This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TlswaEkjGyIFhX9xWdZ6EbegUsU.roa
File:                     TlswaEkjGyIFhX9xWdZ6EbegUsU.roa (raw, json)
Hash identifier:          pzxA5lbFhF5KkSZqcy0U7Lfc21E5mQXr6TmkOaIuhGg=
Subject key identifier:   4E:5B:30:68:49:23:1B:22:05:85:7F:71:59:D6:7A:11:B7:A0:52:C5
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       019B7CEDDB8031B8F1FEDC93D735AEEC51D9
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TlswaEkjGyIFhX9xWdZ6EbegUsU.roa
Signing time:             Fri 02 Jan 2026 04:18:41 +0000
ROA not before:           Fri 02 Jan 2026 04:18:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     10111
IP address blocks:        62.72.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:db:80:31:b8:f1:fe:dc:93:d7:35:ae:ec:51:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jan  2 04:18:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4e5b306849231b2205857f7159d67a11b7a052c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:45:69:22:7d:89:d3:85:9e:a3:32:28:f2:4e:
                    57:8b:df:0c:01:07:1d:f8:67:a5:76:97:46:05:a3:
                    0b:8d:8c:2d:33:90:1e:39:21:3a:a5:18:14:76:91:
                    bd:5d:80:6a:27:11:d3:e9:b8:cb:5d:0f:98:46:d4:
                    04:b5:9c:1a:05:6c:0e:00:bf:27:56:48:58:ad:bc:
                    6e:bf:fd:59:5f:1c:74:21:f8:e9:4a:14:17:64:aa:
                    b3:66:8c:e4:e8:a4:73:d6:5f:b3:b8:7b:a9:17:0e:
                    d8:e0:14:08:7e:c8:f6:f1:f1:c2:73:e3:87:18:1e:
                    b0:dd:49:60:6b:03:c5:69:9c:f4:24:ea:d6:32:88:
                    5e:f8:a9:f4:46:b9:23:b4:ff:13:91:79:be:a6:cc:
                    3d:00:61:7d:38:7c:be:01:40:85:fb:08:95:76:c9:
                    63:f7:d1:51:8a:f4:97:a5:db:41:fd:b3:b7:e4:31:
                    f4:d8:a7:e6:b8:27:0a:26:ed:94:c5:79:34:31:ac:
                    9d:cb:61:35:01:56:98:e8:7b:fc:4c:1d:9b:cc:b6:
                    9e:6d:c0:a4:dc:3c:53:74:04:4d:13:ca:31:b1:04:
                    36:e8:e4:cf:dc:b7:19:30:df:e1:e4:46:68:b1:3c:
                    33:9f:1d:f6:bd:f8:ba:e8:f3:9c:4f:21:2c:56:7f:
                    cd:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:5B:30:68:49:23:1B:22:05:85:7F:71:59:D6:7A:11:B7:A0:52:C5
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TlswaEkjGyIFhX9xWdZ6EbegUsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:b8:22:ad:7d:96:8b:d8:c2:a4:f5:2e:dc:b3:fe:a1:42:80:
         81:8b:4e:b3:9f:df:6b:cb:0c:ea:66:fe:c3:38:41:c4:a7:65:
         90:11:5f:e0:4c:a6:5a:a2:cf:e0:ec:bc:9a:d3:a4:e0:22:53:
         4c:a6:6a:e1:6c:09:dc:2a:37:89:2f:a6:d5:8f:52:b5:0d:99:
         ac:86:d5:aa:6f:22:23:78:55:b1:c5:ca:1b:ed:10:cb:6b:49:
         69:fd:66:a3:5c:91:16:81:25:50:47:e1:32:a4:9a:15:67:2e:
         6d:6b:5e:33:34:45:c8:84:a1:7e:8a:b0:50:ff:c3:00:7f:ea:
         66:a7:88:af:ea:ff:03:3f:1b:84:cf:07:06:dc:e8:7e:95:bb:
         be:65:a7:a6:e2:c8:99:93:eb:04:b3:ec:88:6d:0a:76:33:c9:
         54:ba:ce:ec:be:4f:eb:67:3a:f7:c7:1e:48:05:b4:76:00:96:
         29:26:f2:ad:19:e4:88:16:1b:91:a9:00:5f:76:25:54:d3:e4:
         d0:6a:65:9c:ee:0a:0d:0a:a3:ed:4c:0b:18:06:11:0c:87:5b:
         a5:2c:18:8e:eb:a4:44:2b:b3:34:7e:e4:99:6b:75:7c:a4:ee:
         4d:6c:3b:c0:f6:68:33:6b:67:87:36:3b:f0:2c:b8:dd:a2:46:
         f9:7e:14:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87duAMbjx/tyT1zWu7FHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMTAyMDQxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTViMzA2ODQ5MjMxYjIyMDU4NTdmNzE1OWQ2N2ExMWI3YTA1MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0VpIn2J04WeozIo8k5Xi98MAQcd
+GeldpdGBaMLjYwtM5AeOSE6pRgUdpG9XYBqJxHT6bjLXQ+YRtQEtZwaBWwOAL8n
VkhYrbxuv/1ZXxx0IfjpShQXZKqzZozk6KRz1l+zuHupFw7Y4BQIfsj28fHCc+OH
GB6w3UlgawPFaZz0JOrWMohe+Kn0RrkjtP8TkXm+psw9AGF9OHy+AUCF+wiVdslj
99FRivSXpdtB/bO35DH02KfmuCcKJu2UxXk0Maydy2E1AVaY6Hv8TB2bzLaebcCk
3DxTdARNE8oxsQQ26OTP3LcZMN/h5EZosTwznx32vfi66POcTyEsVn/NXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5bMGhJIxsiBYV/cVnWehG3oFLFMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVGxzd2FFa2pHeUlGaFg5eFdkWjZFYmVnVXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPki1MA0G
CSqGSIb3DQEBCwUAA4IBAQB1uCKtfZaL2MKk9S7cs/6hQoCBi06zn99rywzqZv7D
OEHEp2WQEV/gTKZaos/g7Lya06TgIlNMpmrhbAncKjeJL6bVj1K1DZmshtWqbyIj
eFWxxcob7RDLa0lp/WajXJEWgSVQR+EypJoVZy5ta14zNEXIhKF+irBQ/8MAf+pm
p4iv6v8DPxuEzwcG3Oh+lbu+Zaem4siZk+sEs+yIbQp2M8lUus7svk/rZzr3xx5I
BbR2AJYpJvKtGeSIFhuRqQBfdiVU0+TQamWc7goNCqPtTAsYBhEMh1ulLBiO66RE
K7M0fuSZa3V8pO5NbDvA9mgza2eHNjvwLLjdokb5fhTX
-----END CERTIFICATE-----