This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5ThevNNgZHzDF50h6krEfv1b2To.roa
File:                     5ThevNNgZHzDF50h6krEfv1b2To.roa (raw, json)
Hash identifier:          CbU07lcvi4HJ1brlMc0otrEIMctgZ4JB+I2bCfPEqZk=
Subject key identifier:   E5:38:5E:BC:D3:60:64:7C:C3:17:9D:21:EA:4A:C4:7E:FD:5B:D9:3A
Certificate issuer:       /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial:       019B7A5B2F7AEC63C9100823486E98E1FB50
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5ThevNNgZHzDF50h6krEfv1b2To.roa
Signing time:             Thu 01 Jan 2026 16:19:14 +0000
ROA not before:           Thu 01 Jan 2026 16:19:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     7470
IP address blocks:        163.171.68.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 14:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:2f:7a:ec:63:c9:10:08:23:48:6e:98:e1:fb:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
        Validity
            Not Before: Jan  1 16:19:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e5385ebcd360647cc3179d21ea4ac47efd5bd93a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:5c:5b:4e:fd:01:5a:c0:4f:81:6e:33:52:81:
                    2a:51:09:27:03:ac:a9:f7:21:8e:3d:6b:85:d6:a6:
                    4f:d4:09:5b:03:72:cb:8e:97:3c:82:fa:f6:95:cc:
                    39:3d:a8:af:a4:ae:2b:d8:30:85:f8:ce:d3:12:c5:
                    8c:57:23:87:0d:d1:52:68:2d:46:34:51:e4:cc:3f:
                    13:47:c0:31:0a:db:5b:51:31:cc:6b:da:2a:0e:5e:
                    96:bb:36:ed:7c:ac:e2:50:39:c4:36:c9:bd:e3:a5:
                    27:c8:1e:59:b7:37:f5:1a:c2:17:61:4e:18:a9:92:
                    32:07:c3:6d:af:ad:98:a3:f9:a4:c5:24:c7:4e:81:
                    f7:91:87:b1:22:71:c8:0f:f9:6b:05:04:63:b4:62:
                    6e:a5:b9:0f:53:cf:83:e2:b9:9d:d9:a6:46:2f:96:
                    7b:70:5d:86:a6:d6:4d:48:3d:c6:85:98:a4:a9:a7:
                    54:4b:61:44:58:25:31:1c:6b:54:8c:d5:c2:45:62:
                    1f:14:43:1f:ad:9f:d2:c8:24:b1:9f:b3:24:54:c0:
                    97:2f:2e:5b:a1:b5:47:55:03:18:25:ee:d6:c7:5f:
                    1b:87:18:84:b5:9d:19:6f:4c:1e:fe:06:d5:c7:b7:
                    aa:f8:40:fa:12:c1:c6:5f:e0:ab:4c:d8:29:41:ed:
                    88:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:38:5E:BC:D3:60:64:7C:C3:17:9D:21:EA:4A:C4:7E:FD:5B:D9:3A
            X509v3 Authority Key Identifier:
                keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/5ThevNNgZHzDF50h6krEfv1b2To.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.171.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:4b:31:ed:24:0a:5d:f0:7d:e3:0d:d5:34:1b:62:be:8d:a3:
         6b:e3:b5:e4:ba:b4:eb:c1:88:1f:e0:e8:67:b0:fa:aa:11:ad:
         5d:3f:ca:82:34:79:3a:c6:75:8e:06:95:2f:24:3d:fa:ba:d7:
         77:71:b5:e0:88:ff:4c:e5:6f:84:b7:6e:f1:be:b7:ef:88:b7:
         10:76:28:ea:1f:4f:c5:2f:83:a9:f7:82:6e:36:a2:c9:4c:2e:
         0c:fc:7b:b8:a6:08:b7:85:3c:27:a5:db:4a:3c:24:cf:5f:b8:
         d6:04:a1:c8:ae:1c:a3:68:c2:6c:78:78:6a:13:72:a2:d5:32:
         12:05:46:d4:11:c7:58:36:1e:97:c3:78:0f:a1:9e:da:08:40:
         23:6f:62:3c:c5:01:4a:a0:7c:cf:54:6f:39:27:c5:96:8b:aa:
         36:a5:77:ac:e7:eb:3f:49:d7:e3:4e:76:f4:ed:2c:2c:d6:d4:
         d7:f9:3e:5c:18:74:be:79:23:c6:e7:3d:06:45:da:4a:0b:0f:
         a5:2e:c5:45:db:e0:e5:f7:b5:6f:48:34:bd:78:53:43:44:f5:
         f4:e3:4c:e3:57:2f:68:0c:89:1e:a0:89:77:72:a5:cc:e2:84:
         44:fb:d1:08:7a:72:60:7b:9e:d6:30:05:b9:1d:b8:ff:04:15:
         23:8e:8d:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6Wy967GPJEAgjSG6Y4ftQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjYwMTAxMTYxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTM4NWViY2QzNjA2NDdjYzMxNzlkMjFlYTRhYzQ3ZWZkNWJkOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FxbTv0BWsBPgW4zUoEqUQknA6yp
9yGOPWuF1qZP1AlbA3LLjpc8gvr2lcw5PaivpK4r2DCF+M7TEsWMVyOHDdFSaC1G
NFHkzD8TR8AxCttbUTHMa9oqDl6WuzbtfKziUDnENsm946UnyB5Ztzf1GsIXYU4Y
qZIyB8Ntr62Yo/mkxSTHToH3kYexInHID/lrBQRjtGJupbkPU8+D4rmd2aZGL5Z7
cF2GptZNSD3GhZikqadUS2FEWCUxHGtUjNXCRWIfFEMfrZ/SyCSxn7MkVMCXLy5b
obVHVQMYJe7Wx18bhxiEtZ0Zb0we/gbVx7eq+ED6EsHGX+CrTNgpQe2InwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOU4XrzTYGR8wxedIepKxH79W9k6MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvNVRoZXZOTmdaSHpERjUwaDZrckVmdjFiMlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo6tEMA0G
CSqGSIb3DQEBCwUAA4IBAQCoSzHtJApd8H3jDdU0G2K+jaNr47XkurTrwYgf4Ohn
sPqqEa1dP8qCNHk6xnWOBpUvJD36utd3cbXgiP9M5W+Et27xvrfviLcQdijqH0/F
L4Op94JuNqLJTC4M/Hu4pgi3hTwnpdtKPCTPX7jWBKHIrhyjaMJseHhqE3Ki1TIS
BUbUEcdYNh6Xw3gPoZ7aCEAjb2I8xQFKoHzPVG85J8WWi6o2pXes5+s/SdfjTnb0
7Sws1tTX+T5cGHS+eSPG5z0GRdpKCw+lLsVF2+Dl97VvSDS9eFNDRPX040zjVy9o
DIkeoIl3cqXM4oRE+9EIenJge57WMAW5Hbj/BBUjjo1G
-----END CERTIFICATE-----