This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/W1JejAnLJZCdFZR35d-qTnpAXnw.roa
File:                     W1JejAnLJZCdFZR35d-qTnpAXnw.roa (raw, json)
Hash identifier:          6nzDpkbHlb04u+xRLFRpm+X2dnEGYEvMn0zKXsZoXSY=
Subject key identifier:   5B:52:5E:8C:09:CB:25:90:9D:15:94:77:E5:DF:AA:4E:7A:40:5E:7C
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       019B77C74B448F6D74F138DDB91022776698
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/W1JejAnLJZCdFZR35d-qTnpAXnw.roa
Signing time:             Thu 01 Jan 2026 04:18:28 +0000
ROA not before:           Thu 01 Jan 2026 04:18:28 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     205312
IP address blocks:        195.208.78.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:4b:44:8f:6d:74:f1:38:dd:b9:10:22:77:66:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jan  1 04:18:28 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5b525e8c09cb25909d159477e5dfaa4e7a405e7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:62:5e:a5:fc:d5:75:6a:cd:e0:69:b4:4c:3f:
                    a8:89:98:15:4d:27:6e:bf:a4:db:89:f3:42:dc:73:
                    83:c8:eb:b1:27:fa:a1:a0:bf:b4:79:78:f6:23:6b:
                    30:97:23:b4:0a:fa:4b:75:79:a1:dd:d6:bb:02:5f:
                    cd:ee:b0:c0:bb:a2:15:4e:12:cb:50:ee:90:ec:3a:
                    9a:c0:99:10:8f:f6:ef:c2:56:2a:8e:0a:bd:e0:cf:
                    dd:e9:72:99:9e:8f:65:9a:66:b5:d6:a4:28:a5:0d:
                    81:7f:f7:77:a7:44:ad:20:c7:12:28:11:0f:a5:e8:
                    89:4d:c8:a3:56:2e:1b:37:eb:59:f9:1a:bb:b1:06:
                    20:3a:4c:ec:0e:64:f8:82:47:65:e9:c8:7f:1c:2f:
                    f9:66:30:a5:57:77:ae:46:78:42:7d:70:24:bf:be:
                    60:f3:fe:41:25:31:cb:42:87:a7:4a:35:33:05:27:
                    cf:93:2a:fe:a9:2e:85:33:8c:9a:cc:17:a3:0c:c8:
                    0e:63:53:ee:99:13:ae:9d:fc:77:17:38:85:33:b2:
                    e4:c1:e6:3b:77:54:88:80:fa:fd:f7:7f:b3:3d:31:
                    4d:6f:2e:33:c2:bd:41:32:8a:0a:22:7b:64:c6:00:
                    7d:15:70:57:5f:31:8b:11:1a:66:92:30:61:a4:79:
                    9b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:52:5E:8C:09:CB:25:90:9D:15:94:77:E5:DF:AA:4E:7A:40:5E:7C
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/W1JejAnLJZCdFZR35d-qTnpAXnw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.208.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:b2:40:de:68:57:da:6a:61:74:05:16:6f:cd:99:d7:a8:9b:
         b2:c9:ef:4f:40:b7:49:e7:43:78:cb:1c:f9:1c:a0:19:ae:71:
         86:53:08:ac:c1:83:1d:01:2d:59:7a:ef:af:44:90:34:6b:e5:
         63:10:42:ca:6d:87:70:ab:cc:08:46:9c:9e:cc:d8:4d:14:73:
         30:f7:91:83:14:f3:96:7a:96:ee:4d:92:19:0e:7a:a4:86:20:
         38:e7:b6:57:37:b7:d8:95:c7:72:c9:53:c9:a3:a1:0e:75:6d:
         0c:ea:73:0f:96:07:c2:e5:ae:32:8c:ed:6e:95:81:d1:29:8b:
         ee:71:c9:c0:fb:83:65:09:1f:9a:00:da:51:51:63:45:f2:3f:
         ee:d1:67:78:e1:a3:41:b5:9a:12:49:3b:ac:8c:dc:99:4b:ac:
         39:6e:2b:92:c2:e3:a1:f9:2b:ae:88:4a:0d:3c:16:7c:21:61:
         56:04:0d:5d:b8:69:fa:d3:e2:82:7e:5b:03:81:95:a9:49:38:
         3f:a6:50:91:4f:7a:29:2d:46:8a:2d:57:0c:f0:56:0b:fa:25:
         2a:a4:4d:9c:c0:5f:e0:e9:03:69:d2:fc:f0:55:4a:ea:d7:24:
         30:cb:02:3d:ed:0a:97:66:98:ef:b2:28:8c:1f:e0:ce:43:a4:
         27:f1:c1:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3x0tEj2108TjduRAid2aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjYwMTAxMDQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUyNWU4YzA5Y2IyNTkwOWQxNTk0NzdlNWRmYWE0ZTdhNDA1ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2JepfzVdWrN4Gm0TD+oiZgVTSdu
v6TbifNC3HODyOuxJ/qhoL+0eXj2I2swlyO0CvpLdXmh3da7Al/N7rDAu6IVThLL
UO6Q7DqawJkQj/bvwlYqjgq94M/d6XKZno9lmma11qQopQ2Bf/d3p0StIMcSKBEP
peiJTcijVi4bN+tZ+Rq7sQYgOkzsDmT4gkdl6ch/HC/5ZjClV3euRnhCfXAkv75g
8/5BJTHLQoenSjUzBSfPkyr+qS6FM4yazBejDMgOY1PumROunfx3FziFM7LkweY7
d1SIgPr993+zPTFNby4zwr1BMooKIntkxgB9FXBXXzGLERpmkjBhpHmb0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtSXowJyyWQnRWUd+Xfqk56QF58MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvVzFKZWpBbkxKWkNkRlpSMzVkLXFUbnBBWG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9BOMA0G
CSqGSIb3DQEBCwUAA4IBAQBwskDeaFfaamF0BRZvzZnXqJuyye9PQLdJ50N4yxz5
HKAZrnGGUwiswYMdAS1Zeu+vRJA0a+VjEELKbYdwq8wIRpyezNhNFHMw95GDFPOW
epbuTZIZDnqkhiA457ZXN7fYlcdyyVPJo6EOdW0M6nMPlgfC5a4yjO1ulYHRKYvu
ccnA+4NlCR+aANpRUWNF8j/u0Wd44aNBtZoSSTusjNyZS6w5biuSwuOh+SuuiEoN
PBZ8IWFWBA1duGn60+KCflsDgZWpSTg/plCRT3opLUaKLVcM8FYL+iUqpE2cwF/g
6QNp0vzwVUrq1yQwywI97QqXZpjvsiiMH+DOQ6Qn8cHq
-----END CERTIFICATE-----