This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/iNKNZeSZcVKtwBDeM9cWD2QfKgw.roa
File:                     iNKNZeSZcVKtwBDeM9cWD2QfKgw.roa (raw, json)
Hash identifier:          Ufjl8hlKJynYjHQsITek/FLuhc46CrmvrHtUUc2zMOY=
Subject key identifier:   88:D2:8D:65:E4:99:71:52:AD:C0:10:DE:33:D7:16:0F:64:1F:2A:0C
Certificate issuer:       /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial:       019B79EBB351C14310C1C2E9B68C96B8F4D9
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/iNKNZeSZcVKtwBDeM9cWD2QfKgw.roa
Signing time:             Thu 01 Jan 2026 14:17:28 +0000
ROA not before:           Thu 01 Jan 2026 14:17:28 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202856
IP address blocks:        62.218.173.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 14:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:eb:b3:51:c1:43:10:c1:c2:e9:b6:8c:96:b8:f4:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
        Validity
            Not Before: Jan  1 14:17:28 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=88d28d65e4997152adc010de33d7160f641f2a0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:56:d4:09:d8:be:a5:4a:30:fd:cd:f5:4e:75:
                    ab:24:86:dd:de:a3:6d:0a:d3:7c:66:e8:0d:a4:61:
                    9f:1b:f8:91:4e:bf:9b:df:9b:4d:5c:66:00:14:99:
                    19:68:80:be:ac:ac:c2:a9:4b:31:ab:3b:4d:18:ba:
                    bf:ca:ae:59:c3:ed:e4:79:56:a0:5d:37:b7:19:90:
                    ff:8f:f8:d6:86:14:4a:e8:8b:a1:d4:c7:4b:c6:5e:
                    7f:06:30:4c:d8:ef:ee:4c:8f:f2:ab:bf:8e:62:88:
                    41:93:56:29:2d:5c:43:f0:93:e5:b7:1e:ab:03:2b:
                    57:85:6b:00:7d:5f:2d:d9:13:19:9a:1e:7f:f0:9a:
                    f7:4b:c4:e2:9d:a2:d5:ef:d1:03:0a:0f:41:bb:c5:
                    4f:0f:e0:19:b3:44:2d:e9:60:3f:3d:06:9f:46:84:
                    82:48:31:c3:28:2d:93:4d:7c:45:fd:55:54:d8:8d:
                    b3:31:92:11:97:2b:8d:95:65:35:98:a8:a7:d4:9c:
                    33:2a:24:ea:2c:61:de:3a:cd:c9:4d:f5:35:ca:30:
                    03:90:82:50:e6:fe:3d:c9:e6:d1:4b:a4:3b:e5:b5:
                    9e:98:df:03:8a:78:a0:06:60:3a:72:06:b1:8b:fa:
                    34:26:9f:47:fc:11:c4:9c:ba:f1:f8:16:6f:44:e3:
                    99:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:D2:8D:65:E4:99:71:52:AD:C0:10:DE:33:D7:16:0F:64:1F:2A:0C
            X509v3 Authority Key Identifier:
                keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/iNKNZeSZcVKtwBDeM9cWD2QfKgw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.218.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:49:ef:01:34:5e:44:d1:31:a1:99:c8:b3:9a:1a:55:93:a4:
         04:d3:cf:df:c8:5f:d2:47:5b:a5:30:da:6a:f3:3f:83:af:cd:
         fc:0b:ca:d9:05:cc:1a:d3:81:51:b7:18:46:8d:f8:67:8c:cc:
         7f:47:86:48:ec:6c:fc:31:6a:f9:3f:94:6b:fc:8d:cf:37:91:
         5f:d0:34:3a:2b:d2:70:58:91:81:a5:56:68:d1:7d:dc:08:4f:
         0a:37:91:5b:ba:78:c0:b1:05:a6:d1:9a:27:41:0a:b3:c2:e7:
         4c:30:45:c8:67:39:03:eb:c7:16:5d:f0:cd:fc:cd:07:4b:bb:
         c5:80:30:af:b6:32:c8:ea:e7:55:79:0a:20:9e:b2:9b:6c:f2:
         55:72:f0:e2:93:7d:b5:bd:41:9d:69:6c:a9:b6:5b:1f:76:a5:
         20:ed:31:63:e7:35:56:2f:9e:cc:73:7c:22:99:0c:3a:7c:cc:
         80:f5:53:6b:05:af:9e:60:ef:88:64:c7:c6:7c:ba:df:1e:58:
         02:2d:6b:3b:49:a2:67:03:9f:92:7d:e7:9f:35:af:2a:31:92:
         1b:f6:da:14:3a:53:ae:98:82:24:45:fb:c0:fc:6e:e7:2f:ad:
         e3:99:37:91:b8:c0:ef:24:d3:75:2d:28:a8:1f:27:65:99:f7:
         44:0a:81:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt567NRwUMQwcLptoyWuPTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjYwMTAxMTQxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQyOGQ2NWU0OTk3MTUyYWRjMDEwZGUzM2Q3MTYwZjY0MWYyYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFbUCdi+pUow/c31TnWrJIbd3qNt
CtN8ZugNpGGfG/iRTr+b35tNXGYAFJkZaIC+rKzCqUsxqztNGLq/yq5Zw+3keVag
XTe3GZD/j/jWhhRK6Iuh1MdLxl5/BjBM2O/uTI/yq7+OYohBk1YpLVxD8JPltx6r
AytXhWsAfV8t2RMZmh5/8Jr3S8TinaLV79EDCg9Bu8VPD+AZs0Qt6WA/PQafRoSC
SDHDKC2TTXxF/VVU2I2zMZIRlyuNlWU1mKin1JwzKiTqLGHeOs3JTfU1yjADkIJQ
5v49yebRS6Q75bWemN8DinigBmA6cgaxi/o0Jp9H/BHEnLrx+BZvROOZBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjSjWXkmXFSrcAQ3jPXFg9kHyoMMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvaU5LTlplU1pjVkt0d0JEZU05Y1dEMlFmS2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPtqtMA0G
CSqGSIb3DQEBCwUAA4IBAQBASe8BNF5E0TGhmcizmhpVk6QE08/fyF/SR1ulMNpq
8z+Dr838C8rZBcwa04FRtxhGjfhnjMx/R4ZI7Gz8MWr5P5Rr/I3PN5Ff0DQ6K9Jw
WJGBpVZo0X3cCE8KN5FbunjAsQWm0ZonQQqzwudMMEXIZzkD68cWXfDN/M0HS7vF
gDCvtjLI6udVeQognrKbbPJVcvDik321vUGdaWyptlsfdqUg7TFj5zVWL57Mc3wi
mQw6fMyA9VNrBa+eYO+IZMfGfLrfHlgCLWs7SaJnA5+SfeefNa8qMZIb9toUOlOu
mIIkRfvA/G7nL63jmTeRuMDvJNN1LSioHydlmfdECoEP
-----END CERTIFICATE-----