This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/uyBMoEucJfytZ8ihHsJCPobOGFQ.roa
File:                     uyBMoEucJfytZ8ihHsJCPobOGFQ.roa (raw, json)
Hash identifier:          A2c10IHD5jiP9uuVliVyuoYipdhgG/LGbhXuuI60B9M=
Subject key identifier:   BB:20:4C:A0:4B:9C:25:FC:AD:67:C8:A1:1E:C2:42:3E:86:CE:18:54
Certificate issuer:       /CN=0a670ed2bc71191cb60bd9660148510b236d3acf
Certificate serial:       019AFF2DE7275D8221221C49580E5E5D0892
Authority key identifier: 0A:67:0E:D2:BC:71:19:1C:B6:0B:D9:66:01:48:51:0B:23:6D:3A:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CmcO0rxxGRy2C9lmAUhRCyNtOs8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/uyBMoEucJfytZ8ihHsJCPobOGFQ.roa
Signing time:             Mon 08 Dec 2025 18:16:29 +0000
ROA not before:           Mon 08 Dec 2025 18:16:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     2914
IP address blocks:        185.252.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/CmcO0rxxGRy2C9lmAUhRCyNtOs8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/CmcO0rxxGRy2C9lmAUhRCyNtOs8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CmcO0rxxGRy2C9lmAUhRCyNtOs8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 00:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:ff:2d:e7:27:5d:82:21:22:1c:49:58:0e:5e:5d:08:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a670ed2bc71191cb60bd9660148510b236d3acf
        Validity
            Not Before: Dec  8 18:16:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bb204ca04b9c25fcad67c8a11ec2423e86ce1854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7e:67:45:27:6e:04:0e:98:b0:e3:81:2b:bb:
                    77:4c:d3:95:c1:a6:9a:bc:1c:48:03:e7:d2:94:71:
                    8f:8d:ed:3d:d5:4a:31:2e:7b:b2:42:50:5f:51:b3:
                    d8:b5:6f:d4:0d:6b:d9:79:a2:e2:37:bc:41:c4:1e:
                    fd:4b:b7:07:c1:53:5f:86:2e:39:ef:dc:6b:6f:43:
                    dd:23:a4:b8:6f:53:01:48:49:1c:3a:18:82:e6:d9:
                    f4:5f:55:83:75:90:0f:02:7d:7e:ea:df:e1:3f:db:
                    76:eb:c5:16:c3:d8:d9:f9:3d:61:45:40:05:13:20:
                    81:78:5a:a2:33:16:f3:02:62:0b:02:cb:1a:32:2a:
                    ba:84:fa:99:64:43:72:31:38:b1:78:5e:fe:07:65:
                    d9:89:ae:2f:59:4f:b0:cf:a4:cf:03:29:c8:d3:bf:
                    46:54:c6:c3:45:47:39:1e:74:d7:34:42:f1:fa:3c:
                    5b:00:52:47:f7:a3:cb:1c:68:42:e0:34:08:70:ea:
                    a0:a6:c4:52:87:f3:1d:4b:11:89:20:4e:c1:e6:f3:
                    be:17:5d:9a:a6:1e:5f:cb:2e:76:34:27:cf:f7:88:
                    73:d3:e6:c8:38:97:18:43:98:48:bf:ff:73:89:39:
                    01:c3:1e:97:05:42:a5:eb:29:e2:5d:b0:80:ce:e0:
                    89:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:20:4C:A0:4B:9C:25:FC:AD:67:C8:A1:1E:C2:42:3E:86:CE:18:54
            X509v3 Authority Key Identifier:
                keyid:0A:67:0E:D2:BC:71:19:1C:B6:0B:D9:66:01:48:51:0B:23:6D:3A:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CmcO0rxxGRy2C9lmAUhRCyNtOs8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/uyBMoEucJfytZ8ihHsJCPobOGFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/dc2c1f-14c1-45e0-9e3b-ee34ae61549f/1/CmcO0rxxGRy2C9lmAUhRCyNtOs8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.252.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:ba:e5:b3:ad:0f:a8:72:a6:c1:8f:c3:aa:1c:15:6b:c2:be:
         c5:b6:9f:43:55:e7:11:95:49:98:b7:6c:21:1d:1d:fb:0f:24:
         f3:a6:75:15:9b:48:a0:8b:67:ca:e9:19:11:b1:c9:df:b9:2a:
         30:c8:e0:40:47:e1:3a:17:91:e3:ed:8b:32:d9:bb:1c:4e:35:
         22:1d:af:c2:27:95:5e:0d:b2:bf:5c:e5:2b:df:b3:8d:53:69:
         0a:68:78:a2:62:d9:d5:c4:9d:bd:1f:3c:32:38:1c:23:29:6b:
         a7:a7:a9:fc:0a:b3:b4:fd:d4:f9:96:29:7d:d2:08:db:5c:d8:
         4b:09:47:3d:d2:b3:09:f4:36:a3:b1:0a:a7:69:d5:cf:80:38:
         81:7e:c6:c7:58:ed:08:a2:b5:d7:b2:7f:bf:2c:00:f0:2a:ab:
         7c:41:27:3a:f6:6f:44:05:82:bb:e1:b2:6a:32:64:2e:50:d9:
         32:c8:43:33:ef:28:b0:7f:cb:2a:c6:75:71:4e:70:fa:1d:03:
         ea:cd:8e:fc:d5:93:ed:03:8e:01:b2:f3:91:47:37:97:48:01:
         5f:f7:14:b7:d5:0e:1d:da:cc:73:ae:12:65:bc:02:b7:00:a4:
         cd:7e:f0:18:1e:48:13:17:c3:18:ee:9a:16:a5:15:0c:8b:46:
         a3:41:a6:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZr/LecnXYIhIhxJWA5eXQiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNjcwZWQyYmM3MTE5MWNiNjBiZDk2NjAxNDg1MTBiMjM2
ZDNhY2YwHhcNMjUxMjA4MTgxNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjIwNGNhMDRiOWMyNWZjYWQ2N2M4YTExZWMyNDIzZTg2Y2UxODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35nRSduBA6YsOOBK7t3TNOVwaaa
vBxIA+fSlHGPje091UoxLnuyQlBfUbPYtW/UDWvZeaLiN7xBxB79S7cHwVNfhi45
79xrb0PdI6S4b1MBSEkcOhiC5tn0X1WDdZAPAn1+6t/hP9t268UWw9jZ+T1hRUAF
EyCBeFqiMxbzAmILAssaMiq6hPqZZENyMTixeF7+B2XZia4vWU+wz6TPAynI079G
VMbDRUc5HnTXNELx+jxbAFJH96PLHGhC4DQIcOqgpsRSh/MdSxGJIE7B5vO+F12a
ph5fyy52NCfP94hz0+bIOJcYQ5hIv/9ziTkBwx6XBUKl6yniXbCAzuCJLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLsgTKBLnCX8rWfIoR7CQj6GzhhUMB8GA1UdIwQY
MBaAFApnDtK8cRkctgvZZgFIUQsjbTrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ21jTzByeHhHUnkyQzlsbUFVaFJDeU50T3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9kYzJjMWYtMTRjMS00NWUwLTllM2It
ZWUzNGFlNjE1NDlmLzEvdXlCTW9FdWNKZnl0WjhpaEhzSkNQb2JPR0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9kYzJjMWYtMTRjMS00NWUwLTllM2ItZWUzNGFlNjE1NDlm
LzEvQ21jTzByeHhHUnkyQzlsbUFVaFJDeU50T3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzBMA0G
CSqGSIb3DQEBCwUAA4IBAQC4uuWzrQ+ocqbBj8OqHBVrwr7Ftp9DVecRlUmYt2wh
HR37DyTzpnUVm0igi2fK6RkRscnfuSowyOBAR+E6F5Hj7Ysy2bscTjUiHa/CJ5Ve
DbK/XOUr37ONU2kKaHiiYtnVxJ29HzwyOBwjKWunp6n8CrO0/dT5lil90gjbXNhL
CUc90rMJ9DajsQqnadXPgDiBfsbHWO0IorXXsn+/LADwKqt8QSc69m9EBYK74bJq
MmQuUNkyyEMz7yiwf8sqxnVxTnD6HQPqzY781ZPtA44BsvORRzeXSAFf9xS31Q4d
2sxzrhJlvAK3AKTNfvAYHkgTF8MY7poWpRUMi0ajQabp
-----END CERTIFICATE-----