This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/vcGSAq_UFOrKcbjq8gwdxfB1Ibo.roa
File:                     vcGSAq_UFOrKcbjq8gwdxfB1Ibo.roa (raw, json)
Hash identifier:          3NDxRub2Y5A+FcimvidA2GMSTgfLKOnltwEtyfMEJ1E=
Subject key identifier:   BD:C1:92:02:AF:D4:14:EA:CA:71:B8:EA:F2:0C:1D:C5:F0:75:21:BA
Certificate issuer:       /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial:       019B7BA45AEB925BF5D18D3F2C6C49083448
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/vcGSAq_UFOrKcbjq8gwdxfB1Ibo.roa
Signing time:             Thu 01 Jan 2026 22:18:47 +0000
ROA not before:           Thu 01 Jan 2026 22:18:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200461
IP address blocks:        185.23.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 16:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:5a:eb:92:5b:f5:d1:8d:3f:2c:6c:49:08:34:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
        Validity
            Not Before: Jan  1 22:18:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bdc19202afd414eaca71b8eaf20c1dc5f07521ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:15:c5:cd:76:2b:f5:4a:57:a8:4c:d1:7f:06:
                    16:db:59:94:4b:82:4a:15:0c:70:16:93:a5:f0:36:
                    c9:57:ea:66:bc:57:15:10:95:5f:e5:a6:21:38:4a:
                    2a:9d:c4:8b:d5:39:b6:b0:f2:78:0c:e0:90:22:78:
                    fa:31:7e:b9:38:fc:4b:45:89:44:b2:9f:6d:0d:39:
                    54:6e:e1:37:a3:72:44:79:34:a8:a6:75:66:fd:76:
                    20:9e:dd:bd:73:fe:77:df:fc:31:06:11:4c:26:01:
                    d6:06:a1:4c:23:4e:e9:cd:da:fa:0f:48:60:11:3d:
                    f7:c0:5c:58:fc:aa:22:55:38:10:69:2e:86:91:a6:
                    1a:46:80:9a:10:63:74:8a:11:ad:9a:e0:30:b5:ce:
                    df:77:2e:3b:e4:7c:93:7f:82:9b:5d:0d:9f:4b:d6:
                    31:a1:05:3a:dd:df:06:92:5e:7e:a5:5e:e7:74:47:
                    20:fa:28:13:a9:25:30:71:2e:8f:6f:63:9c:63:9f:
                    36:c6:89:94:3a:69:96:2e:e6:89:6c:37:7b:13:83:
                    d4:87:c1:7f:ed:77:0a:d3:cc:88:6b:ef:73:fa:14:
                    a6:e1:7c:14:ca:50:cc:6a:62:33:c3:1c:37:7e:73:
                    8f:22:b2:52:a3:1d:e2:73:72:43:97:fb:a5:05:1a:
                    3a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C1:92:02:AF:D4:14:EA:CA:71:B8:EA:F2:0C:1D:C5:F0:75:21:BA
            X509v3 Authority Key Identifier:
                keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/vcGSAq_UFOrKcbjq8gwdxfB1Ibo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:d3:10:b9:3b:69:0f:ef:4f:b3:63:69:3b:4b:5d:81:1a:5b:
         ee:41:77:fa:65:62:1e:77:ac:5d:a6:f0:69:17:3f:ec:87:5d:
         e8:af:1f:d2:1d:23:ec:d3:bb:0f:70:26:17:64:b4:60:be:3f:
         c8:fb:2f:e0:46:1b:9f:91:05:63:e3:a5:a4:5b:b5:71:5d:69:
         d8:ba:b4:fe:4c:14:37:84:23:18:0e:18:c6:70:83:97:a3:24:
         fb:9c:cb:b8:41:a4:1a:8f:f0:74:48:fd:5e:62:b6:2a:ad:55:
         54:c5:30:6e:1d:44:71:05:eb:10:a4:be:c5:ce:1e:32:a8:1d:
         99:74:aa:ae:d3:bb:3c:bf:54:06:07:b7:27:66:91:60:38:90:
         1f:d2:cb:26:6f:ae:50:06:60:f9:bd:22:b9:ce:94:97:92:af:
         5c:05:9b:ca:72:b8:e5:44:10:4f:3e:6e:f5:4a:63:81:bb:a2:
         72:70:f2:4b:fc:8c:15:08:08:1e:cd:2b:38:00:b3:81:f6:df:
         70:cb:71:80:35:21:14:a6:ef:22:2d:b7:2a:43:fe:b1:40:7a:
         3d:0f:97:36:d8:8b:1a:f8:64:e4:67:3b:d4:a1:ce:cd:8b:9d:
         7a:53:be:4b:03:7a:a0:bf:ef:30:bc:16:02:97:56:35:80:a0:
         1f:60:62:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pFrrklv10Y0/LGxJCDRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjYwMTAxMjIxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGMxOTIwMmFmZDQxNGVhY2E3MWI4ZWFmMjBjMWRjNWYwNzUyMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhXFzXYr9UpXqEzRfwYW21mUS4JK
FQxwFpOl8DbJV+pmvFcVEJVf5aYhOEoqncSL1Tm2sPJ4DOCQInj6MX65OPxLRYlE
sp9tDTlUbuE3o3JEeTSopnVm/XYgnt29c/533/wxBhFMJgHWBqFMI07pzdr6D0hg
ET33wFxY/KoiVTgQaS6GkaYaRoCaEGN0ihGtmuAwtc7fdy475HyTf4KbXQ2fS9Yx
oQU63d8Gkl5+pV7ndEcg+igTqSUwcS6Pb2OcY582xomUOmmWLuaJbDd7E4PUh8F/
7XcK08yIa+9z+hSm4XwUylDMamIzwxw3fnOPIrJSox3ic3JDl/ulBRo6+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3BkgKv1BTqynG46vIMHcXwdSG6MB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvdmNHU0FxX1VGT3JLY2JqcThnd2R4ZkIxSWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRcFMA0G
CSqGSIb3DQEBCwUAA4IBAQBp0xC5O2kP70+zY2k7S12BGlvuQXf6ZWIed6xdpvBp
Fz/sh13orx/SHSPs07sPcCYXZLRgvj/I+y/gRhufkQVj46WkW7VxXWnYurT+TBQ3
hCMYDhjGcIOXoyT7nMu4QaQaj/B0SP1eYrYqrVVUxTBuHURxBesQpL7Fzh4yqB2Z
dKqu07s8v1QGB7cnZpFgOJAf0ssmb65QBmD5vSK5zpSXkq9cBZvKcrjlRBBPPm71
SmOBu6JycPJL/IwVCAgezSs4ALOB9t9wy3GANSEUpu8iLbcqQ/6xQHo9D5c22Isa
+GTkZzvUoc7Ni516U75LA3qgv+8wvBYCl1Y1gKAfYGLA
-----END CERTIFICATE-----