                     An2l5nFXJ60Dmnc7ytV8xeoA-4w.roa (raw, json)
Hash identifier:          XripkKF1BDgNijV9Sww4y4Pa3QzTCZtDgL7y8YpoE00=
Subject key identifier:   02:7D:A5:E6:71:57:27:AD:03:9A:77:3B:CA:D5:7C:C5:EA:00:FB:8C
Certificate issuer:       /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial:       019B7AC8B562207F5336FABF318207E3E0B1
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/An2l5nFXJ60Dmnc7ytV8xeoA-4w.roa
Signing time:             Thu 01 Jan 2026 18:18:52 +0000
ROA not before:           Thu 01 Jan 2026 18:18:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     29286
IP address blocks:        82.205.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:b5:62:20:7f:53:36:fa:bf:31:82:07:e3:e0:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
        Validity
            Not Before: Jan  1 18:18:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=027da5e6715727ad039a773bcad57cc5ea00fb8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:55:98:54:b4:50:a7:a5:d1:0b:a1:e7:4c:65:
                    ca:5f:0c:7e:35:c7:9a:cc:13:40:5f:4b:78:c4:fd:
                    eb:c5:23:3a:49:0b:b3:17:00:41:b8:d7:33:ec:b5:
                    5d:7c:e3:9b:30:a1:2c:53:80:71:bf:97:c7:7e:69:
                    7e:0c:8f:fd:6e:f7:10:07:90:d1:6c:a3:74:91:cd:
                    9d:e3:11:51:10:28:79:84:d7:61:12:b3:15:7a:ec:
                    f4:6d:3a:48:e0:38:ea:a3:50:78:6a:14:c2:dd:d6:
                    f0:74:f8:c3:ca:0d:cb:3e:8b:fe:d5:51:bd:6e:6d:
                    99:4e:b9:56:16:8f:a1:a3:ee:5b:09:52:d8:26:51:
                    ee:02:bb:bd:5c:96:0e:5b:96:35:4f:71:eb:1c:dd:
                    ef:8a:47:b2:9b:21:4c:19:68:d9:22:ff:5b:92:e9:
                    78:1e:29:c7:f4:c5:b4:e7:0f:12:62:41:15:d7:64:
                    58:e7:a0:a9:c7:67:fe:f3:cf:a8:c9:72:04:1e:1e:
                    75:91:a3:5d:2b:71:7d:7a:99:9e:e7:e0:cc:f2:74:
                    1a:e0:11:6e:3d:9b:a2:7f:a6:ad:ed:38:53:c1:7e:
                    e8:86:a2:3b:38:bd:8d:48:2a:23:59:b7:e6:0d:d7:
                    c4:e9:a3:31:52:74:21:0f:76:f1:6c:99:23:19:08:
                    f9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:7D:A5:E6:71:57:27:AD:03:9A:77:3B:CA:D5:7C:C5:EA:00:FB:8C
            X509v3 Authority Key Identifier:
                keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/An2l5nFXJ60Dmnc7ytV8xeoA-4w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.205.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:a1:2f:6e:3a:b8:8f:3a:06:67:c4:8b:e4:00:cd:54:a2:fb:
         98:2e:07:54:84:3e:ed:f8:4f:6d:f0:84:65:1a:96:a8:ea:fb:
         b5:9c:f9:1c:37:04:0b:47:67:8a:31:e5:7c:ac:ff:79:0d:e0:
         78:bd:81:e9:76:50:c9:22:e7:1b:f3:85:64:d5:36:be:d7:74:
         84:be:cd:96:1d:7c:a2:be:cc:0d:b7:56:9e:eb:09:35:00:8a:
         bb:7a:50:64:9e:9f:2d:b0:d7:1a:92:b4:28:4c:45:0a:a1:19:
         d4:98:96:9e:9d:93:26:0f:aa:91:57:d0:e0:d9:2c:0b:30:d1:
         b6:71:32:5e:05:19:79:c2:3d:7a:30:8a:6a:67:52:f0:7a:56:
         fe:3c:18:b8:a7:60:d2:0c:61:90:32:d1:23:46:ed:a9:7e:86:
         ec:dc:04:3c:19:49:b1:62:9c:ec:c8:66:59:11:a9:6e:d7:ec:
         e9:56:57:40:d6:ee:7d:56:05:85:de:15:d1:6c:89:43:87:43:
         9d:bd:40:13:c4:c4:d2:c4:ab:a8:a8:f5:49:33:31:57:85:82:
         c2:fb:47:e6:9e:b7:54:5e:b0:ef:65:3b:bf:c6:f6:16:c8:5e:
         46:5f:00:52:35:f0:48:e7:aa:6d:f8:d4:24:7c:4a:bc:8f:11:
         e1:4f:96:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yLViIH9TNvq/MYIH4+CxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjYwMTAxMTgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjdkYTVlNjcxNTcyN2FkMDM5YTc3M2JjYWQ1N2NjNWVhMDBmYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FWYVLRQp6XRC6HnTGXKXwx+Ncea
zBNAX0t4xP3rxSM6SQuzFwBBuNcz7LVdfOObMKEsU4Bxv5fHfml+DI/9bvcQB5DR
bKN0kc2d4xFRECh5hNdhErMVeuz0bTpI4Djqo1B4ahTC3dbwdPjDyg3LPov+1VG9
bm2ZTrlWFo+ho+5bCVLYJlHuAru9XJYOW5Y1T3HrHN3vikeymyFMGWjZIv9bkul4
HinH9MW05w8SYkEV12RY56Cpx2f+88+oyXIEHh51kaNdK3F9epme5+DM8nQa4BFu
PZuif6at7ThTwX7ohqI7OL2NSCojWbfmDdfE6aMxUnQhD3bxbJkjGQj59wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJ9peZxVyetA5p3O8rVfMXqAPuMMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvQW4ybDVuRlhKNjBEbW5jN3l0Vjh4ZW9BLTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUs25MA0G
CSqGSIb3DQEBCwUAA4IBAQA9oS9uOriPOgZnxIvkAM1UovuYLgdUhD7t+E9t8IRl
Gpao6vu1nPkcNwQLR2eKMeV8rP95DeB4vYHpdlDJIucb84Vk1Ta+13SEvs2WHXyi
vswNt1ae6wk1AIq7elBknp8tsNcakrQoTEUKoRnUmJaenZMmD6qRV9Dg2SwLMNG2
cTJeBRl5wj16MIpqZ1Lwelb+PBi4p2DSDGGQMtEjRu2pfobs3AQ8GUmxYpzsyGZZ
Ealu1+zpVldA1u59VgWF3hXRbIlDh0OdvUATxMTSxKuoqPVJMzFXhYLC+0fmnrdU
XrDvZTu/xvYWyF5GXwBSNfBI56pt+NQkfEq8jxHhT5b/
-----END CERTIFICATE-----