This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/BwUOAUosbkGUtEyamqHZVYXCbwY.roa
File:                     BwUOAUosbkGUtEyamqHZVYXCbwY.roa (raw, json)
Hash identifier:          V018IqY7teR5n9bP9qOMX/vX2HfQD+CNCFUEpOx18cs=
Subject key identifier:   07:05:0E:01:4A:2C:6E:41:94:B4:4C:9A:9A:A1:D9:55:85:C2:6F:06
Certificate issuer:       /CN=95b980b81039581e0d2c37a51216cd79729b0c71
Certificate serial:       019B7DCAB030748BB5F2E96FFE57C3FBDBD0
Authority key identifier: 95:B9:80:B8:10:39:58:1E:0D:2C:37:A5:12:16:CD:79:72:9B:0C:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbmAuBA5WB4NLDelEhbNeXKbDHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/BwUOAUosbkGUtEyamqHZVYXCbwY.roa
Signing time:             Fri 02 Jan 2026 08:19:54 +0000
ROA not before:           Fri 02 Jan 2026 08:19:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204919
IP address blocks:        80.91.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/lbmAuBA5WB4NLDelEhbNeXKbDHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/lbmAuBA5WB4NLDelEhbNeXKbDHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lbmAuBA5WB4NLDelEhbNeXKbDHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:b0:30:74:8b:b5:f2:e9:6f:fe:57:c3:fb:db:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95b980b81039581e0d2c37a51216cd79729b0c71
        Validity
            Not Before: Jan  2 08:19:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=07050e014a2c6e4194b44c9a9aa1d95585c26f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6e:2b:5f:e1:d3:87:3a:9a:a6:ab:c1:b8:2c:
                    ca:36:a5:73:2e:43:25:e8:0f:c7:0e:42:37:7a:31:
                    f9:9e:fa:02:cb:19:68:af:68:91:0c:fc:e0:6e:b7:
                    8b:7d:4d:8f:aa:81:ba:41:98:c0:5c:c4:9d:91:8b:
                    ec:2d:31:73:ab:0a:59:b9:cb:2a:8b:de:ce:f0:ee:
                    0b:b2:2a:a9:5b:80:46:f9:d5:81:c7:1b:bb:c5:8c:
                    7b:50:23:ae:a6:1f:a5:09:4b:01:70:f9:14:65:f5:
                    19:7e:9b:b0:64:32:17:f5:d4:2c:e5:20:e0:9e:cd:
                    0e:26:00:a5:7b:3e:aa:5e:10:11:eb:6b:55:30:e9:
                    f8:48:44:66:f9:34:6a:95:bd:1d:57:16:89:56:56:
                    fd:25:5a:14:bb:28:a3:b0:90:7c:e5:28:24:da:4a:
                    52:3b:fa:a5:41:96:0e:fc:ef:8c:56:b8:d5:16:6a:
                    5f:11:65:47:29:02:e5:60:a1:73:ec:61:37:12:6f:
                    39:0a:01:df:30:6d:26:e6:d9:04:67:d6:16:43:c6:
                    37:19:cf:5d:a3:cc:a9:f1:9d:09:37:5c:ca:e5:72:
                    da:e3:a8:9a:47:e8:9e:5e:71:c4:a0:de:b7:6e:00:
                    f4:8b:26:a7:3b:77:eb:98:08:6e:da:45:42:a6:20:
                    28:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:05:0E:01:4A:2C:6E:41:94:B4:4C:9A:9A:A1:D9:55:85:C2:6F:06
            X509v3 Authority Key Identifier:
                keyid:95:B9:80:B8:10:39:58:1E:0D:2C:37:A5:12:16:CD:79:72:9B:0C:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbmAuBA5WB4NLDelEhbNeXKbDHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/BwUOAUosbkGUtEyamqHZVYXCbwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/634172-bb37-4d82-88a2-942d2c6c5856/1/lbmAuBA5WB4NLDelEhbNeXKbDHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:4e:09:d8:7e:be:5c:fa:c1:53:50:cf:74:92:9c:7b:59:87:
         e7:5a:5d:53:fc:44:70:e4:bf:59:bc:65:e6:a4:4e:41:d5:c3:
         0f:e9:f3:73:ac:76:7a:99:3f:2e:33:0d:73:23:ac:ea:11:6a:
         80:0b:b6:53:5f:74:42:bc:10:73:d9:34:cc:5d:58:2b:2f:95:
         41:d7:24:b8:52:de:20:fe:1d:84:39:f2:f9:fc:81:84:f1:db:
         27:0e:12:7b:a3:76:65:7c:3d:22:7c:1f:58:e5:a0:e8:59:91:
         3e:14:c7:74:c9:fb:8c:10:03:5f:32:48:13:45:c9:4e:21:eb:
         17:79:a7:42:f9:94:af:c3:c1:c1:08:fa:27:a2:db:6a:1b:4c:
         dc:33:a9:f0:54:37:31:08:12:31:d5:1b:d8:1a:80:64:c7:ad:
         28:23:3e:8c:0e:8e:22:d9:ae:51:49:c4:b3:6a:0f:4f:21:2c:
         42:27:c6:57:53:b1:2d:82:f8:8b:a8:2e:39:5f:10:00:c3:74:
         36:2e:13:6a:23:02:ee:d7:24:27:9e:82:fa:83:96:0f:e6:58:
         d8:4e:f2:32:8f:03:1b:c0:a0:27:0f:dd:9d:9a:a9:e3:b4:d7:
         ec:29:87:8f:e0:db:05:0b:80:f9:16:b7:0a:9e:37:51:0c:2a:
         f3:73:2a:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9yrAwdIu18ulv/lfD+9vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Yjk4MGI4MTAzOTU4MWUwZDJjMzdhNTEyMTZjZDc5NzI5
YjBjNzEwHhcNMjYwMTAyMDgxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzA1MGUwMTRhMmM2ZTQxOTRiNDRjOWE5YWExZDk1NTg1YzI2ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp24rX+HThzqapqvBuCzKNqVzLkMl
6A/HDkI3ejH5nvoCyxlor2iRDPzgbreLfU2PqoG6QZjAXMSdkYvsLTFzqwpZucsq
i97O8O4LsiqpW4BG+dWBxxu7xYx7UCOuph+lCUsBcPkUZfUZfpuwZDIX9dQs5SDg
ns0OJgClez6qXhAR62tVMOn4SERm+TRqlb0dVxaJVlb9JVoUuyijsJB85Sgk2kpS
O/qlQZYO/O+MVrjVFmpfEWVHKQLlYKFz7GE3Em85CgHfMG0m5tkEZ9YWQ8Y3Gc9d
o8yp8Z0JN1zK5XLa46iaR+ieXnHEoN63bgD0iyanO3frmAhu2kVCpiAoeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcFDgFKLG5BlLRMmpqh2VWFwm8GMB8GA1UdIwQY
MBaAFJW5gLgQOVgeDSw3pRIWzXlymwxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJtQXVCQTVXQjROTERlbEVoYk5lWEtiREhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC82MzQxNzItYmIzNy00ZDgyLTg4YTIt
OTQyZDJjNmM1ODU2LzEvQndVT0FVb3Nia0dVdEV5YW1xSFpWWVhDYndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC82MzQxNzItYmIzNy00ZDgyLTg4YTItOTQyZDJjNmM1ODU2
LzEvbGJtQXVCQTVXQjROTERlbEVoYk5lWEtiREhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvNMA0G
CSqGSIb3DQEBCwUAA4IBAQBuTgnYfr5c+sFTUM90kpx7WYfnWl1T/ERw5L9ZvGXm
pE5B1cMP6fNzrHZ6mT8uMw1zI6zqEWqAC7ZTX3RCvBBz2TTMXVgrL5VB1yS4Ut4g
/h2EOfL5/IGE8dsnDhJ7o3ZlfD0ifB9Y5aDoWZE+FMd0yfuMEANfMkgTRclOIesX
eadC+ZSvw8HBCPonottqG0zcM6nwVDcxCBIx1RvYGoBkx60oIz6MDo4i2a5RScSz
ag9PISxCJ8ZXU7EtgviLqC45XxAAw3Q2LhNqIwLu1yQnnoL6g5YP5ljYTvIyjwMb
wKAnD92dmqnjtNfsKYeP4NsFC4D5FrcKnjdRDCrzcyph
-----END CERTIFICATE-----