This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/042xhE8LSLyQ27uGyk1_G--PcdE.roa
File:                     042xhE8LSLyQ27uGyk1_G--PcdE.roa (raw, json)
Hash identifier:          mYCIynBAj9T1Ad1P08+QL+CKh1MQS0MEgpptbSPZq+o=
Subject key identifier:   D3:8D:B1:84:4F:0B:48:BC:90:DB:BB:86:CA:4D:7F:1B:EF:8F:71:D1
Certificate issuer:       /CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
Certificate serial:       019B7758EC4C352C20D20335E9EA33F1BA36
Authority key identifier: 58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/042xhE8LSLyQ27uGyk1_G--PcdE.roa
Signing time:             Thu 01 Jan 2026 02:17:54 +0000
ROA not before:           Thu 01 Jan 2026 02:17:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     174
IP address blocks:        178.21.32.0/24 maxlen: 24
                          178.21.33.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 Jan 2026 00:18:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:58:ec:4c:35:2c:20:d2:03:35:e9:ea:33:f1:ba:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
        Validity
            Not Before: Jan  1 02:17:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d38db1844f0b48bc90dbbb86ca4d7f1bef8f71d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:58:68:76:69:2c:f9:bf:67:b3:43:de:93:f6:
                    a0:e8:bc:1f:d5:2f:c1:78:72:be:3d:1b:41:3b:85:
                    17:a5:bb:ff:c4:0e:e7:6d:53:14:de:da:74:72:bb:
                    50:75:6a:8e:95:a1:b2:0c:06:1b:db:df:cd:a9:12:
                    37:23:83:c7:f2:bf:cb:53:d5:20:7a:d4:29:85:14:
                    02:6e:76:34:8b:55:0b:c7:3d:bc:a5:d7:2e:a5:9b:
                    7a:a1:ae:14:f8:1b:6d:f6:05:3d:30:d9:ca:d6:8d:
                    5f:0f:91:85:6b:f7:ee:34:62:f0:15:18:0a:d9:8f:
                    f4:68:d6:1c:9a:6b:f2:30:59:8c:60:ec:2f:98:ac:
                    89:1b:19:f9:76:29:84:aa:b6:b1:9e:d4:c6:8a:59:
                    12:be:99:9f:c8:f8:39:60:c3:88:95:d5:33:dd:2d:
                    96:da:4c:c1:d9:d8:27:7f:48:99:55:93:dd:9a:07:
                    90:64:c3:aa:fb:36:f2:af:d9:9d:a6:e9:7b:44:78:
                    eb:30:a1:c8:5e:39:99:2e:6a:f2:cb:a8:87:c9:e1:
                    06:a9:bd:c8:eb:7e:e5:0c:00:df:5c:6a:a9:34:1c:
                    2a:23:de:04:45:fe:e3:8b:33:85:e1:c5:d2:a5:aa:
                    86:32:88:91:7c:ee:9f:64:65:44:57:eb:56:b1:a2:
                    af:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:8D:B1:84:4F:0B:48:BC:90:DB:BB:86:CA:4D:7F:1B:EF:8F:71:D1
            X509v3 Authority Key Identifier:
                keyid:58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/042xhE8LSLyQ27uGyk1_G--PcdE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:e0:41:e1:d8:e7:b5:3a:74:ea:55:4b:12:b2:53:7c:10:d9:
         d1:53:a2:93:91:48:11:51:5f:1f:ae:b1:4c:98:be:6e:9c:63:
         22:fc:12:86:ca:1b:51:a8:48:83:3b:22:10:16:f2:7c:03:75:
         2c:a2:d5:8c:79:67:46:08:1f:a6:0d:d4:57:92:55:d3:04:af:
         24:3a:d2:3c:ca:7a:a0:0d:49:d7:11:e6:08:51:95:7c:33:93:
         d8:31:7d:80:2a:54:5e:ed:fd:31:93:98:57:7f:ef:10:d3:de:
         d4:c6:0d:3d:0d:75:fa:62:9d:4d:c8:a6:7d:eb:b6:20:cc:b8:
         9a:d3:15:7a:f5:df:92:be:c5:a8:4d:17:82:0b:6b:d3:d9:cd:
         f5:d6:f1:10:bf:8e:c2:09:c4:d4:82:64:e5:e5:9f:0e:bd:a6:
         64:2a:96:0c:17:40:cc:f3:20:6d:2e:c6:0e:47:13:29:3b:7e:
         4e:5b:e5:fd:b3:f2:fa:eb:f5:85:b9:96:31:71:89:2b:5b:37:
         48:49:5a:e2:ca:56:50:1a:dd:b0:7c:f4:ec:7d:ab:87:ce:b4:
         b0:1d:2b:4c:77:48:be:ad:36:cf:a9:34:43:ba:80:48:80:18:
         8d:01:ef:54:b7:d5:07:93:05:76:f8:2e:c5:e4:e3:63:1a:5b:
         10:00:25:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WOxMNSwg0gM16eoz8bo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTRkYmJhYjYzZTkxMTdkMGIwMmNiYWI1NjYzOWU2ZmQw
ZDQwZDkwHhcNMjYwMTAxMDIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhkYjE4NDRmMGI0OGJjOTBkYmJiODZjYTRkN2YxYmVmOGY3MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1hodmks+b9ns0Pek/ag6Lwf1S/B
eHK+PRtBO4UXpbv/xA7nbVMU3tp0crtQdWqOlaGyDAYb29/NqRI3I4PH8r/LU9Ug
etQphRQCbnY0i1ULxz28pdcupZt6oa4U+Btt9gU9MNnK1o1fD5GFa/fuNGLwFRgK
2Y/0aNYcmmvyMFmMYOwvmKyJGxn5dimEqraxntTGilkSvpmfyPg5YMOIldUz3S2W
2kzB2dgnf0iZVZPdmgeQZMOq+zbyr9mdpul7RHjrMKHIXjmZLmryy6iHyeEGqb3I
637lDADfXGqpNBwqI94ERf7jizOF4cXSpaqGMoiRfO6fZGVEV+tWsaKviwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNONsYRPC0i8kNu7hspNfxvvj3HRMB8GA1UdIwQY
MBaAFFgU27q2PpEX0LAsurVmOeb9DUDZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYt
NjhhODA4OTcwMWY0LzEvMDQyeGhFOExTTHlRMjd1R3lrMV9HLS1QY2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYtNjhhODA4OTcwMWY0
LzEvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBshUgMA0G
CSqGSIb3DQEBCwUAA4IBAQBc4EHh2Oe1OnTqVUsSslN8ENnRU6KTkUgRUV8frrFM
mL5unGMi/BKGyhtRqEiDOyIQFvJ8A3UsotWMeWdGCB+mDdRXklXTBK8kOtI8ynqg
DUnXEeYIUZV8M5PYMX2AKlRe7f0xk5hXf+8Q097Uxg09DXX6Yp1NyKZ967YgzLia
0xV69d+SvsWoTReCC2vT2c311vEQv47CCcTUgmTl5Z8OvaZkKpYMF0DM8yBtLsYO
RxMpO35OW+X9s/L66/WFuZYxcYkrWzdISVriylZQGt2wfPTsfauHzrSwHStMd0i+
rTbPqTRDuoBIgBiNAe9Ut9UHkwV2+C7F5ONjGlsQACXa
-----END CERTIFICATE-----