This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/WyLZrdb3qSOC31iVFKjKw8KpzYY.roa
File:                     WyLZrdb3qSOC31iVFKjKw8KpzYY.roa (raw, json)
Hash identifier:          N/64ZJFkJRymrNDS4aAi5HI9lv2esPjvZv+p1U/Ss94=
Subject key identifier:   5B:22:D9:AD:D6:F7:A9:23:82:DF:58:95:14:A8:CA:C3:C2:A9:CD:86
Certificate issuer:       /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial:       019BDF33A2F6941F2CA6520671C95A8EAF8D
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/WyLZrdb3qSOC31iVFKjKw8KpzYY.roa
Signing time:             Wed 21 Jan 2026 06:17:41 +0000
ROA not before:           Wed 21 Jan 2026 06:17:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     396356
IP address blocks:        158.173.52.0/24 maxlen: 24
                          158.173.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 24 Jan 2026 08:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:df:33:a2:f6:94:1f:2c:a6:52:06:71:c9:5a:8e:af:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
        Validity
            Not Before: Jan 21 06:17:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5b22d9add6f7a92382df589514a8cac3c2a9cd86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:23:00:5c:dc:22:8d:c4:a0:15:0d:b2:7c:b3:
                    3d:9d:c1:16:b7:8a:2d:c4:db:97:14:b0:3c:14:1e:
                    9c:60:86:c6:79:ed:4e:5b:24:5a:57:8b:30:42:c9:
                    4b:2d:fa:7e:f3:31:fb:d9:47:76:4e:71:16:39:31:
                    d7:53:1d:c3:0b:20:56:4e:f9:79:a4:09:2a:63:0d:
                    23:7e:63:6b:c5:4a:4c:1d:01:40:e7:17:bc:78:0d:
                    01:4c:87:b9:2a:f4:e1:26:4a:11:cd:11:f6:88:52:
                    08:b3:36:ee:fe:81:52:98:76:2a:ae:30:99:4b:4c:
                    e6:22:19:bb:de:d1:8c:3a:54:4d:44:55:7b:72:42:
                    f4:a0:9e:a5:59:6d:ce:e1:b8:3c:77:0d:3d:63:77:
                    06:a6:52:ac:b3:a1:21:19:04:70:6d:90:01:25:a2:
                    6e:88:8f:c8:36:68:78:4e:50:fd:14:e0:3e:9d:2f:
                    89:45:f3:e0:86:da:f5:50:cb:6c:46:51:58:93:59:
                    ac:cf:fe:70:81:25:de:9b:af:94:77:b9:b6:d0:2e:
                    b5:14:9d:00:94:a4:e1:7e:da:75:54:08:b4:f2:d2:
                    18:19:69:38:cc:ba:7f:a2:6b:d4:80:67:c3:e2:a3:
                    6e:e6:30:8f:b0:e8:35:14:4b:63:fe:52:21:e6:94:
                    d4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:22:D9:AD:D6:F7:A9:23:82:DF:58:95:14:A8:CA:C3:C2:A9:CD:86
            X509v3 Authority Key Identifier:
                keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/WyLZrdb3qSOC31iVFKjKw8KpzYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.173.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:88:3d:ff:ac:be:21:18:45:99:7b:9a:18:f6:f7:d8:04:3b:
         9c:e6:32:70:dd:f1:db:64:50:42:4b:c1:3f:07:0d:62:17:52:
         5b:ab:9b:4a:3e:21:2c:cb:73:86:27:7b:8d:c5:e6:60:fb:4f:
         32:69:4a:a6:17:e1:92:63:21:59:44:01:bd:f6:44:45:a1:a0:
         ad:40:7d:e8:6b:b6:5a:ba:78:7a:b2:7b:a3:8f:7e:bc:fd:49:
         fd:f9:f2:87:3d:63:5d:6f:3f:2e:fa:45:8d:20:34:ba:1c:9f:
         78:95:78:98:f3:bf:67:1a:96:45:37:b9:ee:31:e8:90:12:f9:
         03:e9:81:03:90:c1:bf:36:d1:c9:d0:52:9b:1b:e8:c1:37:41:
         85:81:fb:47:98:b7:9e:d1:24:41:8e:67:ca:2b:d4:40:ed:78:
         30:c3:31:98:a4:ec:e0:7e:f6:77:d7:20:d1:15:a6:a1:b1:43:
         2f:dc:d4:b9:18:4a:de:05:60:5b:ee:b8:9f:b2:a6:73:04:e4:
         28:8c:e0:3a:6b:04:50:6e:10:c7:15:75:84:1f:ee:06:85:0c:
         bd:2f:12:21:08:19:c0:e5:80:96:37:12:7b:44:1c:bf:45:96:
         b2:e8:18:10:23:ed:30:7d:d2:7f:5b:7b:ce:07:09:00:0a:51:
         91:c8:07:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvfM6L2lB8splIGcclajq+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjYwMTIxMDYxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIyZDlhZGQ2ZjdhOTIzODJkZjU4OTUxNGE4Y2FjM2MyYTljZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCMAXNwijcSgFQ2yfLM9ncEWt4ot
xNuXFLA8FB6cYIbGee1OWyRaV4swQslLLfp+8zH72Ud2TnEWOTHXUx3DCyBWTvl5
pAkqYw0jfmNrxUpMHQFA5xe8eA0BTIe5KvThJkoRzRH2iFIIszbu/oFSmHYqrjCZ
S0zmIhm73tGMOlRNRFV7ckL0oJ6lWW3O4bg8dw09Y3cGplKss6EhGQRwbZABJaJu
iI/INmh4TlD9FOA+nS+JRfPghtr1UMtsRlFYk1msz/5wgSXem6+Ud7m20C61FJ0A
lKThftp1VAi08tIYGWk4zLp/omvUgGfD4qNu5jCPsOg1FEtj/lIh5pTUTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsi2a3W96kjgt9YlRSoysPCqc2GMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvV3lMWnJkYjNxU09DMzFpVkZLakt3OEtwellZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnq00MA0G
CSqGSIb3DQEBCwUAA4IBAQBXiD3/rL4hGEWZe5oY9vfYBDuc5jJw3fHbZFBCS8E/
Bw1iF1Jbq5tKPiEsy3OGJ3uNxeZg+08yaUqmF+GSYyFZRAG99kRFoaCtQH3oa7Za
unh6snujj368/Un9+fKHPWNdbz8u+kWNIDS6HJ94lXiY879nGpZFN7nuMeiQEvkD
6YEDkMG/NtHJ0FKbG+jBN0GFgftHmLee0SRBjmfKK9RA7XgwwzGYpOzgfvZ31yDR
FaahsUMv3NS5GEreBWBb7rifsqZzBOQojOA6awRQbhDHFXWEH+4GhQy9LxIhCBnA
5YCWNxJ7RBy/RZay6BgQI+0wfdJ/W3vOBwkAClGRyAeW
-----END CERTIFICATE-----