This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/6fX4wAIOBEBZvLFC-iBLRGtEeiw.roa
File:                     6fX4wAIOBEBZvLFC-iBLRGtEeiw.roa (raw, json)
Hash identifier:          1fbrlPTqnPZocnTa/stqBtsXytynZqrC1o4aQgI/5Ss=
Subject key identifier:   E9:F5:F8:C0:02:0E:04:40:59:BC:B1:42:FA:20:4B:44:6B:44:7A:2C
Certificate issuer:       /CN=ca707e086640056bc271d5d2b3e24d01440baa04
Certificate serial:       019B7A5B94B3A937D43D11E6230787FE282D
Authority key identifier: CA:70:7E:08:66:40:05:6B:C2:71:D5:D2:B3:E2:4D:01:44:0B:AA:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ynB-CGZABWvCcdXSs-JNAUQLqgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/6fX4wAIOBEBZvLFC-iBLRGtEeiw.roa
Signing time:             Thu 01 Jan 2026 16:19:40 +0000
ROA not before:           Thu 01 Jan 2026 16:19:40 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215090
IP address blocks:        80.244.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/ynB-CGZABWvCcdXSs-JNAUQLqgQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/ynB-CGZABWvCcdXSs-JNAUQLqgQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ynB-CGZABWvCcdXSs-JNAUQLqgQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:94:b3:a9:37:d4:3d:11:e6:23:07:87:fe:28:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca707e086640056bc271d5d2b3e24d01440baa04
        Validity
            Not Before: Jan  1 16:19:40 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e9f5f8c0020e044059bcb142fa204b446b447a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:de:a4:76:3d:82:d1:8f:06:79:80:4f:21:84:
                    d2:a3:ec:f8:88:9b:81:8a:cb:db:f6:7c:21:2a:0a:
                    94:ba:20:24:33:ef:02:66:a4:1d:13:e1:9e:3c:66:
                    bf:22:bf:9c:4e:f4:82:09:0e:13:86:41:ab:72:18:
                    d1:98:5a:77:f0:ff:f3:a2:6b:20:84:36:14:6a:26:
                    56:89:34:fc:cc:0e:5c:a3:a0:20:06:b2:80:ec:fc:
                    ec:f9:2e:cd:a4:3e:a9:4b:77:10:b8:8e:e3:ab:07:
                    a4:c8:12:89:5b:fb:ad:66:28:9c:61:9d:0e:42:83:
                    6c:73:9c:2f:d8:80:3a:f2:be:1b:52:87:38:25:76:
                    77:73:79:c0:90:9f:47:76:2e:38:4f:79:40:8b:ea:
                    e4:08:d2:4c:b4:fd:15:31:0d:59:5d:8c:e1:f2:2f:
                    cb:f4:71:38:06:fa:1c:5d:96:74:e6:5e:12:81:c5:
                    33:67:30:b1:12:75:21:0a:5a:80:71:76:ef:0f:0c:
                    ef:30:06:7b:8b:ce:8c:74:3d:98:27:20:2f:da:57:
                    3e:ea:88:cd:4d:b1:97:07:88:c3:62:66:a5:f7:0b:
                    7a:0f:51:73:17:e7:da:cd:6e:8e:49:74:68:bf:bb:
                    41:a1:99:bd:50:de:fc:7b:7b:0c:16:bf:ca:fa:9d:
                    85:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:F5:F8:C0:02:0E:04:40:59:BC:B1:42:FA:20:4B:44:6B:44:7A:2C
            X509v3 Authority Key Identifier:
                keyid:CA:70:7E:08:66:40:05:6B:C2:71:D5:D2:B3:E2:4D:01:44:0B:AA:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynB-CGZABWvCcdXSs-JNAUQLqgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/6fX4wAIOBEBZvLFC-iBLRGtEeiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/376ccd-defa-4028-af1c-b99ce30d839f/1/ynB-CGZABWvCcdXSs-JNAUQLqgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.244.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:ce:e1:7f:e4:ec:24:e2:ae:42:b0:fa:b0:7d:bd:22:f3:1f:
         5b:e0:b3:db:8c:ef:55:ae:e8:ce:b8:75:07:80:2d:16:5a:3e:
         6e:ef:e8:5d:d7:56:3c:14:76:09:59:41:1c:35:7a:32:e7:d7:
         ce:b2:dd:5a:66:46:75:3b:32:4e:69:8b:f4:ab:31:91:30:e1:
         9f:df:4e:a9:aa:bc:af:0c:a7:8c:0c:af:72:0b:62:55:4e:c1:
         10:87:c0:e9:7b:74:f0:ae:a2:2c:00:38:97:e6:de:b0:a7:05:
         32:ba:00:99:92:eb:97:05:c2:1f:88:c9:de:cc:18:bb:0c:62:
         a4:59:ca:ca:65:3b:bc:24:8c:dc:67:3c:0b:56:a6:72:44:b5:
         50:ba:2e:da:b6:6f:5f:59:16:f3:dd:a2:50:a2:27:e5:6c:35:
         c1:86:18:ba:77:eb:3b:8f:72:6a:22:3f:ab:b2:6d:d9:b3:bc:
         74:8c:a2:27:d1:05:47:91:d6:32:d9:31:20:4d:a2:b8:27:27:
         47:f3:55:63:47:1d:fa:8f:49:08:72:e7:2b:b3:47:b7:9d:ec:
         94:a1:91:d1:59:34:9c:ed:b4:8d:87:78:fb:11:73:5e:1b:36:
         f3:8c:46:33:ba:fd:7b:af:c3:ad:fd:ce:af:14:d9:62:e3:17:
         3f:f9:ed:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6W5SzqTfUPRHmIweH/igtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzA3ZTA4NjY0MDA1NmJjMjcxZDVkMmIzZTI0ZDAxNDQw
YmFhMDQwHhcNMjYwMTAxMTYxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWY1ZjhjMDAyMGUwNDQwNTliY2IxNDJmYTIwNGI0NDZiNDQ3YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm96kdj2C0Y8GeYBPIYTSo+z4iJuB
isvb9nwhKgqUuiAkM+8CZqQdE+GePGa/Ir+cTvSCCQ4ThkGrchjRmFp38P/zomsg
hDYUaiZWiTT8zA5co6AgBrKA7Pzs+S7NpD6pS3cQuI7jqwekyBKJW/utZiicYZ0O
QoNsc5wv2IA68r4bUoc4JXZ3c3nAkJ9Hdi44T3lAi+rkCNJMtP0VMQ1ZXYzh8i/L
9HE4BvocXZZ05l4SgcUzZzCxEnUhClqAcXbvDwzvMAZ7i86MdD2YJyAv2lc+6ojN
TbGXB4jDYmal9wt6D1FzF+fazW6OSXRov7tBoZm9UN78e3sMFr/K+p2FYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOn1+MACDgRAWbyxQvogS0RrRHosMB8GA1UdIwQY
MBaAFMpwfghmQAVrwnHV0rPiTQFEC6oEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5CLUNHWkFCV3ZDY2RYU3MtSk5BVVFMcWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zNzZjY2QtZGVmYS00MDI4LWFmMWMt
Yjk5Y2UzMGQ4MzlmLzEvNmZYNHdBSU9CRUJadkxGQy1pQkxSR3RFZWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zNzZjY2QtZGVmYS00MDI4LWFmMWMtYjk5Y2UzMGQ4Mzlm
LzEveW5CLUNHWkFCV3ZDY2RYU3MtSk5BVVFMcWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPQOMA0G
CSqGSIb3DQEBCwUAA4IBAQAWzuF/5Owk4q5CsPqwfb0i8x9b4LPbjO9VrujOuHUH
gC0WWj5u7+hd11Y8FHYJWUEcNXoy59fOst1aZkZ1OzJOaYv0qzGRMOGf306pqryv
DKeMDK9yC2JVTsEQh8Dpe3TwrqIsADiX5t6wpwUyugCZkuuXBcIfiMnezBi7DGKk
WcrKZTu8JIzcZzwLVqZyRLVQui7atm9fWRbz3aJQoiflbDXBhhi6d+s7j3JqIj+r
sm3Zs7x0jKIn0QVHkdYy2TEgTaK4JydH81VjRx36j0kIcucrs0e3neyUoZHRWTSc
7bSNh3j7EXNeGzbzjEYzuv17r8Ot/c6vFNli4xc/+e3w
-----END CERTIFICATE-----