This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/MOaflZrDMd7wGNURntzbZLdXUmA.roa
File:                     MOaflZrDMd7wGNURntzbZLdXUmA.roa (raw, json)
Hash identifier:          jhSZsx+nbyUc0xlTzJSRe1x2K+X/3793enEacjp2ebc=
Subject key identifier:   30:E6:9F:95:9A:C3:31:DE:F0:18:D5:11:9E:DC:DB:64:B7:57:52:60
Certificate issuer:       /CN=92ddaedf370f35af8b5eeb7f86e6cfaface88d4e
Certificate serial:       019B7B357E2DA0F385D60197CA590B1A89EA
Authority key identifier: 92:DD:AE:DF:37:0F:35:AF:8B:5E:EB:7F:86:E6:CF:AF:AC:E8:8D:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kt2u3zcPNa-LXut_hubPr6zojU4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/MOaflZrDMd7wGNURntzbZLdXUmA.roa
Signing time:             Thu 01 Jan 2026 20:17:41 +0000
ROA not before:           Thu 01 Jan 2026 20:17:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200653
IP address blocks:        185.215.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/kt2u3zcPNa-LXut_hubPr6zojU4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/kt2u3zcPNa-LXut_hubPr6zojU4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kt2u3zcPNa-LXut_hubPr6zojU4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 23:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:7e:2d:a0:f3:85:d6:01:97:ca:59:0b:1a:89:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92ddaedf370f35af8b5eeb7f86e6cfaface88d4e
        Validity
            Not Before: Jan  1 20:17:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=30e69f959ac331def018d5119edcdb64b7575260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:de:7f:a8:41:70:8a:9d:32:c3:41:4f:ae:d5:
                    85:a1:ff:ca:2b:ec:7f:60:b7:4e:b3:52:d4:cd:bb:
                    9a:6c:a8:63:ec:88:35:26:a5:2f:20:b0:24:cb:9d:
                    37:d4:d6:71:d4:96:a5:88:eb:78:69:83:3f:23:8a:
                    24:d7:4f:c5:1d:d1:20:2b:c6:95:68:31:a6:8c:dc:
                    60:d3:80:a5:e7:6e:e0:91:57:aa:5e:8c:03:92:83:
                    ed:38:53:e5:68:ef:10:4d:7e:ff:f0:62:5c:96:b5:
                    58:57:bf:1e:8f:44:47:2d:df:89:bf:b9:06:6c:42:
                    df:4b:34:77:45:ea:4b:1a:bc:3a:1f:82:49:15:61:
                    2f:93:92:03:5c:0e:6f:c0:bb:d8:48:a0:08:c7:ea:
                    0e:3b:1f:d4:95:8b:ae:d8:8a:fd:34:04:a2:e9:9b:
                    58:b2:9e:a1:03:75:32:a9:85:15:d5:e7:08:9f:62:
                    86:30:f0:c6:ca:b2:31:89:1c:68:17:77:9e:b1:14:
                    7a:bd:25:e9:af:4d:56:25:27:3d:cf:fb:58:71:0e:
                    51:0d:a8:e6:c3:a0:0d:2d:a7:08:18:36:bf:1a:47:
                    2a:c8:76:43:41:0d:e3:bc:51:cf:41:11:d2:ed:c9:
                    29:0c:b2:60:84:28:4f:26:cb:bc:95:05:ae:f0:5f:
                    c6:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:E6:9F:95:9A:C3:31:DE:F0:18:D5:11:9E:DC:DB:64:B7:57:52:60
            X509v3 Authority Key Identifier:
                keyid:92:DD:AE:DF:37:0F:35:AF:8B:5E:EB:7F:86:E6:CF:AF:AC:E8:8D:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kt2u3zcPNa-LXut_hubPr6zojU4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/MOaflZrDMd7wGNURntzbZLdXUmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/84c3d5-8ab2-44ac-942b-c4b9c539407b/1/kt2u3zcPNa-LXut_hubPr6zojU4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.215.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:b9:ee:cd:28:59:33:26:a4:05:aa:d8:df:e9:df:a2:3d:f7:
         8e:af:53:8b:30:3b:86:88:67:a1:d4:e9:59:d4:f7:d1:ca:2b:
         1f:4a:df:84:f9:09:33:ce:b8:ff:d1:3b:0a:8e:7e:9a:bd:3c:
         72:ec:45:fc:43:22:e6:22:a1:5b:1e:ad:d1:50:29:d1:fa:8b:
         8c:95:56:e5:33:6a:96:e0:cd:82:47:20:ca:58:44:e9:2e:94:
         d7:08:10:c2:b3:8f:7c:36:d7:f9:9f:4a:b9:37:4d:f0:dd:67:
         f4:c5:ce:88:5d:d1:3a:40:95:13:cc:e9:81:4d:72:46:20:d1:
         f3:8a:2c:c5:72:69:e0:a5:72:60:d6:f0:73:46:d7:7b:53:67:
         3e:61:8c:26:d7:fc:f6:43:51:fd:4b:de:cf:c9:95:b0:e9:07:
         77:fe:40:80:12:0e:3e:70:94:82:ad:81:f5:77:24:9a:7e:d1:
         64:79:63:c4:67:69:ce:91:68:bc:64:f2:c5:c5:21:45:95:c8:
         db:9b:5c:cd:d9:69:98:60:75:92:0d:c5:05:38:ae:77:16:e1:
         c1:ef:0d:ef:4c:8b:4a:c3:98:09:22:5b:7d:a7:18:c6:44:47:
         05:0b:ff:76:4f:09:68:a5:77:a0:22:1c:12:ce:c7:a4:17:a0:
         d1:6e:58:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NX4toPOF1gGXylkLGonqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZGRhZWRmMzcwZjM1YWY4YjVlZWI3Zjg2ZTZjZmFmYWNl
ODhkNGUwHhcNMjYwMTAxMjAxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGU2OWY5NTlhYzMzMWRlZjAxOGQ1MTE5ZWRjZGI2NGI3NTc1MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5d5/qEFwip0yw0FPrtWFof/KK+x/
YLdOs1LUzbuabKhj7Ig1JqUvILAky5031NZx1JaliOt4aYM/I4ok10/FHdEgK8aV
aDGmjNxg04Cl527gkVeqXowDkoPtOFPlaO8QTX7/8GJclrVYV78ej0RHLd+Jv7kG
bELfSzR3RepLGrw6H4JJFWEvk5IDXA5vwLvYSKAIx+oOOx/UlYuu2Ir9NASi6ZtY
sp6hA3UyqYUV1ecIn2KGMPDGyrIxiRxoF3eesRR6vSXpr01WJSc9z/tYcQ5RDajm
w6ANLacIGDa/GkcqyHZDQQ3jvFHPQRHS7ckpDLJghChPJsu8lQWu8F/GMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDmn5WawzHe8BjVEZ7c22S3V1JgMB8GA1UdIwQY
MBaAFJLdrt83DzWvi17rf4bmz6+s6I1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3QydTN6Y1BOYS1MWHV0X2h1YlByNnpvalU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My84NGMzZDUtOGFiMi00NGFjLTk0MmIt
YzRiOWM1Mzk0MDdiLzEvTU9hZmxackRNZDd3R05VUm50emJaTGRYVW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My84NGMzZDUtOGFiMi00NGFjLTk0MmItYzRiOWM1Mzk0MDdi
LzEva3QydTN6Y1BOYS1MWHV0X2h1YlByNnpvalU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudcGMA0G
CSqGSIb3DQEBCwUAA4IBAQCbue7NKFkzJqQFqtjf6d+iPfeOr1OLMDuGiGeh1OlZ
1PfRyisfSt+E+Qkzzrj/0TsKjn6avTxy7EX8QyLmIqFbHq3RUCnR+ouMlVblM2qW
4M2CRyDKWETpLpTXCBDCs498Ntf5n0q5N03w3Wf0xc6IXdE6QJUTzOmBTXJGINHz
iizFcmngpXJg1vBzRtd7U2c+YYwm1/z2Q1H9S97PyZWw6Qd3/kCAEg4+cJSCrYH1
dySaftFkeWPEZ2nOkWi8ZPLFxSFFlcjbm1zN2WmYYHWSDcUFOK53FuHB7w3vTItK
w5gJIlt9pxjGREcFC/92TwlopXegIhwSzsekF6DRbljf
-----END CERTIFICATE-----