This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/2ww4Tbxu8yxvwyCs4G733_97l4o.roa
File:                     2ww4Tbxu8yxvwyCs4G733_97l4o.roa (raw, json)
Hash identifier:          XS/S+oEr6KaVoIO89k+53yIi1peHV8tqEuixKZpqvUM=
Subject key identifier:   DB:0C:38:4D:BC:6E:F3:2C:6F:C3:20:AC:E0:6E:F7:DF:FF:7B:97:8A
Certificate issuer:       /CN=d72b8237b3f6d1d1beac29d2969640b39dcb943e
Certificate serial:       019C091C8665BAED2DB4990A37E8E366B36C
Authority key identifier: D7:2B:82:37:B3:F6:D1:D1:BE:AC:29:D2:96:96:40:B3:9D:CB:94:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yuCN7P20dG-rCnSlpZAs53LlD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/2ww4Tbxu8yxvwyCs4G733_97l4o.roa
Signing time:             Thu 29 Jan 2026 09:36:30 +0000
ROA not before:           Thu 29 Jan 2026 09:36:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     203866
IP address blocks:        176.111.47.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/1yuCN7P20dG-rCnSlpZAs53LlD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/1yuCN7P20dG-rCnSlpZAs53LlD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1yuCN7P20dG-rCnSlpZAs53LlD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:09:1c:86:65:ba:ed:2d:b4:99:0a:37:e8:e3:66:b3:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d72b8237b3f6d1d1beac29d2969640b39dcb943e
        Validity
            Not Before: Jan 29 09:36:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=db0c384dbc6ef32c6fc320ace06ef7dfff7b978a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:83:90:64:ca:25:e8:e2:30:ac:b9:c4:ab:02:
                    d5:51:56:73:12:b6:99:e5:a2:10:51:04:5e:8e:8b:
                    0e:93:58:cc:6c:a9:db:48:f5:fb:25:b0:8b:f2:a5:
                    a2:03:8c:93:c4:03:de:da:9e:47:13:74:ab:9f:f1:
                    c1:cb:b8:07:5f:e4:da:43:48:6e:c3:c9:23:c9:78:
                    ae:0a:3a:e9:47:9e:a1:91:0e:ea:10:b7:25:c0:41:
                    79:29:ea:71:e7:c9:c9:a2:8e:99:4e:a9:6a:81:ba:
                    25:57:49:67:58:d4:06:04:e6:67:ed:88:67:31:46:
                    9a:bd:64:7c:ea:a5:1e:9c:d1:2a:fc:39:79:c1:27:
                    21:8b:54:af:db:67:6a:02:60:9b:e7:7b:c9:9d:85:
                    cc:0a:12:10:b3:4b:fd:8b:e7:15:68:5a:cb:0f:73:
                    c4:fe:36:04:0b:12:64:2e:83:c3:95:1a:7c:d7:56:
                    f6:23:61:02:1b:f4:35:d1:dc:38:c1:80:2e:13:41:
                    a8:31:dc:52:f1:23:c1:42:44:ee:62:02:f2:94:e8:
                    52:ff:56:0a:61:23:dc:b5:94:d4:b3:96:49:0e:ba:
                    15:2d:be:3a:10:ba:fd:c2:28:de:1f:50:01:05:11:
                    1a:52:98:9b:e3:23:88:66:40:68:34:58:61:a3:ff:
                    7f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:0C:38:4D:BC:6E:F3:2C:6F:C3:20:AC:E0:6E:F7:DF:FF:7B:97:8A
            X509v3 Authority Key Identifier:
                keyid:D7:2B:82:37:B3:F6:D1:D1:BE:AC:29:D2:96:96:40:B3:9D:CB:94:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yuCN7P20dG-rCnSlpZAs53LlD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/2ww4Tbxu8yxvwyCs4G733_97l4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6a1638-1ea6-4661-8ce8-e68d9a56452c/1/1yuCN7P20dG-rCnSlpZAs53LlD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.111.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:45:c7:82:9a:26:e0:67:56:81:d2:c1:2b:3d:b4:0e:60:60:
         b2:79:0b:71:b4:f6:b0:c2:cf:98:9c:12:54:f3:4a:50:36:53:
         d9:b8:c4:90:6a:01:9c:46:89:34:a2:8c:0d:f2:74:fd:26:d1:
         52:86:c6:41:71:26:48:3c:36:f3:4d:c0:05:4c:10:7b:99:93:
         77:d4:a2:66:f4:6e:30:d1:f5:db:dc:19:f4:f6:03:5d:b0:83:
         04:47:23:46:56:df:f5:bd:8e:89:a0:85:37:61:65:4c:74:c2:
         0a:91:07:f6:87:f2:6e:ac:25:4d:0d:9b:e9:a0:b8:e0:16:aa:
         85:0a:db:0d:af:35:70:fe:b2:11:91:e9:7e:dc:da:a5:e9:76:
         72:61:7d:b2:37:16:27:a6:99:94:37:c8:77:2d:f8:15:af:0d:
         f2:52:bb:d3:2d:dd:af:2f:d6:23:85:9a:c1:0b:36:79:26:bd:
         8d:27:1b:f3:3b:0c:63:5a:e8:77:6a:ce:d6:4c:4c:30:08:3c:
         fa:7d:69:d3:8d:3a:65:08:58:8d:33:9f:78:37:23:76:c3:77:
         47:55:6a:04:ac:ac:29:a2:50:b0:be:a2:03:1d:44:c5:f7:f4:
         b4:d0:38:af:88:7f:0a:b7:37:46:d7:fc:73:52:c9:78:9e:28:
         a6:87:a3:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwJHIZluu0ttJkKN+jjZrNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MmI4MjM3YjNmNmQxZDFiZWFjMjlkMjk2OTY0MGIzOWRj
Yjk0M2UwHhcNMjYwMTI5MDkzNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBjMzg0ZGJjNmVmMzJjNmZjMzIwYWNlMDZlZjdkZmZmN2I5NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4OQZMol6OIwrLnEqwLVUVZzEraZ
5aIQUQRejosOk1jMbKnbSPX7JbCL8qWiA4yTxAPe2p5HE3Srn/HBy7gHX+TaQ0hu
w8kjyXiuCjrpR56hkQ7qELclwEF5Kepx58nJoo6ZTqlqgbolV0lnWNQGBOZn7Yhn
MUaavWR86qUenNEq/Dl5wSchi1Sv22dqAmCb53vJnYXMChIQs0v9i+cVaFrLD3PE
/jYECxJkLoPDlRp811b2I2ECG/Q10dw4wYAuE0GoMdxS8SPBQkTuYgLylOhS/1YK
YSPctZTUs5ZJDroVLb46ELr9wijeH1ABBREaUpib4yOIZkBoNFhho/9/gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsMOE28bvMsb8MgrOBu99//e5eKMB8GA1UdIwQY
MBaAFNcrgjez9tHRvqwp0paWQLOdy5Q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXl1Q043UDIwZEctckNuU2xwWkFzNTNMbEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82YTE2MzgtMWVhNi00NjYxLThjZTgt
ZTY4ZDlhNTY0NTJjLzEvMnd3NFRieHU4eXh2d3lDczRHNzMzXzk3bDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82YTE2MzgtMWVhNi00NjYxLThjZTgtZTY4ZDlhNTY0NTJj
LzEvMXl1Q043UDIwZEctckNuU2xwWkFzNTNMbEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsG8vMA0G
CSqGSIb3DQEBCwUAA4IBAQCJRceCmibgZ1aB0sErPbQOYGCyeQtxtPawws+YnBJU
80pQNlPZuMSQagGcRok0oowN8nT9JtFShsZBcSZIPDbzTcAFTBB7mZN31KJm9G4w
0fXb3Bn09gNdsIMERyNGVt/1vY6JoIU3YWVMdMIKkQf2h/JurCVNDZvpoLjgFqqF
CtsNrzVw/rIRkel+3Nql6XZyYX2yNxYnppmUN8h3LfgVrw3yUrvTLd2vL9YjhZrB
CzZ5Jr2NJxvzOwxjWuh3as7WTEwwCDz6fWnTjTplCFiNM594NyN2w3dHVWoErKwp
olCwvqIDHUTF9/S00DiviH8KtzdG1/xzUsl4niimh6NL
-----END CERTIFICATE-----