This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/URUlLpBVWcqlr-dWT89da7EOCWY.roa
File:                     URUlLpBVWcqlr-dWT89da7EOCWY.roa (raw, json)
Hash identifier:          UzkQ05Ba6/VplZc5cKbiaaQoJ98CijIr5oW5pt86ogk=
Subject key identifier:   51:15:25:2E:90:55:59:CA:A5:AF:E7:56:4F:CF:5D:6B:B1:0E:09:66
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       019BA85310E659F66ACEC0FEEEE2C4707127
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/URUlLpBVWcqlr-dWT89da7EOCWY.roa
Signing time:             Sat 10 Jan 2026 14:32:54 +0000
ROA not before:           Sat 10 Jan 2026 14:32:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     9304
IP address blocks:        5.180.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 03:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:a8:53:10:e6:59:f6:6a:ce:c0:fe:ee:e2:c4:70:71:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 10 14:32:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5115252e905559caa5afe7564fcf5d6bb10e0966
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9a:66:1e:fe:35:1f:1d:1b:b4:46:4a:1a:14:
                    61:3e:f8:a5:72:f1:11:bb:a5:37:2e:4b:2e:7a:39:
                    29:2a:12:94:d2:34:ad:8c:9d:70:9d:f9:c9:a8:0a:
                    6a:28:c5:3a:3e:5f:06:3c:06:d6:41:a4:8f:ed:6c:
                    3f:cb:1b:34:02:11:19:42:73:5f:0a:c3:39:a4:07:
                    ff:06:80:e2:e7:4f:e7:25:fe:a2:93:f3:f4:2f:ad:
                    54:38:12:d3:b4:31:3b:8f:69:5b:29:eb:52:ba:30:
                    30:01:20:20:15:69:20:c9:d9:a2:4b:d8:a2:68:07:
                    22:eb:41:03:85:1f:87:d6:a9:35:79:c4:c0:bd:a3:
                    b1:7e:95:52:7a:73:3c:8d:66:d7:57:01:0f:02:88:
                    2d:9a:9f:ff:c2:f4:ae:68:75:bc:b8:2d:9b:7c:a8:
                    74:d0:80:9a:cc:c6:39:35:50:f8:c9:03:f1:8e:eb:
                    e1:b7:ac:67:55:a9:62:91:9c:ee:cb:46:1f:54:89:
                    70:13:c0:e1:fc:a3:f2:91:39:75:74:3d:6a:a2:9a:
                    1b:73:93:35:2d:cc:8a:95:bb:c0:b3:79:a8:3d:c9:
                    50:a4:d7:c7:e6:00:45:94:2f:ad:a1:4b:ef:ac:a9:
                    e8:05:ff:fd:cb:28:32:d5:8e:c4:0c:87:ea:00:d7:
                    9b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:15:25:2E:90:55:59:CA:A5:AF:E7:56:4F:CF:5D:6B:B1:0E:09:66
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/URUlLpBVWcqlr-dWT89da7EOCWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:18:42:c6:af:4b:2a:55:af:e6:0a:41:c6:d2:84:e7:9f:cf:
         89:30:57:95:1a:01:c2:69:69:92:ee:33:23:94:82:df:8e:87:
         aa:fc:78:7c:d7:50:d9:ea:55:aa:70:d5:74:f4:1d:4f:72:cf:
         f0:14:1a:0a:c0:d8:dd:2f:72:50:a4:9a:3c:aa:7f:8c:57:d9:
         53:8e:a0:71:a8:2b:28:ab:ff:56:9a:b5:ed:61:28:c7:a6:d6:
         ca:12:de:b6:37:b9:34:66:c6:3f:ae:7e:99:a0:2f:1c:91:26:
         20:09:cc:be:2d:69:0e:48:9b:d8:a6:db:77:73:05:6f:6f:9e:
         0a:be:1b:2f:ae:a9:8d:09:78:ba:bc:0c:f4:9d:c1:2f:15:c8:
         c2:54:60:85:6d:de:f4:93:82:4c:c2:9d:ee:77:56:7e:75:61:
         12:1d:8a:c9:27:cf:ec:ce:fa:89:bc:3e:28:15:3c:48:56:75:
         3f:a7:69:8e:87:1a:16:97:0d:3b:a9:11:54:83:aa:c6:d6:87:
         95:ef:b7:d8:89:23:e5:35:e5:07:7c:79:03:e5:b4:6f:7c:c0:
         63:86:b6:1d:cd:f8:b1:9b:42:e8:c1:52:b8:3f:c5:d0:b6:9c:
         e4:66:3a:61:bf:4c:f5:73:4e:5e:fc:f7:89:68:33:58:a5:db:
         f4:ee:7d:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZuoUxDmWfZqzsD+7uLEcHEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMTEwMTQzMjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE1MjUyZTkwNTU1OWNhYTVhZmU3NTY0ZmNmNWQ2YmIxMGUwOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5pmHv41Hx0btEZKGhRhPvilcvER
u6U3LksuejkpKhKU0jStjJ1wnfnJqApqKMU6Pl8GPAbWQaSP7Ww/yxs0AhEZQnNf
CsM5pAf/BoDi50/nJf6ik/P0L61UOBLTtDE7j2lbKetSujAwASAgFWkgydmiS9ii
aAci60EDhR+H1qk1ecTAvaOxfpVSenM8jWbXVwEPAogtmp//wvSuaHW8uC2bfKh0
0ICazMY5NVD4yQPxjuvht6xnValikZzuy0YfVIlwE8Dh/KPykTl1dD1qopobc5M1
LcyKlbvAs3moPclQpNfH5gBFlC+toUvvrKnoBf/9yygy1Y7EDIfqANeblQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEVJS6QVVnKpa/nVk/PXWuxDglmMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvVVJVbExwQlZXY3Fsci1kV1Q4OWRhN0VPQ1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbToMA0G
CSqGSIb3DQEBCwUAA4IBAQCdGELGr0sqVa/mCkHG0oTnn8+JMFeVGgHCaWmS7jMj
lILfjoeq/Hh811DZ6lWqcNV09B1Pcs/wFBoKwNjdL3JQpJo8qn+MV9lTjqBxqCso
q/9WmrXtYSjHptbKEt62N7k0ZsY/rn6ZoC8ckSYgCcy+LWkOSJvYptt3cwVvb54K
vhsvrqmNCXi6vAz0ncEvFcjCVGCFbd70k4JMwp3ud1Z+dWESHYrJJ8/szvqJvD4o
FTxIVnU/p2mOhxoWlw07qRFUg6rG1oeV77fYiSPlNeUHfHkD5bRvfMBjhrYdzfix
m0LowVK4P8XQtpzkZjphv0z1c05e/PeJaDNYpdv07n2X
-----END CERTIFICATE-----