This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/TZWXpqEIRSAn5-MdEh0TXC0ihbM.roa
File:                     TZWXpqEIRSAn5-MdEh0TXC0ihbM.roa (raw, json)
Hash identifier:          b6vc3j264aI0sRTYVXv8kYXqVCVq/49Qgww833Y9+O8=
Subject key identifier:   4D:95:97:A6:A1:08:45:20:27:E7:E3:1D:12:1D:13:5C:2D:22:85:B3
Certificate issuer:       /CN=b6b77ec224c0b98ef979d0b0c5e587e4cb41f6c2
Certificate serial:       019C1F367EBB9E5A1CC9A23C50BE59CD241F
Authority key identifier: B6:B7:7E:C2:24:C0:B9:8E:F9:79:D0:B0:C5:E5:87:E4:CB:41:F6:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/trd-wiTAuY75edCwxeWH5MtB9sI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/TZWXpqEIRSAn5-MdEh0TXC0ihbM.roa
Signing time:             Mon 02 Feb 2026 16:36:30 +0000
ROA not before:           Mon 02 Feb 2026 16:36:30 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     56950
IP address blocks:        31.171.214.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/trd-wiTAuY75edCwxeWH5MtB9sI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/trd-wiTAuY75edCwxeWH5MtB9sI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/trd-wiTAuY75edCwxeWH5MtB9sI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:1f:36:7e:bb:9e:5a:1c:c9:a2:3c:50:be:59:cd:24:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6b77ec224c0b98ef979d0b0c5e587e4cb41f6c2
        Validity
            Not Before: Feb  2 16:36:30 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4d9597a6a108452027e7e31d121d135c2d2285b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a4:c3:6f:ae:3f:dd:57:a8:91:88:bc:91:e3:
                    c0:eb:12:eb:3b:63:95:3c:52:9e:cb:4f:55:4e:7a:
                    f3:b2:2a:f3:ec:c8:b0:81:c1:e0:3d:a0:47:da:52:
                    d0:f4:72:a2:b1:3b:98:26:1d:ae:22:df:ba:c6:4b:
                    4f:2e:d6:94:ca:da:3f:33:b6:fc:06:db:bc:00:e8:
                    58:81:d0:46:01:fd:4b:76:52:b4:9d:ee:a3:08:09:
                    15:df:0d:52:ae:49:a8:a3:28:44:b5:e0:25:de:6b:
                    31:08:e9:86:a5:84:87:00:a4:f5:12:a7:69:35:48:
                    c2:bc:73:cd:ad:84:05:b8:a5:a5:ae:3b:57:9f:f8:
                    33:e9:af:22:e5:4a:70:fb:60:2b:3f:3b:7f:70:ae:
                    9f:44:7c:3e:56:36:9f:e2:38:c8:ee:67:b0:f1:5c:
                    ac:5e:9f:52:80:40:5d:11:1b:42:95:ba:f1:b7:f5:
                    ab:14:6a:5c:91:01:f4:02:58:ac:e0:04:e3:65:15:
                    21:be:90:ac:97:5b:9a:e8:7d:ef:97:5a:2e:57:39:
                    49:85:2c:fa:e2:33:9e:f8:ba:c4:6e:27:d0:de:fc:
                    08:07:8c:05:ae:43:f0:40:fd:a7:be:69:f0:39:77:
                    69:fd:44:8e:44:48:a4:fe:de:79:29:18:a7:67:61:
                    a9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:95:97:A6:A1:08:45:20:27:E7:E3:1D:12:1D:13:5C:2D:22:85:B3
            X509v3 Authority Key Identifier:
                keyid:B6:B7:7E:C2:24:C0:B9:8E:F9:79:D0:B0:C5:E5:87:E4:CB:41:F6:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/trd-wiTAuY75edCwxeWH5MtB9sI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/TZWXpqEIRSAn5-MdEh0TXC0ihbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/604a53-c658-4ef2-8ceb-d7a829ce76e7/1/trd-wiTAuY75edCwxeWH5MtB9sI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.171.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:7b:d5:1c:6a:7a:43:e7:c8:b3:7f:17:4b:be:37:75:83:b6:
         29:8e:ee:2a:93:1e:c4:36:62:01:50:03:74:31:35:67:fb:f3:
         86:ad:7c:6f:c1:bb:cd:63:f6:53:55:68:fc:3a:c6:87:ac:a8:
         40:03:76:74:da:1b:7a:08:d8:0a:63:77:9d:42:37:80:4f:18:
         39:a9:86:c8:30:a7:b8:9d:f2:af:ef:80:00:83:94:da:93:4d:
         ae:ae:f6:dc:2a:b3:b5:9e:c8:17:1f:42:70:b7:19:ac:2d:79:
         72:52:87:41:90:51:e2:51:06:ea:2e:55:fa:b4:d3:b5:18:d5:
         c2:89:6a:52:b2:b9:e9:5b:eb:b5:ae:44:ec:f4:d0:73:16:03:
         24:b7:9a:bd:99:79:1f:4a:19:5d:c9:16:b9:2d:68:16:38:4c:
         4a:6f:3f:63:a9:06:66:fe:35:40:93:ec:b6:93:15:d2:45:f4:
         a4:61:55:28:92:a7:9c:ed:99:44:9e:3a:eb:6c:de:a0:af:9d:
         d2:25:c0:50:5c:b9:6b:8a:69:cb:15:d6:a4:85:52:44:1e:c4:
         11:81:73:ed:89:a3:a2:76:b0:b5:bc:64:f5:82:2d:be:24:8a:
         3b:44:a5:41:90:08:e9:af:8e:53:b6:fb:45:04:be:ed:53:b5:
         2c:b5:00:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwfNn67nlocyaI8UL5ZzSQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Yjc3ZWMyMjRjMGI5OGVmOTc5ZDBiMGM1ZTU4N2U0Y2I0
MWY2YzIwHhcNMjYwMjAyMTYzNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk1OTdhNmExMDg0NTIwMjdlN2UzMWQxMjFkMTM1YzJkMjI4NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaTDb64/3VeokYi8kePA6xLrO2OV
PFKey09VTnrzsirz7MiwgcHgPaBH2lLQ9HKisTuYJh2uIt+6xktPLtaUyto/M7b8
Btu8AOhYgdBGAf1LdlK0ne6jCAkV3w1SrkmooyhEteAl3msxCOmGpYSHAKT1Eqdp
NUjCvHPNrYQFuKWlrjtXn/gz6a8i5Upw+2ArPzt/cK6fRHw+Vjaf4jjI7mew8Vys
Xp9SgEBdERtClbrxt/WrFGpckQH0Alis4ATjZRUhvpCsl1ua6H3vl1ouVzlJhSz6
4jOe+LrEbifQ3vwIB4wFrkPwQP2nvmnwOXdp/USOREik/t55KRinZ2Gp4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2Vl6ahCEUgJ+fjHRIdE1wtIoWzMB8GA1UdIwQY
MBaAFLa3fsIkwLmO+XnQsMXlh+TLQfbCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHJkLXdpVEF1WTc1ZWRDd3hlV0g1TXRCOXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MDRhNTMtYzY1OC00ZWYyLThjZWIt
ZDdhODI5Y2U3NmU3LzEvVFpXWHBxRUlSU0FuNS1NZEVoMFRYQzBpaGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MDRhNTMtYzY1OC00ZWYyLThjZWItZDdhODI5Y2U3NmU3
LzEvdHJkLXdpVEF1WTc1ZWRDd3hlV0g1TXRCOXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6vWMA0G
CSqGSIb3DQEBCwUAA4IBAQCxe9UcanpD58izfxdLvjd1g7Ypju4qkx7ENmIBUAN0
MTVn+/OGrXxvwbvNY/ZTVWj8OsaHrKhAA3Z02ht6CNgKY3edQjeATxg5qYbIMKe4
nfKv74AAg5Tak02urvbcKrO1nsgXH0JwtxmsLXlyUodBkFHiUQbqLlX6tNO1GNXC
iWpSsrnpW+u1rkTs9NBzFgMkt5q9mXkfShldyRa5LWgWOExKbz9jqQZm/jVAk+y2
kxXSRfSkYVUokqec7ZlEnjrrbN6gr53SJcBQXLlrimnLFdakhVJEHsQRgXPtiaOi
drC1vGT1gi2+JIo7RKVBkAjpr45TtvtFBL7tU7UstQAL
-----END CERTIFICATE-----