This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WgVZMdOOZojW3trH2LvkIB1OQVA.roa
File:                     WgVZMdOOZojW3trH2LvkIB1OQVA.roa (raw, json)
Hash identifier:          OL0Te6J3cFf6IZiukzWg2gvD8nhIkG9rUZjwGqcYDnc=
Subject key identifier:   5A:05:59:31:D3:8E:66:88:D6:DE:DA:C7:D8:BB:E4:20:1D:4E:41:50
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       019B7BA533BF5E4181645D32513534DC2771
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WgVZMdOOZojW3trH2LvkIB1OQVA.roa
Signing time:             Thu 01 Jan 2026 22:19:42 +0000
ROA not before:           Thu 01 Jan 2026 22:19:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     35183
IP address blocks:        62.176.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a5:33:bf:5e:41:81:64:5d:32:51:35:34:dc:27:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 22:19:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5a055931d38e6688d6dedac7d8bbe4201d4e4150
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cd:dd:52:79:1d:a5:e4:f9:23:95:61:44:41:
                    48:47:31:0c:f4:67:9e:cc:59:98:9e:aa:1e:3e:0c:
                    98:51:da:e3:eb:56:2c:c8:ff:98:49:92:d1:c5:4f:
                    8d:74:b2:69:c4:1b:84:ad:cd:7b:73:ec:41:1c:24:
                    72:d8:0b:d4:bb:e3:ef:19:b0:fd:75:e1:8d:ea:89:
                    a2:af:a1:2d:a9:d5:fc:6e:9f:57:e1:5d:2d:63:2c:
                    68:ea:da:98:18:71:b8:4e:75:cf:bd:85:3d:18:c5:
                    47:ba:3d:97:d4:73:f0:12:3c:6c:af:a6:64:ef:b1:
                    25:53:25:ad:ae:c8:29:40:b2:8b:0c:fe:b6:8e:9f:
                    d0:b8:cf:b4:a9:7a:bf:83:72:ca:29:7b:4b:65:6f:
                    a3:a4:03:e7:c3:c9:82:b2:a1:72:79:14:c0:25:74:
                    74:36:a4:2a:d2:77:e1:37:ce:5d:c7:5c:32:72:be:
                    47:9e:14:5a:96:3a:2d:a4:3f:f2:8e:71:2a:a4:4d:
                    5e:50:25:f4:83:43:66:1b:87:c6:a6:81:3d:7f:c0:
                    b5:d6:cc:82:86:e8:93:84:d5:00:29:df:84:93:3a:
                    85:f2:43:d9:cb:e7:e4:ca:79:42:50:d9:ba:8b:82:
                    f0:00:d5:7a:dd:17:af:43:8c:37:0a:3b:75:04:5c:
                    b7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:05:59:31:D3:8E:66:88:D6:DE:DA:C7:D8:BB:E4:20:1D:4E:41:50
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WgVZMdOOZojW3trH2LvkIB1OQVA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.176.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:76:9d:50:93:26:ec:b7:b5:d6:2a:90:01:47:a6:bd:8e:3a:
         59:47:58:52:12:61:bc:76:c3:01:1d:6d:98:2b:eb:32:8b:5c:
         d7:23:fc:70:5d:1b:fa:10:5d:40:65:0b:05:3c:23:66:1f:4c:
         9b:22:ee:60:5c:ce:57:b8:69:ae:33:63:38:89:8f:1d:0c:2e:
         3a:8d:2a:c7:43:04:ad:be:4d:1d:94:14:dc:06:88:f4:21:35:
         59:61:8d:36:ce:ad:2f:c7:87:71:b5:58:fb:aa:80:95:44:d3:
         36:6b:1c:ba:2f:7e:dd:3f:84:56:c3:45:6c:eb:59:85:67:6e:
         9c:5e:1e:6b:c4:1a:44:76:a2:79:c3:a5:51:e8:f5:9a:c8:0c:
         26:f9:1b:56:9d:33:65:7f:74:4a:34:9f:87:cf:1e:4a:57:a2:
         6b:1e:c5:83:e2:ac:81:55:dd:a5:12:64:89:3b:47:7f:bb:4c:
         0e:aa:b6:0a:cf:f6:3a:a4:a5:4e:05:f5:47:d2:08:b1:bc:ea:
         72:7a:57:32:9c:40:aa:42:13:6b:70:17:f6:fe:6d:59:86:20:
         ea:83:d9:e2:3e:59:da:78:3a:13:d4:1c:8f:f7:51:de:1b:7a:
         e3:d0:b7:c8:56:57:c7:fd:88:d9:da:a0:0f:95:d1:c2:27:80:
         43:e0:97:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pTO/XkGBZF0yUTU03CdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjYwMTAxMjIxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA1NTkzMWQzOGU2Njg4ZDZkZWRhYzdkOGJiZTQyMDFkNGU0MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms3dUnkdpeT5I5VhREFIRzEM9Gee
zFmYnqoePgyYUdrj61YsyP+YSZLRxU+NdLJpxBuErc17c+xBHCRy2AvUu+PvGbD9
deGN6omir6EtqdX8bp9X4V0tYyxo6tqYGHG4TnXPvYU9GMVHuj2X1HPwEjxsr6Zk
77ElUyWtrsgpQLKLDP62jp/QuM+0qXq/g3LKKXtLZW+jpAPnw8mCsqFyeRTAJXR0
NqQq0nfhN85dx1wycr5HnhRaljotpD/yjnEqpE1eUCX0g0NmG4fGpoE9f8C11syC
huiThNUAKd+EkzqF8kPZy+fkynlCUNm6i4LwANV63RevQ4w3Cjt1BFy3PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFoFWTHTjmaI1t7ax9i75CAdTkFQMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvV2dWWk1kT09ab2pXM3RySDJMdmtJQjFPUVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrBvMA0G
CSqGSIb3DQEBCwUAA4IBAQAPdp1Qkybst7XWKpABR6a9jjpZR1hSEmG8dsMBHW2Y
K+syi1zXI/xwXRv6EF1AZQsFPCNmH0ybIu5gXM5XuGmuM2M4iY8dDC46jSrHQwSt
vk0dlBTcBoj0ITVZYY02zq0vx4dxtVj7qoCVRNM2axy6L37dP4RWw0Vs61mFZ26c
Xh5rxBpEdqJ5w6VR6PWayAwm+RtWnTNlf3RKNJ+Hzx5KV6JrHsWD4qyBVd2lEmSJ
O0d/u0wOqrYKz/Y6pKVOBfVH0gixvOpyelcynECqQhNrcBf2/m1ZhiDqg9niPlna
eDoT1ByP91HeG3rj0LfIVlfH/YjZ2qAPldHCJ4BD4JdM
-----END CERTIFICATE-----