This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/dazQnURn9LN0iU-Op9tfd2DJfxU.roa
File:                     dazQnURn9LN0iU-Op9tfd2DJfxU.roa (raw, json)
Hash identifier:          J+zgQItDJVUqKkVxrDB25vHEzXKyu5NfIqGNna9x9Vg=
Subject key identifier:   75:AC:D0:9D:44:67:F4:B3:74:89:4F:8E:A7:DB:5F:77:60:C9:7F:15
Certificate issuer:       /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial:       019B7F15C0F8A828FA1AC3556AD2E1B5A840
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/dazQnURn9LN0iU-Op9tfd2DJfxU.roa
Signing time:             Fri 02 Jan 2026 14:21:30 +0000
ROA not before:           Fri 02 Jan 2026 14:21:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204705
IP address blocks:        195.53.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 Jan 2026 02:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:c0:f8:a8:28:fa:1a:c3:55:6a:d2:e1:b5:a8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
        Validity
            Not Before: Jan  2 14:21:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=75acd09d4467f4b374894f8ea7db5f7760c97f15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4e:9c:a2:b8:8a:3f:26:36:1d:97:1d:06:e6:
                    b0:c3:e4:0c:25:d2:bd:5a:1f:fa:a2:23:32:8a:65:
                    dc:0d:b8:2f:1f:73:f0:27:ce:0d:81:d0:99:fa:9e:
                    1d:c2:80:65:40:7d:ed:66:fc:c1:b5:59:bc:7f:81:
                    c4:88:b6:9a:27:51:e7:7c:ae:b3:67:cf:aa:19:84:
                    ae:58:7d:17:17:59:26:37:a1:9d:c4:41:13:5c:88:
                    eb:44:e7:de:43:5e:7b:9d:76:98:17:da:0d:f2:32:
                    d4:47:4a:73:7a:ce:1b:65:41:7e:26:e9:16:bf:f9:
                    60:d2:da:9d:04:e4:63:99:9e:8c:64:13:70:8c:7b:
                    53:8c:fa:45:eb:9f:61:3f:6b:62:5b:bc:59:50:30:
                    1e:a1:f1:be:8f:72:bb:df:61:1c:63:50:c8:8f:31:
                    e2:c7:1e:62:57:eb:24:2f:fd:dd:f3:7b:cd:93:2d:
                    a9:e0:7c:60:0d:75:d1:bb:db:27:fb:eb:53:f7:58:
                    a9:4b:13:4b:70:8a:2e:49:b6:3a:66:f8:69:96:f8:
                    13:ae:87:6c:c4:75:2d:4d:7b:37:73:19:83:1b:ce:
                    c3:d5:6c:eb:15:23:34:a6:60:1f:d2:fb:f4:b4:3a:
                    89:36:55:b0:01:7a:34:58:a3:9b:a1:21:a7:19:9f:
                    dd:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:AC:D0:9D:44:67:F4:B3:74:89:4F:8E:A7:DB:5F:77:60:C9:7F:15
            X509v3 Authority Key Identifier:
                keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/dazQnURn9LN0iU-Op9tfd2DJfxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.53.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:22:cd:15:eb:e8:4c:5c:c5:40:a6:48:93:04:8a:0f:c3:a3:
         69:14:9f:2a:53:d4:fd:24:3f:2e:08:a0:61:54:29:30:b2:2f:
         34:79:df:84:ee:e4:4e:93:55:a3:be:e3:dd:4a:56:60:5d:ed:
         b8:af:8f:bb:17:3a:6e:0a:d2:40:d4:b8:81:18:43:bc:4f:fb:
         0c:9e:2f:59:38:c9:85:65:f0:cc:48:26:d5:a6:79:58:61:fd:
         54:f5:30:22:37:7f:2c:3d:bb:cd:33:a9:a1:0a:1a:d7:a3:80:
         b4:aa:fa:1e:fb:96:2a:59:3d:9d:1d:68:8c:ab:2a:e9:24:f3:
         7a:05:ea:12:e9:27:1f:bd:70:be:0e:2a:1f:9a:2f:0f:f5:c0:
         15:07:bd:c3:82:00:1c:bf:b4:aa:f4:40:90:95:9c:fe:1b:83:
         78:96:12:a4:ea:5d:b9:d6:b8:89:f5:42:31:e7:68:97:34:8f:
         b5:01:96:31:bf:d7:45:4f:c0:f8:c8:5f:a1:06:e1:e8:4e:b0:
         88:53:aa:a3:ce:20:47:81:35:9d:72:37:a2:da:38:01:7c:9f:
         07:b5:d2:c7:ce:65:86:2a:4e:48:0c:9a:a2:7e:45:79:ad:ea:
         5f:2d:8a:69:bc:04:46:4b:b2:38:45:81:9f:44:0a:f3:5a:70:
         51:be:6a:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FcD4qCj6GsNVatLhtahAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjYwMTAyMTQyMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFjZDA5ZDQ0NjdmNGIzNzQ4OTRmOGVhN2RiNWY3NzYwYzk3ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U6coriKPyY2HZcdBuaww+QMJdK9
Wh/6oiMyimXcDbgvH3PwJ84NgdCZ+p4dwoBlQH3tZvzBtVm8f4HEiLaaJ1HnfK6z
Z8+qGYSuWH0XF1kmN6GdxEETXIjrROfeQ157nXaYF9oN8jLUR0pzes4bZUF+JukW
v/lg0tqdBORjmZ6MZBNwjHtTjPpF659hP2tiW7xZUDAeofG+j3K732EcY1DIjzHi
xx5iV+skL/3d83vNky2p4HxgDXXRu9sn++tT91ipSxNLcIouSbY6ZvhplvgTrods
xHUtTXs3cxmDG87D1WzrFSM0pmAf0vv0tDqJNlWwAXo0WKOboSGnGZ/d5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWs0J1EZ/SzdIlPjqfbX3dgyX8VMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvZGF6UW5VUm45TE4waVUtT3A5dGZkMkRKZnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzWxMA0G
CSqGSIb3DQEBCwUAA4IBAQCzIs0V6+hMXMVApkiTBIoPw6NpFJ8qU9T9JD8uCKBh
VCkwsi80ed+E7uROk1WjvuPdSlZgXe24r4+7FzpuCtJA1LiBGEO8T/sMni9ZOMmF
ZfDMSCbVpnlYYf1U9TAiN38sPbvNM6mhChrXo4C0qvoe+5YqWT2dHWiMqyrpJPN6
BeoS6ScfvXC+Diofmi8P9cAVB73DggAcv7Sq9ECQlZz+G4N4lhKk6l251riJ9UIx
52iXNI+1AZYxv9dFT8D4yF+hBuHoTrCIU6qjziBHgTWdcjei2jgBfJ8HtdLHzmWG
Kk5IDJqifkV5repfLYppvARGS7I4RYGfRArzWnBRvmrS
-----END CERTIFICATE-----