This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QTwzzHohzZXtCev6GOQlH9AGXD4.roa
File:                     QTwzzHohzZXtCev6GOQlH9AGXD4.roa (raw, json)
Hash identifier:          6wskNGBQ/KitO6IQVhrGA1LcyCUybdJv0Z00G25dcZM=
Subject key identifier:   41:3C:33:CC:7A:21:CD:95:ED:09:EB:FA:18:E4:25:1F:D0:06:5C:3E
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       019B7EA75F54698E0E63A06CFCC079BA1706
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QTwzzHohzZXtCev6GOQlH9AGXD4.roa
Signing time:             Fri 02 Jan 2026 12:20:56 +0000
ROA not before:           Fri 02 Jan 2026 12:20:56 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211440
IP address blocks:        178.211.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 Jan 2026 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a7:5f:54:69:8e:0e:63:a0:6c:fc:c0:79:ba:17:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Jan  2 12:20:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=413c33cc7a21cd95ed09ebfa18e4251fd0065c3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e2:4c:b2:03:b3:2e:ef:9b:cb:c0:b6:66:ce:
                    50:f2:e4:c4:c6:d3:c0:a8:c7:51:2a:6a:9f:fb:81:
                    76:03:81:d4:03:15:1b:95:49:d3:63:20:fd:57:6f:
                    52:b8:86:19:08:38:01:e3:54:36:81:8d:cd:b1:9f:
                    f9:fa:ce:f5:58:0f:70:14:f2:6b:cd:80:11:12:16:
                    b4:87:cf:bd:ca:b7:8d:94:76:04:ff:60:73:fb:ff:
                    33:5a:9e:e5:b7:db:ed:d2:02:7e:22:54:91:36:70:
                    97:83:28:7d:8d:ce:97:a2:18:3e:d1:3a:c0:a4:c0:
                    72:43:0b:2f:19:15:48:4e:6f:88:12:b8:f3:f6:ec:
                    dd:b9:95:c1:2a:1f:93:ad:93:b3:23:ac:ef:39:78:
                    be:d4:cf:62:73:6e:83:44:2f:b2:69:c8:57:8d:74:
                    ad:7f:58:ff:02:6d:8e:8b:6f:98:18:f4:81:89:d6:
                    23:ed:5c:6c:88:2c:a4:65:f8:65:71:78:5b:bf:c0:
                    74:2e:33:9e:d7:3b:45:e2:ca:34:78:43:cf:16:8f:
                    40:f5:da:83:8c:8f:ca:24:9c:39:6b:70:87:22:c0:
                    be:1a:3d:0e:31:1a:24:ea:e7:1a:24:d3:49:6b:6f:
                    4c:ae:c8:78:71:e8:f4:6d:f2:fd:c1:d4:e4:71:1b:
                    1d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:3C:33:CC:7A:21:CD:95:ED:09:EB:FA:18:E4:25:1F:D0:06:5C:3E
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QTwzzHohzZXtCev6GOQlH9AGXD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:f7:94:c1:af:3d:c0:2a:49:4e:ca:a7:0f:bf:2c:3f:83:15:
         1d:8a:11:55:ba:fb:e7:cc:78:ef:e5:20:2b:a3:82:5d:75:12:
         91:ec:a1:51:a4:61:0d:e7:17:e4:6d:21:44:ac:f4:a0:f1:d5:
         f5:23:8d:b1:0b:ac:12:c5:a2:75:3d:98:f2:04:b8:9d:f8:db:
         31:9e:a0:eb:7b:3e:bb:97:77:b9:12:cc:12:f3:d4:e3:a2:34:
         77:29:af:36:cd:97:82:e2:b2:43:61:21:a7:05:20:67:f1:d7:
         23:60:6b:f3:e9:e5:39:60:b1:dd:fa:aa:24:40:d7:a3:ab:f8:
         13:a6:4b:eb:52:cf:69:2f:3e:6d:88:27:bd:d8:38:13:d4:92:
         20:70:5c:ec:9e:d6:d1:e8:6a:dd:e2:7c:24:f7:47:d9:1b:e2:
         83:72:0c:1e:9f:2f:a1:d4:24:02:d8:66:c2:6c:93:4b:45:d8:
         e9:7e:3f:95:76:60:fe:0e:70:ee:d6:52:6f:a6:32:64:bc:4e:
         1c:fa:8b:25:b7:f4:61:bb:91:34:f6:fc:60:87:02:72:24:6c:
         25:6b:62:0f:d3:2a:3d:c5:d5:bd:34:18:7f:51:2a:22:d4:23:
         d4:47:29:9d:08:fd:ee:04:00:90:f8:60:1b:b9:51:70:53:fb:
         0e:5c:15:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+p19UaY4OY6Bs/MB5uhcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwMTAyMTIyMDU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNjMzNjYzdhMjFjZDk1ZWQwOWViZmExOGU0MjUxZmQwMDY1YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOJMsgOzLu+by8C2Zs5Q8uTExtPA
qMdRKmqf+4F2A4HUAxUblUnTYyD9V29SuIYZCDgB41Q2gY3NsZ/5+s71WA9wFPJr
zYAREha0h8+9yreNlHYE/2Bz+/8zWp7lt9vt0gJ+IlSRNnCXgyh9jc6Xohg+0TrA
pMByQwsvGRVITm+IErjz9uzduZXBKh+TrZOzI6zvOXi+1M9ic26DRC+yachXjXSt
f1j/Am2Oi2+YGPSBidYj7VxsiCykZfhlcXhbv8B0LjOe1ztF4so0eEPPFo9A9dqD
jI/KJJw5a3CHIsC+Gj0OMRok6ucaJNNJa29Mrsh4cej0bfL9wdTkcRsdPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEE8M8x6Ic2V7Qnr+hjkJR/QBlw+MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUVR3enpIb2h6Wlh0Q2V2NkdPUWxIOUFHWEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOEMA0G
CSqGSIb3DQEBCwUAA4IBAQAt95TBrz3AKklOyqcPvyw/gxUdihFVuvvnzHjv5SAr
o4JddRKR7KFRpGEN5xfkbSFErPSg8dX1I42xC6wSxaJ1PZjyBLid+NsxnqDrez67
l3e5EswS89TjojR3Ka82zZeC4rJDYSGnBSBn8dcjYGvz6eU5YLHd+qokQNejq/gT
pkvrUs9pLz5tiCe92DgT1JIgcFzsntbR6Grd4nwk90fZG+KDcgweny+h1CQC2GbC
bJNLRdjpfj+VdmD+DnDu1lJvpjJkvE4c+oslt/Rhu5E09vxghwJyJGwla2IP0yo9
xdW9NBh/USoi1CPURymdCP3uBACQ+GAbuVFwU/sOXBXe
-----END CERTIFICATE-----