This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RdyYokbnG7XLVDam_dBJIgOvOE8.roa
File:                     RdyYokbnG7XLVDam_dBJIgOvOE8.roa (raw, json)
Hash identifier:          gESkoD1WqQR0KJIcV83l6rJ2jEBqh3b8q35KOtZeusY=
Subject key identifier:   45:DC:98:A2:46:E7:1B:B5:CB:54:36:A6:FD:D0:49:22:03:AF:38:4F
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       019B7C80611E78E8096636EAC79DC96E632F
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RdyYokbnG7XLVDam_dBJIgOvOE8.roa
Signing time:             Fri 02 Jan 2026 02:19:06 +0000
ROA not before:           Fri 02 Jan 2026 02:19:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     58330
IP address blocks:        194.32.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 21:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:61:1e:78:e8:09:66:36:ea:c7:9d:c9:6e:63:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan  2 02:19:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=45dc98a246e71bb5cb5436a6fdd0492203af384f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:73:24:dd:7a:9f:6d:00:8e:41:61:ce:92:10:
                    9c:05:55:f5:72:94:04:fa:78:8a:61:0f:89:69:27:
                    59:ec:19:e4:a7:5d:7d:10:f3:0e:56:19:7e:85:13:
                    26:1d:92:78:9a:c9:82:a4:76:43:f8:2b:31:45:34:
                    04:37:d7:fe:f8:96:ec:8d:5d:5c:62:5e:24:ca:f5:
                    a1:0d:34:51:61:18:7c:10:64:45:e7:58:b2:e6:88:
                    f5:4f:a7:d0:94:fa:27:5e:a4:7d:4f:b1:3f:f1:6b:
                    32:bb:a1:a6:0a:01:40:60:4a:f1:d8:0a:be:81:1b:
                    57:5a:ae:d6:f6:f3:e4:37:f8:be:c6:6e:5a:b9:6b:
                    29:5b:f9:c9:67:0f:73:65:56:da:94:8c:d5:57:70:
                    15:d3:82:92:92:6e:c0:bd:19:3e:0c:db:d4:26:72:
                    bf:82:a6:82:3c:8d:79:01:33:de:c0:9f:13:53:97:
                    ac:ae:91:be:06:e3:f3:f6:9c:98:9d:ed:24:8d:f8:
                    7f:e0:93:3a:3f:69:1b:99:d4:9a:2e:97:ac:8a:21:
                    04:52:39:19:0c:94:80:fd:5e:43:1f:17:6c:74:28:
                    e5:c9:90:97:e8:9f:10:2f:72:40:0e:80:eb:c8:30:
                    13:8b:ef:98:6d:8f:e2:0f:9d:23:17:50:3a:b0:ce:
                    38:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DC:98:A2:46:E7:1B:B5:CB:54:36:A6:FD:D0:49:22:03:AF:38:4F
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RdyYokbnG7XLVDam_dBJIgOvOE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:95:e7:10:93:7e:2b:32:c1:5d:94:a4:80:da:d0:f1:ce:fe:
         ee:8f:a9:16:3d:3e:3e:fa:42:8a:90:26:d7:66:33:c3:24:98:
         30:aa:4c:3b:9c:0c:82:ca:4b:c8:a6:2a:ba:5a:c7:0a:83:4b:
         28:c7:21:92:b9:fb:ff:41:45:b8:e3:10:5c:19:f4:cf:53:22:
         2e:4d:0a:1e:c5:9f:29:79:e0:87:43:f5:ef:9f:64:2d:32:5b:
         3d:a0:ba:ca:09:74:aa:92:66:98:40:c2:13:2b:65:aa:19:c9:
         4e:ca:ee:a2:37:37:79:f2:1a:cc:6b:ed:ae:21:ee:69:72:99:
         74:b7:a2:30:96:48:d4:b2:65:85:a0:23:6c:97:1d:3b:a1:69:
         ab:94:d8:8c:72:a8:59:58:6e:a3:48:96:0f:5a:f6:3f:dc:89:
         87:bf:34:4b:9c:55:af:64:e8:00:9c:28:b6:0d:d2:78:31:ee:
         26:58:31:22:c5:0b:30:19:18:2c:e7:31:3b:8a:b6:87:c4:19:
         90:ab:db:12:e8:6e:e9:81:17:a0:f1:e4:f9:dd:b5:a0:80:64:
         d1:25:a2:80:75:d4:72:17:1d:71:d4:15:a4:b8:c2:4c:ed:58:
         05:95:cb:dd:30:a4:0f:d5:7b:8b:8c:89:41:84:94:f5:fd:43:
         f2:73:a0:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gGEeeOgJZjbqx53JbmMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwMTAyMDIxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRjOThhMjQ2ZTcxYmI1Y2I1NDM2YTZmZGQwNDkyMjAzYWYzODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHMk3XqfbQCOQWHOkhCcBVX1cpQE
+niKYQ+JaSdZ7Bnkp119EPMOVhl+hRMmHZJ4msmCpHZD+CsxRTQEN9f++JbsjV1c
Yl4kyvWhDTRRYRh8EGRF51iy5oj1T6fQlPonXqR9T7E/8Wsyu6GmCgFAYErx2Aq+
gRtXWq7W9vPkN/i+xm5auWspW/nJZw9zZVbalIzVV3AV04KSkm7AvRk+DNvUJnK/
gqaCPI15ATPewJ8TU5esrpG+BuPz9pyYne0kjfh/4JM6P2kbmdSaLpesiiEEUjkZ
DJSA/V5DHxdsdCjlyZCX6J8QL3JADoDryDATi++YbY/iD50jF1A6sM44AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXcmKJG5xu1y1Q2pv3QSSIDrzhPMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvUmR5WW9rYm5HN1hMVkRhbV9kQkpJZ092T0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBjMA0G
CSqGSIb3DQEBCwUAA4IBAQARlecQk34rMsFdlKSA2tDxzv7uj6kWPT4++kKKkCbX
ZjPDJJgwqkw7nAyCykvIpiq6WscKg0soxyGSufv/QUW44xBcGfTPUyIuTQoexZ8p
eeCHQ/Xvn2QtMls9oLrKCXSqkmaYQMITK2WqGclOyu6iNzd58hrMa+2uIe5pcpl0
t6IwlkjUsmWFoCNslx07oWmrlNiMcqhZWG6jSJYPWvY/3ImHvzRLnFWvZOgAnCi2
DdJ4Me4mWDEixQswGRgs5zE7iraHxBmQq9sS6G7pgReg8eT53bWggGTRJaKAddRy
Fx1x1BWkuMJM7VgFlcvdMKQP1XuLjIlBhJT1/UPyc6B0
-----END CERTIFICATE-----