This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/wVNpm-1J5NTytyjtGnQX6j1BkDg.roa
File:                     wVNpm-1J5NTytyjtGnQX6j1BkDg.roa (raw, json)
Hash identifier:          QtG2sWben/myYIuxaHxhV/nd4dmlFHcHKMY3zMny2lo=
Subject key identifier:   C1:53:69:9B:ED:49:E4:D4:F2:B7:28:ED:1A:74:17:EA:3D:41:90:38
Certificate issuer:       /CN=bf99d23c82729a8049e7565775a864bc3aa282ef
Certificate serial:       019B7C7F934C83E16BEC94BAD22D15292E50
Authority key identifier: BF:99:D2:3C:82:72:9A:80:49:E7:56:57:75:A8:64:BC:3A:A2:82:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v5nSPIJymoBJ51ZXdahkvDqigu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/wVNpm-1J5NTytyjtGnQX6j1BkDg.roa
Signing time:             Fri 02 Jan 2026 02:18:14 +0000
ROA not before:           Fri 02 Jan 2026 02:18:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208950
IP address blocks:        185.134.62.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/v5nSPIJymoBJ51ZXdahkvDqigu8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/v5nSPIJymoBJ51ZXdahkvDqigu8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v5nSPIJymoBJ51ZXdahkvDqigu8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 17:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:7f:93:4c:83:e1:6b:ec:94:ba:d2:2d:15:29:2e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf99d23c82729a8049e7565775a864bc3aa282ef
        Validity
            Not Before: Jan  2 02:18:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c153699bed49e4d4f2b728ed1a7417ea3d419038
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cf:d6:ed:73:2c:f6:3a:52:d1:ce:28:70:1c:
                    8b:7f:d9:73:f0:88:ea:35:34:a7:d3:6b:9f:51:33:
                    04:ef:71:91:bd:77:1d:1f:a8:a9:d3:fa:5b:fa:3c:
                    cc:d4:19:70:65:d0:23:b0:8a:2a:b7:23:6d:5b:93:
                    04:ef:35:05:52:9c:cc:cf:75:26:2f:b6:f5:05:74:
                    23:19:2c:d4:a6:77:db:76:d7:a4:30:95:b7:17:24:
                    35:90:2f:a8:f5:ea:d1:c1:6b:69:d4:cb:30:2f:28:
                    1c:70:25:05:99:7b:2d:8b:4b:4a:9d:08:19:65:b5:
                    2d:7b:24:18:8c:44:64:c3:80:84:f8:dc:6d:09:87:
                    db:2f:86:ef:6f:52:29:a5:dd:35:f9:02:8e:1e:e0:
                    f1:3b:0c:ab:5b:b4:13:4d:e6:1f:0d:fb:36:01:35:
                    ac:8d:84:05:6d:d8:3f:85:83:3b:3e:89:c5:19:c0:
                    83:34:4c:b8:47:8f:14:e1:02:e8:51:b5:ff:42:9f:
                    b2:4b:e7:04:be:0a:25:0e:25:47:ef:14:f3:17:dd:
                    af:d3:f5:de:c4:9a:9a:f4:d7:53:7d:96:55:8c:3d:
                    81:ee:01:e2:03:c8:60:33:f0:32:13:76:f5:01:98:
                    02:78:cd:26:be:30:a0:c1:65:c8:09:08:c0:91:70:
                    a9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:53:69:9B:ED:49:E4:D4:F2:B7:28:ED:1A:74:17:EA:3D:41:90:38
            X509v3 Authority Key Identifier:
                keyid:BF:99:D2:3C:82:72:9A:80:49:E7:56:57:75:A8:64:BC:3A:A2:82:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5nSPIJymoBJ51ZXdahkvDqigu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/wVNpm-1J5NTytyjtGnQX6j1BkDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2ad53a-f118-4a88-8c2f-987086ccab84/1/v5nSPIJymoBJ51ZXdahkvDqigu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:12:06:7a:78:f7:01:e2:b2:a4:0a:c9:a3:7b:2c:e0:70:b6:
         f4:ee:6f:19:ae:e8:be:4e:9b:d8:15:0e:c6:38:9d:85:18:64:
         40:87:a9:57:71:e9:fa:bc:e9:29:76:b0:3a:6e:8b:1b:49:12:
         61:e1:e1:bc:2f:d6:6a:5b:c5:a1:fe:95:ed:d4:55:eb:8d:a0:
         06:0f:05:73:27:ed:bc:99:29:36:4a:f2:6e:b9:06:c5:27:45:
         e4:e4:77:29:47:47:f4:22:8a:5d:1a:9c:8f:d4:ac:fb:6a:6c:
         ea:e2:48:99:6d:fd:8c:61:68:1b:c5:86:fd:35:f2:f7:96:5a:
         b1:46:92:d5:d3:db:67:98:63:36:e1:24:55:b3:d7:19:ae:33:
         32:8d:55:90:0c:a2:98:e9:a1:d4:e1:a8:d4:ac:9a:3c:2a:16:
         db:a2:0d:e3:e9:58:7f:fc:19:70:8f:5a:f8:0c:d7:b1:af:83:
         ad:ee:b8:c0:b1:31:3d:e3:be:8a:08:e7:1f:64:36:d7:44:41:
         67:c2:6c:e6:ae:7c:1d:82:3c:21:a1:72:d5:89:1b:c3:9b:dd:
         13:30:e1:d0:7a:84:f0:d3:26:bd:8a:f7:80:2a:2a:77:aa:66:
         58:16:70:eb:79:47:68:00:08:c5:6a:88:19:a8:db:c2:22:26:
         7d:b7:5e:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8f5NMg+Fr7JS60i0VKS5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOTlkMjNjODI3MjlhODA0OWU3NTY1Nzc1YTg2NGJjM2Fh
MjgyZWYwHhcNMjYwMTAyMDIxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTUzNjk5YmVkNDllNGQ0ZjJiNzI4ZWQxYTc0MTdlYTNkNDE5MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys/W7XMs9jpS0c4ocByLf9lz8Ijq
NTSn02ufUTME73GRvXcdH6ip0/pb+jzM1BlwZdAjsIoqtyNtW5ME7zUFUpzMz3Um
L7b1BXQjGSzUpnfbdtekMJW3FyQ1kC+o9erRwWtp1MswLygccCUFmXsti0tKnQgZ
ZbUteyQYjERkw4CE+NxtCYfbL4bvb1Ippd01+QKOHuDxOwyrW7QTTeYfDfs2ATWs
jYQFbdg/hYM7PonFGcCDNEy4R48U4QLoUbX/Qp+yS+cEvgolDiVH7xTzF92v0/Xe
xJqa9NdTfZZVjD2B7gHiA8hgM/AyE3b1AZgCeM0mvjCgwWXICQjAkXCpQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFTaZvtSeTU8rco7Rp0F+o9QZA4MB8GA1UdIwQY
MBaAFL+Z0jyCcpqASedWV3WoZLw6ooLvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjVuU1BJSnltb0JKNTFaWGRhaGt2RHFpZ3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYWQ1M2EtZjExOC00YTg4LThjMmYt
OTg3MDg2Y2NhYjg0LzEvd1ZOcG0tMUo1TlR5dHlqdEduUVg2ajFCa0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYWQ1M2EtZjExOC00YTg4LThjMmYtOTg3MDg2Y2NhYjg0
LzEvdjVuU1BJSnltb0JKNTFaWGRhaGt2RHFpZ3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYY+MA0G
CSqGSIb3DQEBCwUAA4IBAQAsEgZ6ePcB4rKkCsmjeyzgcLb07m8Zrui+TpvYFQ7G
OJ2FGGRAh6lXcen6vOkpdrA6bosbSRJh4eG8L9ZqW8Wh/pXt1FXrjaAGDwVzJ+28
mSk2SvJuuQbFJ0Xk5HcpR0f0IopdGpyP1Kz7amzq4kiZbf2MYWgbxYb9NfL3llqx
RpLV09tnmGM24SRVs9cZrjMyjVWQDKKY6aHU4ajUrJo8Khbbog3j6Vh//Blwj1r4
DNexr4Ot7rjAsTE9476KCOcfZDbXREFnwmzmrnwdgjwhoXLViRvDm90TMOHQeoTw
0ya9iveAKip3qmZYFnDreUdoAAjFaogZqNvCIiZ9t17i
-----END CERTIFICATE-----