This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wHEdgpxvruLulBANBZNPEyCONk.roa
File:                     5wHEdgpxvruLulBANBZNPEyCONk.roa (raw, json)
Hash identifier:          9ZTZ6odzPcPsQHNo5c6fBtlc4VFdqD+c/6sMnbhn5II=
Subject key identifier:   E7:01:C4:76:0A:71:BE:BB:8B:BA:50:40:34:16:4D:3C:4C:82:38:D9
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       019B7C80A47BF2E7218645964B99581CB0F6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wHEdgpxvruLulBANBZNPEyCONk.roa
Signing time:             Fri 02 Jan 2026 02:19:24 +0000
ROA not before:           Fri 02 Jan 2026 02:19:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     51358
IP address blocks:        84.32.33.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 09:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:a4:7b:f2:e7:21:86:45:96:4b:99:58:1c:b0:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  2 02:19:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e701c4760a71bebb8bba504034164d3c4c8238d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:39:74:b1:ed:2c:de:fd:28:9d:85:e8:7a:22:
                    fe:72:44:9f:67:a5:74:45:08:7b:72:3f:ac:32:2b:
                    63:56:f7:ad:f2:2d:d6:a0:a0:4e:16:55:77:0e:00:
                    34:85:92:a9:aa:e3:61:43:a0:a5:1e:94:4d:48:f0:
                    67:c9:3a:fd:f9:fa:7b:11:e7:96:46:11:a0:48:b5:
                    b0:05:b5:b8:8a:92:dc:f2:75:b6:4e:89:d5:34:8f:
                    0a:fb:bb:4b:05:6a:1a:21:3d:08:eb:34:66:5c:6e:
                    e6:a8:65:c1:87:98:65:27:87:68:62:de:40:e5:a5:
                    fd:46:fc:ee:df:f6:1f:33:92:a8:ea:f2:63:16:cb:
                    fa:68:58:31:8f:ff:69:dd:0e:59:35:76:85:0c:b8:
                    8b:6b:5f:ab:9d:fb:29:ca:c7:c8:6d:5a:f0:e4:db:
                    8a:d9:c0:9a:5d:69:31:bd:99:67:dd:ea:71:46:4e:
                    53:47:99:75:af:b2:de:e8:56:c5:63:4f:0d:a7:7c:
                    e7:e5:c8:00:18:a3:ed:80:ac:f4:c4:b0:4c:4e:7b:
                    0f:68:f9:92:6d:df:4d:6b:da:07:1a:b3:1c:f0:ff:
                    24:f0:2d:12:0d:0e:4b:a3:71:38:28:2b:c1:91:fb:
                    ac:f3:a5:e2:8b:33:d8:ab:93:54:0e:34:8c:fe:21:
                    b4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:01:C4:76:0A:71:BE:BB:8B:BA:50:40:34:16:4D:3C:4C:82:38:D9
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wHEdgpxvruLulBANBZNPEyCONk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:c3:8f:2c:ff:eb:29:70:81:4a:cc:3a:ac:8a:0f:6f:00:49:
         a8:28:88:f3:13:63:9f:4d:cc:b5:16:bc:03:72:1a:f9:db:8c:
         1d:9b:83:cd:d5:b6:3a:d4:02:7d:c5:07:27:0e:f2:22:ab:9e:
         a2:59:cc:2d:d4:dc:10:6f:fc:a2:7c:2d:05:d9:ab:86:45:68:
         19:25:38:b2:4f:7e:c3:c3:f9:98:dc:df:43:e3:52:f9:b2:15:
         20:e6:5e:e3:93:83:c5:65:ae:a3:4e:df:64:78:55:16:f9:04:
         2b:c3:6e:7d:61:b4:43:34:e5:69:35:6e:ba:64:3c:01:b8:72:
         94:86:71:ea:9f:2c:df:eb:59:13:16:00:5a:62:d9:13:cc:8d:
         0f:54:bf:53:e3:7b:37:d8:72:0e:0f:38:ac:43:65:77:c4:8c:
         70:5e:8e:ba:73:5f:2d:4a:d1:af:c3:6c:f1:67:18:68:fc:36:
         d3:8f:03:39:43:d0:f2:37:b1:23:d2:a5:8d:6e:73:59:60:aa:
         0f:34:62:26:e6:c0:1a:ee:b7:d9:8a:d7:b2:50:33:41:f0:24:
         03:31:cb:a8:bb:20:7a:fe:d8:1b:ee:d0:97:9b:4f:84:9c:47:
         bf:2e:d3:07:b4:25:69:ca:b3:78:63:a9:90:39:7f:05:a6:32:
         7f:c3:30:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gKR78uchhkWWS5lYHLD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwMTAyMDIxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAxYzQ3NjBhNzFiZWJiOGJiYTUwNDAzNDE2NGQzYzRjODIzOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojl0se0s3v0onYXoeiL+ckSfZ6V0
RQh7cj+sMitjVvet8i3WoKBOFlV3DgA0hZKpquNhQ6ClHpRNSPBnyTr9+fp7EeeW
RhGgSLWwBbW4ipLc8nW2TonVNI8K+7tLBWoaIT0I6zRmXG7mqGXBh5hlJ4doYt5A
5aX9Rvzu3/YfM5Ko6vJjFsv6aFgxj/9p3Q5ZNXaFDLiLa1+rnfspysfIbVrw5NuK
2cCaXWkxvZln3epxRk5TR5l1r7Le6FbFY08Np3zn5cgAGKPtgKz0xLBMTnsPaPmS
bd9Na9oHGrMc8P8k8C0SDQ5Lo3E4KCvBkfus86XiizPYq5NUDjSM/iG0+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcBxHYKcb67i7pQQDQWTTxMgjjZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXdIRWRncHh2cnVMdWxCQU5CWk5QRXlDT05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAhMA0G
CSqGSIb3DQEBCwUAA4IBAQBZw48s/+spcIFKzDqsig9vAEmoKIjzE2OfTcy1FrwD
chr524wdm4PN1bY61AJ9xQcnDvIiq56iWcwt1NwQb/yifC0F2auGRWgZJTiyT37D
w/mY3N9D41L5shUg5l7jk4PFZa6jTt9keFUW+QQrw259YbRDNOVpNW66ZDwBuHKU
hnHqnyzf61kTFgBaYtkTzI0PVL9T43s32HIODzisQ2V3xIxwXo66c18tStGvw2zx
Zxho/DbTjwM5Q9DyN7Ej0qWNbnNZYKoPNGIm5sAa7rfZiteyUDNB8CQDMcuouyB6
/tgb7tCXm0+EnEe/LtMHtCVpyrN4Y6mQOX8FpjJ/wzCX
-----END CERTIFICATE-----