This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/0WuWrczZKDyJ7R3F-ygi1tUDprU.roa
File:                     0WuWrczZKDyJ7R3F-ygi1tUDprU.roa (raw, json)
Hash identifier:          I9T3o7zp+QPhUZLHuzT1L2fbLCkg093j0anbvRpSNXk=
Subject key identifier:   D1:6B:96:AD:CC:D9:28:3C:89:ED:1D:C5:FB:28:22:D6:D5:03:A6:B5
Certificate issuer:       /CN=4a2e7fe7af2ba5a3046e17644fabe8f038b4e7df
Certificate serial:       019B77C7476C6A43CD8DB325814A07A60D34
Authority key identifier: 4A:2E:7F:E7:AF:2B:A5:A3:04:6E:17:64:4F:AB:E8:F0:38:B4:E7:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Si5_568rpaMEbhdkT6vo8Di0598.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/0WuWrczZKDyJ7R3F-ygi1tUDprU.roa
Signing time:             Thu 01 Jan 2026 04:18:27 +0000
ROA not before:           Thu 01 Jan 2026 04:18:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8220
IP address blocks:        193.16.241.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/Si5_568rpaMEbhdkT6vo8Di0598.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/Si5_568rpaMEbhdkT6vo8Di0598.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Si5_568rpaMEbhdkT6vo8Di0598.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 09:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:47:6c:6a:43:cd:8d:b3:25:81:4a:07:a6:0d:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a2e7fe7af2ba5a3046e17644fabe8f038b4e7df
        Validity
            Not Before: Jan  1 04:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d16b96adccd9283c89ed1dc5fb2822d6d503a6b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:16:58:34:7a:97:61:ff:dc:03:06:3e:02:92:
                    ba:19:6c:04:14:ca:ea:70:99:9b:44:1c:54:79:9e:
                    e3:b4:ae:07:60:86:ad:48:2d:c7:ed:13:7a:f9:a3:
                    32:f1:c5:d9:4c:41:76:9b:51:db:ad:ca:56:e1:d6:
                    27:87:eb:84:06:c9:40:4b:c2:48:a8:10:c2:c6:8d:
                    f8:32:82:1c:40:60:77:e0:b2:17:b1:4a:b6:cf:22:
                    0c:0d:e1:62:a6:7f:5a:f1:cb:f2:5c:c5:85:35:5e:
                    6c:cd:39:b8:5d:14:2d:64:98:a5:23:b8:26:0e:16:
                    34:6e:9d:45:e0:6d:1a:94:41:2e:af:0f:e5:5e:9e:
                    5a:0e:4b:fe:55:c2:e5:e2:1d:4d:42:e4:dc:0e:a0:
                    3b:2f:d4:8d:1a:a6:d7:3e:8d:74:57:86:63:b1:bd:
                    3a:10:b8:29:b5:48:40:35:f3:12:fc:3b:7b:43:9b:
                    7a:98:b9:39:4b:7d:dd:9a:31:9e:8a:a9:e4:ab:f5:
                    32:f5:7c:eb:47:b0:b7:38:4a:09:60:bf:6b:f3:13:
                    5c:33:a3:b6:12:10:d8:70:ab:06:24:d6:42:81:af:
                    c8:c4:11:36:2b:a0:fd:95:fa:79:22:41:8b:35:e2:
                    b7:01:c4:bc:e7:9a:bd:94:f5:3e:69:f9:3e:06:62:
                    8c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:6B:96:AD:CC:D9:28:3C:89:ED:1D:C5:FB:28:22:D6:D5:03:A6:B5
            X509v3 Authority Key Identifier:
                keyid:4A:2E:7F:E7:AF:2B:A5:A3:04:6E:17:64:4F:AB:E8:F0:38:B4:E7:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Si5_568rpaMEbhdkT6vo8Di0598.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/0WuWrczZKDyJ7R3F-ygi1tUDprU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/Si5_568rpaMEbhdkT6vo8Di0598.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:de:ec:42:d2:ce:f5:69:85:36:1a:0c:74:29:b4:75:54:03:
         8f:37:08:8d:18:f9:52:e4:61:af:1b:cb:b0:d3:c8:7f:44:50:
         54:e5:b3:19:dd:4b:d4:ea:16:cf:b1:c6:41:06:40:c2:89:cc:
         8e:42:6d:fb:18:6f:d9:eb:01:08:81:19:6c:ea:f5:fc:bd:fd:
         4c:1e:31:8f:f4:f2:ba:a2:68:9b:8f:ab:54:ff:1f:33:66:54:
         16:95:73:3b:04:af:13:4b:6a:8b:94:44:84:85:78:07:eb:42:
         c5:96:59:6f:3c:ea:1c:eb:b4:69:e8:df:de:2b:61:b6:5f:bc:
         84:70:1f:89:93:aa:81:6b:d0:6e:fb:91:83:80:21:c1:62:aa:
         64:00:59:2a:b1:99:1c:90:3d:c0:3d:84:f6:b4:75:39:1d:59:
         a7:50:f2:37:c4:43:94:9a:2c:12:32:2e:65:46:60:8c:8c:80:
         16:63:86:9d:3c:23:cd:95:2f:ef:f7:51:70:da:6f:48:7b:84:
         19:28:72:43:ef:9f:9e:9b:60:97:e0:03:cc:d5:e6:b8:c6:eb:
         29:e1:f6:53:c5:36:59:45:ac:2d:b5:e8:d1:5c:4f:e1:3c:f0:
         68:75:7c:92:70:f5:bb:c7:2f:e5:b4:5a:2c:e4:e2:a0:68:c2:
         cb:26:e0:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x0dsakPNjbMlgUoHpg00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMmU3ZmU3YWYyYmE1YTMwNDZlMTc2NDRmYWJlOGYwMzhi
NGU3ZGYwHhcNMjYwMTAxMDQxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZiOTZhZGNjZDkyODNjODllZDFkYzVmYjI4MjJkNmQ1MDNhNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxZYNHqXYf/cAwY+ApK6GWwEFMrq
cJmbRBxUeZ7jtK4HYIatSC3H7RN6+aMy8cXZTEF2m1HbrcpW4dYnh+uEBslAS8JI
qBDCxo34MoIcQGB34LIXsUq2zyIMDeFipn9a8cvyXMWFNV5szTm4XRQtZJilI7gm
DhY0bp1F4G0alEEurw/lXp5aDkv+VcLl4h1NQuTcDqA7L9SNGqbXPo10V4Zjsb06
ELgptUhANfMS/Dt7Q5t6mLk5S33dmjGeiqnkq/Uy9XzrR7C3OEoJYL9r8xNcM6O2
EhDYcKsGJNZCga/IxBE2K6D9lfp5IkGLNeK3AcS855q9lPU+afk+BmKMrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFrlq3M2Sg8ie0dxfsoItbVA6a1MB8GA1UdIwQY
MBaAFEouf+evK6WjBG4XZE+r6PA4tOffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2k1XzU2OHJwYU1FYmhka1Q2dm84RGkwNTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kOWVlYjgtNzkxNC00MDQ3LWI1NzMt
ZTY3MGEyZDQ3Yjg2LzEvMFd1V3JjelpLRHlKN1IzRi15Z2kxdFVEcHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kOWVlYjgtNzkxNC00MDQ3LWI1NzMtZTY3MGEyZDQ3Yjg2
LzEvU2k1XzU2OHJwYU1FYmhka1Q2dm84RGkwNTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDxMA0G
CSqGSIb3DQEBCwUAA4IBAQCr3uxC0s71aYU2Ggx0KbR1VAOPNwiNGPlS5GGvG8uw
08h/RFBU5bMZ3UvU6hbPscZBBkDCicyOQm37GG/Z6wEIgRls6vX8vf1MHjGP9PK6
omibj6tU/x8zZlQWlXM7BK8TS2qLlESEhXgH60LFlllvPOoc67Rp6N/eK2G2X7yE
cB+Jk6qBa9Bu+5GDgCHBYqpkAFkqsZkckD3APYT2tHU5HVmnUPI3xEOUmiwSMi5l
RmCMjIAWY4adPCPNlS/v91Fw2m9Ie4QZKHJD75+em2CX4APM1ea4xusp4fZTxTZZ
RawttejRXE/hPPBodXyScPW7xy/ltFos5OKgaMLLJuC0
-----END CERTIFICATE-----