This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/WYbOXwxihj0bjLIXKj3u1ebytSY.roa
File:                     WYbOXwxihj0bjLIXKj3u1ebytSY.roa (raw, json)
Hash identifier:          t1z25B6Lt32VOFgFu4rCBJtBngirrzFPCmAMUlygmlc=
Subject key identifier:   59:86:CE:5F:0C:62:86:3D:1B:8C:B2:17:2A:3D:EE:D5:E6:F2:B5:26
Certificate issuer:       /CN=5dd69d9f749630f0256cf0ceab58836b491a58f6
Certificate serial:       019B7DCAA8C0EC245C6D2D3BE6EE90FD2D5A
Authority key identifier: 5D:D6:9D:9F:74:96:30:F0:25:6C:F0:CE:AB:58:83:6B:49:1A:58:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xdadn3SWMPAlbPDOq1iDa0kaWPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/WYbOXwxihj0bjLIXKj3u1ebytSY.roa
Signing time:             Fri 02 Jan 2026 08:19:52 +0000
ROA not before:           Fri 02 Jan 2026 08:19:52 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60168
IP address blocks:        62.68.90.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/Xdadn3SWMPAlbPDOq1iDa0kaWPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/Xdadn3SWMPAlbPDOq1iDa0kaWPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xdadn3SWMPAlbPDOq1iDa0kaWPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:a8:c0:ec:24:5c:6d:2d:3b:e6:ee:90:fd:2d:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd69d9f749630f0256cf0ceab58836b491a58f6
        Validity
            Not Before: Jan  2 08:19:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5986ce5f0c62863d1b8cb2172a3deed5e6f2b526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:49:b7:d0:c7:07:de:cb:46:e2:25:03:12:ad:
                    23:73:07:77:37:9a:a2:66:65:42:57:e6:b2:c6:90:
                    01:01:dc:0e:0a:43:56:63:de:c2:b3:c7:d0:85:a9:
                    55:e7:12:42:c4:40:8a:07:c2:b9:17:1d:92:65:01:
                    7b:35:d6:f4:ca:5e:9e:2d:fe:78:55:8d:74:d7:c7:
                    98:6a:03:9e:d2:0e:be:16:6d:19:b6:b9:c1:6c:bd:
                    b0:b3:c2:4e:d0:f3:c3:0b:ff:7f:27:01:ef:d4:34:
                    d7:f5:cc:5c:3c:c2:2e:d8:7a:b0:9d:2d:e7:09:bd:
                    17:c4:4a:e7:f5:dc:eb:19:a0:f1:0d:7a:72:8f:4f:
                    1c:74:ea:17:ae:b4:bc:9e:bd:76:39:dc:32:de:b6:
                    c4:f5:f0:da:78:08:65:01:de:e8:d6:13:bb:50:40:
                    7f:ca:9b:37:b5:5f:cb:5c:da:8b:5c:4f:68:63:03:
                    f4:0a:ae:45:1a:10:71:cd:a6:e9:d3:cc:39:d0:67:
                    58:de:3a:a5:19:30:ce:ff:5c:ff:e7:2e:6e:4b:ef:
                    6e:2c:a1:10:ca:4f:d7:af:10:d7:07:fe:87:de:48:
                    20:5d:6a:f6:41:23:3d:1f:5b:22:e8:bc:ed:5e:29:
                    60:0b:4e:a6:5b:a9:2f:9d:3a:62:0d:c7:cb:d1:51:
                    d6:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:86:CE:5F:0C:62:86:3D:1B:8C:B2:17:2A:3D:EE:D5:E6:F2:B5:26
            X509v3 Authority Key Identifier:
                keyid:5D:D6:9D:9F:74:96:30:F0:25:6C:F0:CE:AB:58:83:6B:49:1A:58:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdadn3SWMPAlbPDOq1iDa0kaWPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/WYbOXwxihj0bjLIXKj3u1ebytSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/616924-93b2-4dcb-aeeb-f3fd64331709/1/Xdadn3SWMPAlbPDOq1iDa0kaWPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.68.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:2f:c5:2a:a1:4f:42:ab:d8:3c:90:60:f5:1d:28:f3:fd:92:
         2d:3d:da:38:b8:d9:07:dd:cb:f4:65:59:f2:18:62:14:04:a2:
         b0:0c:82:6f:b0:e1:65:1d:41:79:71:37:ec:9a:94:d0:62:38:
         06:f8:d0:e9:b2:8f:a5:2d:08:bd:53:26:7f:ff:13:fb:06:84:
         7f:de:16:3c:09:24:9d:bb:30:91:24:31:ed:94:42:7b:c2:d1:
         38:9d:78:5c:24:88:3e:8b:f5:43:27:26:21:58:7e:ee:fc:3d:
         f7:43:6a:da:d3:ea:ac:00:97:3e:ca:4e:72:11:c4:f8:d4:9d:
         ed:c2:cf:a4:7a:1a:40:b1:b7:2d:a1:a0:d9:c1:30:03:98:2b:
         61:f9:05:a3:53:62:0f:64:8d:dc:d0:c4:2e:fb:ad:61:98:8d:
         2f:27:57:0e:0d:b4:23:5b:91:ca:ce:5b:0c:a3:d5:d6:16:75:
         80:4f:e0:42:29:0e:d6:20:91:58:34:1b:67:8a:92:f6:e6:f7:
         23:e5:ab:c0:ef:b8:9b:ce:24:bc:8e:ad:01:85:f0:48:f6:5c:
         23:e8:80:0e:43:fa:f5:6e:af:2e:4a:14:91:7b:a7:69:d3:d2:
         a4:08:81:7a:b1:c8:39:92:e6:2c:56:94:c3:4d:94:39:82:f8:
         49:ea:63:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yqjA7CRcbS075u6Q/S1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDY5ZDlmNzQ5NjMwZjAyNTZjZjBjZWFiNTg4MzZiNDkx
YTU4ZjYwHhcNMjYwMTAyMDgxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg2Y2U1ZjBjNjI4NjNkMWI4Y2IyMTcyYTNkZWVkNWU2ZjJiNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Em30McH3stG4iUDEq0jcwd3N5qi
ZmVCV+ayxpABAdwOCkNWY97Cs8fQhalV5xJCxECKB8K5Fx2SZQF7Ndb0yl6eLf54
VY1018eYagOe0g6+Fm0ZtrnBbL2ws8JO0PPDC/9/JwHv1DTX9cxcPMIu2HqwnS3n
Cb0XxErn9dzrGaDxDXpyj08cdOoXrrS8nr12Odwy3rbE9fDaeAhlAd7o1hO7UEB/
yps3tV/LXNqLXE9oYwP0Cq5FGhBxzabp08w50GdY3jqlGTDO/1z/5y5uS+9uLKEQ
yk/XrxDXB/6H3kggXWr2QSM9H1si6LztXilgC06mW6kvnTpiDcfL0VHW7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmGzl8MYoY9G4yyFyo97tXm8rUmMB8GA1UdIwQY
MBaAFF3WnZ90ljDwJWzwzqtYg2tJGlj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRhZG4zU1dNUEFsYlBET3ExaURhMGthV1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTY5MjQtOTNiMi00ZGNiLWFlZWIt
ZjNmZDY0MzMxNzA5LzEvV1liT1h3eGloajBiakxJWEtqM3UxZWJ5dFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTY5MjQtOTNiMi00ZGNiLWFlZWItZjNmZDY0MzMxNzA5
LzEvWGRhZG4zU1dNUEFsYlBET3ExaURhMGthV1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRaMA0G
CSqGSIb3DQEBCwUAA4IBAQBdL8UqoU9Cq9g8kGD1HSjz/ZItPdo4uNkH3cv0ZVny
GGIUBKKwDIJvsOFlHUF5cTfsmpTQYjgG+NDpso+lLQi9UyZ//xP7BoR/3hY8CSSd
uzCRJDHtlEJ7wtE4nXhcJIg+i/VDJyYhWH7u/D33Q2ra0+qsAJc+yk5yEcT41J3t
ws+kehpAsbctoaDZwTADmCth+QWjU2IPZI3c0MQu+61hmI0vJ1cODbQjW5HKzlsM
o9XWFnWAT+BCKQ7WIJFYNBtnipL25vcj5avA77ibziS8jq0BhfBI9lwj6IAOQ/r1
bq8uShSRe6dp09KkCIF6scg5kuYsVpTDTZQ5gvhJ6mOz
-----END CERTIFICATE-----