This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/WTjNaQvAYBbxhENHFuwSu9--HEg.roa
File:                     WTjNaQvAYBbxhENHFuwSu9--HEg.roa (raw, json)
Hash identifier:          oj0j2n1JJeIVJSRteyq+gfPwLOAIrtIK/epr0AaSdzU=
Subject key identifier:   59:38:CD:69:0B:C0:60:16:F1:84:43:47:16:EC:12:BB:DF:BE:1C:48
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B355C3A06ACD89F9EA9F1F2C66FDAE6
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/WTjNaQvAYBbxhENHFuwSu9--HEg.roa
Signing time:             Thu 01 Jan 2026 20:17:33 +0000
ROA not before:           Thu 01 Jan 2026 20:17:33 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     10753
IP address blocks:        194.102.120.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:5c:3a:06:ac:d8:9f:9e:a9:f1:f2:c6:6f:da:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5938cd690bc06016f184434716ec12bbdfbe1c48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:a3:a3:7a:2e:67:04:0b:d3:f7:86:25:1b:c7:
                    1e:59:5e:12:68:1b:07:00:db:6f:ac:ff:f7:25:1b:
                    93:aa:66:6a:76:c8:f2:46:1b:0e:b8:48:be:16:3b:
                    92:b7:63:32:1f:0e:96:c2:e4:27:7f:d7:ee:3b:88:
                    2a:71:b5:4b:2d:42:d3:af:14:64:0b:56:a7:7d:0b:
                    b2:7c:17:b5:b4:90:27:b9:11:0f:ce:c8:34:6d:ae:
                    4e:ae:82:ec:ae:c2:78:b6:db:5e:1e:37:a8:fb:a4:
                    44:09:58:b6:30:c1:d0:fc:95:b5:cb:6d:fa:56:27:
                    24:12:16:5a:94:86:91:7f:6e:2c:ce:6f:02:a2:d9:
                    c5:24:1c:8c:ee:c4:01:d9:00:c1:8a:09:6f:a5:4d:
                    a7:d0:79:f6:e4:bb:95:0d:6f:12:b0:b5:55:45:e4:
                    ea:9a:b9:06:74:a6:84:d2:07:24:21:78:42:ff:63:
                    ce:a8:8f:6f:d2:68:35:c6:9f:bc:b2:8f:2b:ea:f1:
                    d8:09:8c:e2:03:8b:50:df:08:9e:cb:53:c4:b9:d4:
                    80:77:4b:0a:f3:a4:13:0c:03:c2:9a:26:f7:90:c8:
                    8a:3f:17:5d:36:04:52:c3:16:13:4d:29:7f:fb:b3:
                    b0:c7:7c:aa:55:c4:7b:e2:a0:06:2b:6e:45:77:be:
                    6d:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:38:CD:69:0B:C0:60:16:F1:84:43:47:16:EC:12:BB:DF:BE:1C:48
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/WTjNaQvAYBbxhENHFuwSu9--HEg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:7a:f7:61:9f:71:03:1f:cb:8c:54:23:2b:d5:28:06:78:d9:
         8b:1b:eb:28:d5:a9:18:56:5b:96:e5:63:11:35:c5:f3:f3:d4:
         12:94:6a:51:6c:9c:d0:b6:c6:af:6b:1e:66:77:e9:39:e5:a2:
         cf:f3:65:69:7b:56:07:d5:55:28:60:d6:3f:9d:0d:a0:5d:d2:
         fa:8d:2d:b7:23:7c:94:f8:a9:15:ca:d3:cf:7a:19:f6:3d:a5:
         85:c8:e8:c9:20:1c:ba:48:b5:8b:89:f9:9f:83:47:68:fc:fa:
         80:42:ba:2e:ab:6a:e4:bf:20:7e:47:18:5b:de:98:64:57:e9:
         fe:ac:90:4e:1e:a7:6f:6d:c6:79:65:5e:24:35:98:71:99:4c:
         a7:0d:9e:53:68:2e:cd:96:9f:98:7c:4a:58:99:a3:8c:39:46:
         3a:61:0d:6a:2f:ac:8d:f4:ed:83:75:43:4d:0f:35:e5:fe:d9:
         89:1d:39:13:0c:4b:d7:c9:6a:7b:ae:f3:d7:5d:ea:35:d6:ea:
         a9:4a:59:41:14:3a:b5:77:a9:60:69:96:d8:70:36:87:0f:09:
         aa:0b:cb:53:a6:1a:3b:6c:d4:1c:7a:f8:73:27:87:23:69:d0:
         d3:07:04:c2:bd:46:2f:d4:dd:f2:44:d1:d1:90:86:dc:d3:37:
         65:96:cd:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NVw6BqzYn56p8fLGb9rmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTM4Y2Q2OTBiYzA2MDE2ZjE4NDQzNDcxNmVjMTJiYmRmYmUxYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9aOjei5nBAvT94YlG8ceWV4SaBsH
ANtvrP/3JRuTqmZqdsjyRhsOuEi+FjuSt2MyHw6WwuQnf9fuO4gqcbVLLULTrxRk
C1anfQuyfBe1tJAnuREPzsg0ba5OroLsrsJ4ttteHjeo+6RECVi2MMHQ/JW1y236
VickEhZalIaRf24szm8CotnFJByM7sQB2QDBiglvpU2n0Hn25LuVDW8SsLVVReTq
mrkGdKaE0gckIXhC/2POqI9v0mg1xp+8so8r6vHYCYziA4tQ3wiey1PEudSAd0sK
86QTDAPCmib3kMiKPxddNgRSwxYTTSl/+7Owx3yqVcR74qAGK25Fd75tfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFk4zWkLwGAW8YRDRxbsErvfvhxIMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvV1RqTmFRdkFZQmJ4aEVOSEZ1d1N1OS0tSEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmZ4MA0G
CSqGSIb3DQEBCwUAA4IBAQCmevdhn3EDH8uMVCMr1SgGeNmLG+so1akYVluW5WMR
NcXz89QSlGpRbJzQtsavax5md+k55aLP82Vpe1YH1VUoYNY/nQ2gXdL6jS23I3yU
+KkVytPPehn2PaWFyOjJIBy6SLWLifmfg0do/PqAQrouq2rkvyB+Rxhb3phkV+n+
rJBOHqdvbcZ5ZV4kNZhxmUynDZ5TaC7Nlp+YfEpYmaOMOUY6YQ1qL6yN9O2DdUNN
DzXl/tmJHTkTDEvXyWp7rvPXXeo11uqpSllBFDq1d6lgaZbYcDaHDwmqC8tTpho7
bNQcevhzJ4cjadDTBwTCvUYv1N3yRNHRkIbc0zdlls36
-----END CERTIFICATE-----