This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/Aw2zWYgv8W7CwrMsEePdbTsLvok.roa
File:                     Aw2zWYgv8W7CwrMsEePdbTsLvok.roa (raw, json)
Hash identifier:          wEinvm1qao+9BCRR0fnnIbv5tbDhJ2a5pDYCtrsJwPc=
Subject key identifier:   03:0D:B3:59:88:2F:F1:6E:C2:C2:B3:2C:11:E3:DD:6D:3B:0B:BE:89
Certificate issuer:       /CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Certificate serial:       019B7E38936987F8F41B8C565A0FD1889F1A
Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/Aw2zWYgv8W7CwrMsEePdbTsLvok.roa
Signing time:             Fri 02 Jan 2026 10:19:55 +0000
ROA not before:           Fri 02 Jan 2026 10:19:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60700
IP address blocks:        194.44.30.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 10:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:93:69:87:f8:f4:1b:8c:56:5a:0f:d1:88:9f:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a
        Validity
            Not Before: Jan  2 10:19:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=030db359882ff16ec2c2b32c11e3dd6d3b0bbe89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4e:fe:71:80:4d:09:a9:e2:9c:48:1a:2d:75:
                    a9:30:e5:8d:23:35:b5:3c:f3:83:27:39:c5:1b:e3:
                    d7:7c:35:45:6b:3a:25:8a:fe:0d:d2:c6:24:c6:ab:
                    d4:b3:90:14:75:52:2b:49:12:d6:64:65:7a:3b:97:
                    9e:17:1f:4b:dd:90:19:1f:c3:96:d6:49:69:d2:46:
                    3c:1d:f8:ea:3d:5c:e4:49:2c:68:0b:92:2c:a0:d1:
                    4a:30:7a:8f:79:0d:2d:be:ed:ba:29:c9:3f:f8:7d:
                    46:48:fd:96:b7:58:9a:de:25:ce:54:17:ac:21:95:
                    cc:de:32:48:ff:d5:06:5e:9d:e4:b6:ef:4b:79:4d:
                    43:b7:07:53:69:59:07:eb:6a:3c:5f:2f:15:5e:a0:
                    62:4a:7c:b7:e6:bd:08:65:37:50:49:0c:23:51:80:
                    61:c2:11:01:a6:0c:50:82:94:9a:81:0b:48:58:4d:
                    62:33:df:ab:72:38:9a:1c:ab:dd:26:fd:eb:89:ed:
                    5a:f1:11:7b:29:ce:f2:24:f8:7d:c3:52:45:82:06:
                    09:74:e2:3e:03:fb:a6:1a:f5:6e:b4:6d:70:b8:66:
                    cb:95:2b:6f:5e:22:21:65:8f:9e:a8:bf:8d:e4:9f:
                    90:54:c4:ba:e9:50:96:12:55:a2:26:02:cf:3a:68:
                    b2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:0D:B3:59:88:2F:F1:6E:C2:C2:B3:2C:11:E3:DD:6D:3B:0B:BE:89
            X509v3 Authority Key Identifier:
                keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/Aw2zWYgv8W7CwrMsEePdbTsLvok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.44.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:c4:58:58:3e:eb:ca:a0:90:ba:e0:79:44:5e:7d:fd:d2:f3:
         da:79:3b:e7:0a:6b:8b:55:ba:f3:1f:d2:a5:d0:62:d9:af:14:
         fe:89:3b:cc:5f:4a:59:3f:3b:14:5d:1d:fe:17:d0:bc:55:c5:
         d6:37:0d:05:af:bf:d0:96:82:4f:19:a7:e6:74:16:2f:82:da:
         45:c2:58:29:04:90:07:a8:83:5f:be:a4:5d:08:8c:af:2b:9c:
         cb:05:f6:35:36:ee:b4:98:eb:38:cb:43:8d:27:43:c5:26:c7:
         e2:09:8c:3e:c6:7a:22:22:92:9a:7c:60:83:26:57:21:a6:13:
         88:eb:c9:50:07:a3:1c:de:6b:65:a5:b2:0e:ed:b6:bd:a4:ef:
         ec:e4:59:c4:fc:50:15:d1:0f:be:8c:7b:cb:e5:52:da:03:51:
         0b:3e:9d:ba:34:2f:3c:fc:5a:03:a7:5b:44:67:42:a8:26:03:
         3c:eb:d6:c3:56:f3:f4:dd:ed:63:2c:02:50:f8:19:01:98:c4:
         59:41:48:18:04:f6:75:93:b6:ca:c5:a9:4d:f9:9b:2a:3a:09:
         dd:7f:db:64:8b:37:ce:66:ed:9d:65:1b:88:93:91:ac:a2:55:
         94:4b:63:98:08:da:a6:65:52:33:0b:a6:da:bb:49:81:35:6d:
         69:ff:32:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OJNph/j0G4xWWg/RiJ8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0
Y2IxN2EwHhcNMjYwMTAyMTAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBkYjM1OTg4MmZmMTZlYzJjMmIzMmMxMWUzZGQ2ZDNiMGJiZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs07+cYBNCaninEgaLXWpMOWNIzW1
PPODJznFG+PXfDVFazoliv4N0sYkxqvUs5AUdVIrSRLWZGV6O5eeFx9L3ZAZH8OW
1klp0kY8HfjqPVzkSSxoC5IsoNFKMHqPeQ0tvu26Kck/+H1GSP2Wt1ia3iXOVBes
IZXM3jJI/9UGXp3ktu9LeU1DtwdTaVkH62o8Xy8VXqBiSny35r0IZTdQSQwjUYBh
whEBpgxQgpSagQtIWE1iM9+rcjiaHKvdJv3rie1a8RF7Kc7yJPh9w1JFggYJdOI+
A/umGvVutG1wuGbLlStvXiIhZY+eqL+N5J+QVMS66VCWElWiJgLPOmiyowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMNs1mIL/FuwsKzLBHj3W07C76JMB8GA1UdIwQY
MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt
NTQ5ZWU2ZDMwZmI2LzEvQXcyeldZZ3Y4VzdDd3JNc0VlUGRiVHNMdm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQtNTQ5ZWU2ZDMwZmI2
LzEvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiweMA0G
CSqGSIb3DQEBCwUAA4IBAQBlxFhYPuvKoJC64HlEXn390vPaeTvnCmuLVbrzH9Kl
0GLZrxT+iTvMX0pZPzsUXR3+F9C8VcXWNw0Fr7/QloJPGafmdBYvgtpFwlgpBJAH
qINfvqRdCIyvK5zLBfY1Nu60mOs4y0ONJ0PFJsfiCYw+xnoiIpKafGCDJlchphOI
68lQB6Mc3mtlpbIO7ba9pO/s5FnE/FAV0Q++jHvL5VLaA1ELPp26NC88/FoDp1tE
Z0KoJgM869bDVvP03e1jLAJQ+BkBmMRZQUgYBPZ1k7bKxalN+ZsqOgndf9tkizfO
Zu2dZRuIk5GsolWUS2OYCNqmZVIzC6bau0mBNW1p/zL/
-----END CERTIFICATE-----