This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ebzad07NZYcwcy_R1eapuxHVLc8.roa
File:                     ebzad07NZYcwcy_R1eapuxHVLc8.roa (raw, json)
Hash identifier:          npZjo0OeCdQvVEsvxdLKnv7xOn/66fNjn6RzPB16PNs=
Subject key identifier:   79:BC:DA:77:4E:CD:65:87:30:73:2F:D1:D5:E6:A9:BB:11:D5:2D:CF
Certificate issuer:       /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial:       019B7B3640E57A5957F42B1342EAD1E428F5
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ebzad07NZYcwcy_R1eapuxHVLc8.roa
Signing time:             Thu 01 Jan 2026 20:18:31 +0000
ROA not before:           Thu 01 Jan 2026 20:18:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207174
IP address blocks:        217.61.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 05:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:40:e5:7a:59:57:f4:2b:13:42:ea:d1:e4:28:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
        Validity
            Not Before: Jan  1 20:18:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=79bcda774ecd658730732fd1d5e6a9bb11d52dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:01:6a:4d:60:dd:bf:77:fd:07:81:23:96:2e:
                    2b:bc:c3:14:9d:aa:9e:94:87:f6:20:55:67:77:ed:
                    37:53:c2:87:8f:ae:a8:cf:ee:24:76:9b:60:70:b3:
                    18:ab:9e:bf:44:d8:51:74:eb:a2:6d:96:2e:6c:0e:
                    de:43:ac:d4:e3:7c:74:f2:fe:bc:a1:2d:3a:88:d4:
                    7e:78:97:20:0d:e8:4d:50:ae:c7:42:34:5a:28:ca:
                    0c:df:81:31:3f:77:c4:00:04:06:81:cf:85:36:eb:
                    81:5a:81:31:8f:20:c8:90:cb:46:96:22:5f:e6:0f:
                    8a:06:f7:dc:5b:6b:35:cc:6c:96:ba:1b:e3:30:3f:
                    c3:0d:93:ca:eb:a6:3f:42:80:15:5c:86:df:ac:7f:
                    79:cc:f7:38:eb:0c:9d:e8:d3:22:a8:af:2b:cf:09:
                    20:c2:80:63:a8:57:82:2e:7a:71:85:39:c5:c8:9b:
                    57:d7:10:b4:25:01:e8:bc:f4:bf:c9:49:01:76:fa:
                    31:4a:0a:66:b6:86:02:fb:0c:b9:23:7b:81:48:6a:
                    9a:ea:8c:06:9e:57:12:d8:b8:14:6d:af:61:ce:e2:
                    a6:2d:29:05:87:8d:da:ed:2b:bb:9c:fa:c6:11:a2:
                    21:bc:b7:ff:04:f7:11:bb:f7:6b:4c:64:3d:3c:e3:
                    ce:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:BC:DA:77:4E:CD:65:87:30:73:2F:D1:D5:E6:A9:BB:11:D5:2D:CF
            X509v3 Authority Key Identifier:
                keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ebzad07NZYcwcy_R1eapuxHVLc8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.61.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:e8:04:c7:1a:fc:c6:28:e5:db:e6:7b:a4:b3:ae:fa:d1:c7:
         ef:6f:fc:8d:c5:51:3e:dd:ea:a7:64:b2:88:07:1a:61:61:3e:
         65:95:89:be:9e:05:0e:dc:67:a3:b1:9f:1b:80:01:90:51:82:
         e5:84:cf:c5:1d:92:e2:d7:d2:a7:b0:74:e5:f1:61:82:e7:c6:
         a9:30:87:2c:0a:c8:6d:08:4f:42:79:44:09:fc:9b:28:43:f3:
         32:05:8a:f9:78:54:fd:24:6f:cc:89:88:28:8a:6a:c5:d4:8e:
         6c:23:df:f1:9e:a6:ed:c4:20:91:bd:50:46:7b:ec:56:ee:cb:
         3c:15:25:a3:9a:09:2a:dc:67:f2:75:b6:80:c0:db:a8:46:0f:
         1b:bb:85:52:3b:0d:e3:f4:a3:d8:db:07:be:48:14:a6:26:0d:
         97:a0:0d:7e:a2:da:83:f2:8b:12:c6:a6:33:ea:21:ff:60:bd:
         86:2b:5d:9c:1f:1f:e0:fb:e4:82:fa:ca:db:a1:51:6a:43:c6:
         16:5d:c6:b0:5b:5c:5f:14:00:74:a3:3a:9d:13:2e:5f:a8:c9:
         b8:10:0a:65:df:ed:e8:fd:3d:4a:e2:e7:94:18:dd:0a:38:3d:
         6b:ef:d6:c1:50:68:c0:b0:f2:44:3e:54:89:77:0c:29:d2:83:
         bc:13:5a:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NkDlellX9CsTQurR5Cj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjYwMTAxMjAxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWJjZGE3NzRlY2Q2NTg3MzA3MzJmZDFkNWU2YTliYjExZDUyZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwFqTWDdv3f9B4Ejli4rvMMUnaqe
lIf2IFVnd+03U8KHj66oz+4kdptgcLMYq56/RNhRdOuibZYubA7eQ6zU43x08v68
oS06iNR+eJcgDehNUK7HQjRaKMoM34ExP3fEAAQGgc+FNuuBWoExjyDIkMtGliJf
5g+KBvfcW2s1zGyWuhvjMD/DDZPK66Y/QoAVXIbfrH95zPc46wyd6NMiqK8rzwkg
woBjqFeCLnpxhTnFyJtX1xC0JQHovPS/yUkBdvoxSgpmtoYC+wy5I3uBSGqa6owG
nlcS2LgUba9hzuKmLSkFh43a7Su7nPrGEaIhvLf/BPcRu/drTGQ9POPOJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHm82ndOzWWHMHMv0dXmqbsR1S3PMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvZWJ6YWQwN05aWWN3Y3lfUjFlYXB1eEhWTGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2T2EMA0G
CSqGSIb3DQEBCwUAA4IBAQCM6ATHGvzGKOXb5nuks6760cfvb/yNxVE+3eqnZLKI
BxphYT5llYm+ngUO3GejsZ8bgAGQUYLlhM/FHZLi19KnsHTl8WGC58apMIcsCsht
CE9CeUQJ/JsoQ/MyBYr5eFT9JG/MiYgoimrF1I5sI9/xnqbtxCCRvVBGe+xW7ss8
FSWjmgkq3GfydbaAwNuoRg8bu4VSOw3j9KPY2we+SBSmJg2XoA1+otqD8osSxqYz
6iH/YL2GK12cHx/g++SC+srboVFqQ8YWXcawW1xfFAB0ozqdEy5fqMm4EApl3+3o
/T1K4ueUGN0KOD1r79bBUGjAsPJEPlSJdwwp0oO8E1pH
-----END CERTIFICATE-----