This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/vAGwaiC2Bp1wYYYgaEDGo4Uiqpc.roa
File:                     vAGwaiC2Bp1wYYYgaEDGo4Uiqpc.roa (raw, json)
Hash identifier:          kDL6yMpm7SXuYLlIMpKeyi5R+9DyzeTyoxzQraFeyqU=
Subject key identifier:   BC:01:B0:6A:20:B6:06:9D:70:61:86:20:68:40:C6:A3:85:22:AA:97
Certificate issuer:       /CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
Certificate serial:       019B7AC7B26A68E86D7147DBD6AECC58A1A4
Authority key identifier: F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/vAGwaiC2Bp1wYYYgaEDGo4Uiqpc.roa
Signing time:             Thu 01 Jan 2026 18:17:46 +0000
ROA not before:           Thu 01 Jan 2026 18:17:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206658
IP address blocks:        185.197.10.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/9O9duhAKkrJETz5RLQGlksAZUcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/9O9duhAKkrJETz5RLQGlksAZUcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 Jan 2026 15:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c7:b2:6a:68:e8:6d:71:47:db:d6:ae:cc:58:a1:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
        Validity
            Not Before: Jan  1 18:17:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bc01b06a20b6069d706186206840c6a38522aa97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b5:30:99:8e:f9:ab:cd:03:05:e4:10:e5:54:
                    c9:47:8b:c4:5a:4d:9f:b5:25:ca:35:70:cf:8d:0f:
                    70:56:73:09:f6:83:a2:7f:55:d7:a1:8d:d1:0d:d2:
                    3c:77:c7:54:26:06:6b:08:be:1d:67:d2:4c:13:4d:
                    75:a3:9a:f3:e3:ee:bc:fc:04:d1:5f:30:69:3e:0d:
                    07:f9:88:cb:45:ca:f5:43:8d:de:f3:55:ca:47:55:
                    e3:dc:2b:c6:04:b9:77:3c:7b:51:1b:ec:45:36:47:
                    41:f4:6f:d2:51:ac:12:c8:7c:cc:f6:b4:72:21:41:
                    b4:18:3c:f5:ce:99:a2:0c:01:d2:10:63:b3:5a:1d:
                    55:02:4a:9b:05:1a:6c:ed:7f:fc:e4:b6:59:90:b3:
                    5a:ba:20:d1:51:8c:cf:eb:46:39:8a:73:76:4f:e9:
                    5d:a7:da:f0:01:0f:76:22:44:cd:20:19:87:7b:70:
                    ff:d9:52:65:84:2e:14:ec:6b:bc:ea:62:7f:f3:9e:
                    3f:6e:4f:e0:90:3b:ef:d6:8c:ef:20:48:54:de:61:
                    50:61:5a:dc:dc:c1:60:89:65:b5:3d:b7:78:42:79:
                    8d:09:7e:d8:2b:ce:5a:57:0d:d5:a8:1f:02:16:b7:
                    0c:ff:30:13:25:9c:11:a7:13:24:26:bd:2b:8d:39:
                    bd:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:01:B0:6A:20:B6:06:9D:70:61:86:20:68:40:C6:A3:85:22:AA:97
            X509v3 Authority Key Identifier:
                keyid:F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/vAGwaiC2Bp1wYYYgaEDGo4Uiqpc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/9O9duhAKkrJETz5RLQGlksAZUcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:82:76:54:c2:2f:65:59:df:22:ea:5b:f3:72:4c:bf:66:1b:
         3b:b4:8d:9c:7b:f1:bb:bf:62:1c:81:a8:20:30:3d:f3:09:ff:
         f9:59:b8:07:22:fa:e6:e6:d9:b0:0c:95:ef:88:3e:f7:ac:01:
         06:f9:55:de:33:9d:9c:fd:a4:5b:68:81:9c:44:96:9f:27:6c:
         f2:5f:be:1f:2c:19:e5:ff:d6:5f:69:be:0a:88:ac:15:64:da:
         9a:b2:52:c2:22:66:17:1a:14:d9:4c:5a:aa:9e:c2:5e:77:d1:
         e4:22:27:fc:ca:07:1e:47:53:5d:4a:87:c0:c9:a0:d1:0d:33:
         46:6e:b8:15:5c:83:94:eb:3c:39:16:37:f5:fe:74:94:55:36:
         0b:8b:8e:ef:1e:44:13:4f:b1:c8:16:47:b2:c9:6a:3d:dd:0c:
         74:6f:06:8e:36:04:32:50:78:9e:71:c9:00:10:62:43:e1:08:
         55:81:b9:51:7d:ed:87:8e:89:df:69:d4:b9:d8:21:85:d6:85:
         5c:be:47:01:c2:0d:b4:82:6e:c4:27:ed:b4:41:ec:e7:f4:2d:
         1e:d9:44:9e:8b:ff:aa:19:c7:6c:c0:d7:ae:2e:1c:fb:a0:a0:
         a8:94:3c:24:38:2c:73:51:c8:08:53:8a:31:b2:de:8b:32:87:
         25:c1:0c:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6x7JqaOhtcUfb1q7MWKGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWY1ZGJhMTAwYTkyYjI0NDRmM2U1MTJkMDFhNTkyYzAx
OTUxYzIwHhcNMjYwMTAxMTgxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzAxYjA2YTIwYjYwNjlkNzA2MTg2MjA2ODQwYzZhMzg1MjJhYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrUwmY75q80DBeQQ5VTJR4vEWk2f
tSXKNXDPjQ9wVnMJ9oOif1XXoY3RDdI8d8dUJgZrCL4dZ9JME011o5rz4+68/ATR
XzBpPg0H+YjLRcr1Q43e81XKR1Xj3CvGBLl3PHtRG+xFNkdB9G/SUawSyHzM9rRy
IUG0GDz1zpmiDAHSEGOzWh1VAkqbBRps7X/85LZZkLNauiDRUYzP60Y5inN2T+ld
p9rwAQ92IkTNIBmHe3D/2VJlhC4U7Gu86mJ/854/bk/gkDvv1ozvIEhU3mFQYVrc
3MFgiWW1Pbd4QnmNCX7YK85aVw3VqB8CFrcM/zATJZwRpxMkJr0rjTm9mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwBsGogtgadcGGGIGhAxqOFIqqXMB8GA1UdIwQY
MBaAFPTvXboQCpKyRE8+US0BpZLAGVHCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDct
YWQwMjdlOTVjNWM3LzEvdkFHd2FpQzJCcDF3WVlZZ2FFREdvNFVpcXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDctYWQwMjdlOTVjNWM3
LzEvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucUKMA0G
CSqGSIb3DQEBCwUAA4IBAQDCgnZUwi9lWd8i6lvzcky/Zhs7tI2ce/G7v2Icgagg
MD3zCf/5WbgHIvrm5tmwDJXviD73rAEG+VXeM52c/aRbaIGcRJafJ2zyX74fLBnl
/9Zfab4KiKwVZNqaslLCImYXGhTZTFqqnsJed9HkIif8ygceR1NdSofAyaDRDTNG
brgVXIOU6zw5Fjf1/nSUVTYLi47vHkQTT7HIFkeyyWo93Qx0bwaONgQyUHiecckA
EGJD4QhVgblRfe2HjonfadS52CGF1oVcvkcBwg20gm7EJ+20Qezn9C0e2USei/+q
GcdswNeuLhz7oKColDwkOCxzUcgIU4oxst6LMoclwQyW
-----END CERTIFICATE-----