This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wdBYMetm0YqDJ0wA6LEWexbY2zs.roa
File:                     wdBYMetm0YqDJ0wA6LEWexbY2zs.roa (raw, json)
Hash identifier:          jVrbi/zedajy9DwakU5fMEcemk1VtyofZlJnv5QXr/g=
Subject key identifier:   C1:D0:58:31:EB:66:D1:8A:83:27:4C:00:E8:B1:16:7B:16:D8:DB:3B
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       019B7F146FB5018C92CE59DA183A7DA48EED
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wdBYMetm0YqDJ0wA6LEWexbY2zs.roa
Signing time:             Fri 02 Jan 2026 14:20:04 +0000
ROA not before:           Fri 02 Jan 2026 14:20:04 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     398343
IP address blocks:        193.233.204.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:14:6f:b5:01:8c:92:ce:59:da:18:3a:7d:a4:8e:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 14:20:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c1d05831eb66d18a83274c00e8b1167b16d8db3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d7:18:dd:d5:5a:02:bf:5f:39:12:4c:cd:f1:
                    5f:3b:cb:17:d8:c4:e3:de:75:12:93:1e:3d:04:b5:
                    53:13:8b:34:1c:0a:40:c9:03:a7:53:6f:9d:7a:0f:
                    05:42:5a:1a:be:fe:8f:78:1b:f8:3f:42:e9:25:49:
                    15:b7:ed:32:33:20:4f:7f:d0:89:91:b1:7d:61:cf:
                    11:14:e1:78:f9:5f:ef:8b:b5:02:db:cb:56:37:5c:
                    b4:72:69:29:6c:ce:36:99:4e:6e:3b:19:b5:e7:53:
                    9a:52:69:1f:f2:93:03:2b:f9:e9:7b:4a:0a:7f:0a:
                    fe:9b:86:e7:c2:7a:97:1f:c1:07:23:03:6b:c0:1f:
                    f3:aa:20:68:b2:fb:03:f6:58:ef:d9:37:62:a7:37:
                    f3:ea:fd:74:62:e0:8b:8f:6a:e6:e7:32:f1:c0:16:
                    05:57:ef:7b:98:99:0c:87:83:ee:7e:0b:0e:6b:90:
                    c3:2e:1d:5b:db:d3:c6:1b:fe:3b:7f:a1:68:80:eb:
                    f9:13:66:c2:0b:12:e1:f7:89:03:fd:22:cc:2b:39:
                    88:cc:df:44:89:9d:b5:c2:f2:44:76:06:97:39:75:
                    cb:bd:87:73:4d:ce:23:70:b6:50:b9:85:4e:26:55:
                    e5:60:38:5c:63:05:2d:70:5e:cb:d6:8d:0c:e5:c3:
                    0f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:D0:58:31:EB:66:D1:8A:83:27:4C:00:E8:B1:16:7B:16:D8:DB:3B
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wdBYMetm0YqDJ0wA6LEWexbY2zs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:f4:a4:d0:dd:28:c6:94:a3:df:12:ac:58:0c:4c:d0:03:6b:
         14:3b:36:79:96:75:7a:5e:87:28:4c:17:4c:86:a2:22:e1:64:
         90:15:4b:fb:51:a5:98:cc:3f:de:4d:08:da:94:26:dd:84:cd:
         09:5e:36:7b:cd:dc:03:21:03:82:ac:b5:d4:ca:1a:7e:33:a9:
         b7:a1:1e:84:08:7f:f5:a5:5e:90:0d:cb:ca:3b:a8:ca:e2:ba:
         d4:a3:9b:cf:98:3d:9d:1d:88:43:b5:67:53:9f:63:f1:ec:e3:
         5b:66:55:71:4d:a4:ad:ca:7d:34:cc:08:87:59:2a:28:92:b1:
         87:3a:d1:3e:ed:83:4f:9f:0a:b7:29:c7:41:27:b8:5f:67:0b:
         46:31:fc:64:12:aa:bd:d0:50:c2:2f:8c:b4:ba:32:58:cf:85:
         26:22:b8:d9:46:e4:e3:c8:83:9c:73:bc:3f:0a:43:85:3d:9f:
         24:56:ea:82:da:47:11:10:70:84:9b:57:aa:41:21:c2:3b:fc:
         88:d5:89:bc:2a:14:2b:38:6e:7b:8e:8f:d3:69:9e:01:8d:a3:
         b2:9b:5d:8c:90:8a:23:34:68:fa:2c:61:2a:de:99:c7:93:b0:
         28:eb:6a:5d:9e:f6:1c:ce:8a:18:ab:4f:bf:82:13:d1:4a:e4:
         4e:55:a5:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FG+1AYySzlnaGDp9pI7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwMTAyMTQyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQwNTgzMWViNjZkMThhODMyNzRjMDBlOGIxMTY3YjE2ZDhkYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNcY3dVaAr9fORJMzfFfO8sX2MTj
3nUSkx49BLVTE4s0HApAyQOnU2+deg8FQloavv6PeBv4P0LpJUkVt+0yMyBPf9CJ
kbF9Yc8RFOF4+V/vi7UC28tWN1y0cmkpbM42mU5uOxm151OaUmkf8pMDK/npe0oK
fwr+m4bnwnqXH8EHIwNrwB/zqiBosvsD9ljv2Tdipzfz6v10YuCLj2rm5zLxwBYF
V+97mJkMh4PufgsOa5DDLh1b29PGG/47f6FogOv5E2bCCxLh94kD/SLMKzmIzN9E
iZ21wvJEdgaXOXXLvYdzTc4jcLZQuYVOJlXlYDhcYwUtcF7L1o0M5cMPvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHQWDHrZtGKgydMAOixFnsW2Ns7MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvd2RCWU1ldG0wWXFESjB3QTZMRVdleGJZMnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwenMMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ9KTQ3SjGlKPfEqxYDEzQA2sUOzZ5lnV6XocoTBdM
hqIi4WSQFUv7UaWYzD/eTQjalCbdhM0JXjZ7zdwDIQOCrLXUyhp+M6m3oR6ECH/1
pV6QDcvKO6jK4rrUo5vPmD2dHYhDtWdTn2Px7ONbZlVxTaStyn00zAiHWSookrGH
OtE+7YNPnwq3KcdBJ7hfZwtGMfxkEqq90FDCL4y0ujJYz4UmIrjZRuTjyIOcc7w/
CkOFPZ8kVuqC2kcREHCEm1eqQSHCO/yI1Ym8KhQrOG57jo/TaZ4BjaOym12MkIoj
NGj6LGEq3pnHk7Ao62pdnvYczooYq0+/ghPRSuROVaVS
-----END CERTIFICATE-----