This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/gwoEbA-s4PqsDQjmI3X53FaRSJ0.roa
File:                     gwoEbA-s4PqsDQjmI3X53FaRSJ0.roa (raw, json)
Hash identifier:          avXcM/pU53LLvoxo3B9yOyXnFdyqGLBv2h2RqdKqi6o=
Subject key identifier:   83:0A:04:6C:0F:AC:E0:FA:AC:0D:08:E6:23:75:F9:DC:56:91:48:9D
Certificate issuer:       /CN=e7d9cfb078eda5816fc809e98c25cb71963e75b7
Certificate serial:       019B79114C538CEFAC07E8AE908943FC274D
Authority key identifier: E7:D9:CF:B0:78:ED:A5:81:6F:C8:09:E9:8C:25:CB:71:96:3E:75:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/59nPsHjtpYFvyAnpjCXLcZY-dbc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/gwoEbA-s4PqsDQjmI3X53FaRSJ0.roa
Signing time:             Thu 01 Jan 2026 10:18:55 +0000
ROA not before:           Thu 01 Jan 2026 10:18:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34953
IP address blocks:        185.64.96.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/59nPsHjtpYFvyAnpjCXLcZY-dbc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/59nPsHjtpYFvyAnpjCXLcZY-dbc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/59nPsHjtpYFvyAnpjCXLcZY-dbc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 22:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:11:4c:53:8c:ef:ac:07:e8:ae:90:89:43:fc:27:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7d9cfb078eda5816fc809e98c25cb71963e75b7
        Validity
            Not Before: Jan  1 10:18:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=830a046c0face0faac0d08e62375f9dc5691489d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ee:0c:cf:65:b9:e3:c4:be:6e:24:45:d3:1a:
                    10:32:d5:fc:95:a0:d2:0e:a9:46:67:45:20:00:3e:
                    b7:73:53:b1:b9:7b:ad:23:6c:fb:50:66:58:0c:64:
                    c3:49:35:44:d6:64:aa:f5:b0:fb:d8:5c:59:12:48:
                    80:f0:69:c5:b7:8f:bc:75:65:f9:51:7a:7d:70:a4:
                    4c:0d:59:cf:b0:19:89:7d:db:5a:2a:4b:36:e8:f5:
                    16:4d:11:ca:88:10:1f:80:99:cf:21:8b:63:b0:3e:
                    75:1e:30:8e:71:38:a9:05:98:9c:b8:48:14:f1:04:
                    ff:2b:76:ce:df:44:54:42:df:79:2f:e2:38:86:c6:
                    28:ef:36:64:66:77:d0:56:24:b2:de:74:1a:94:0b:
                    3e:08:91:a6:56:8e:cc:10:af:ab:21:8f:99:a4:13:
                    a4:0f:23:e4:2c:65:35:18:f5:a6:da:8c:80:a7:1e:
                    98:ce:3c:17:59:15:43:5c:87:62:a9:0d:74:0e:7e:
                    62:e7:88:b4:77:e9:0c:85:15:30:c3:2e:f7:b7:f7:
                    b1:41:f9:82:73:9c:64:e2:07:c6:f5:d9:45:86:39:
                    4e:8d:88:cf:3f:e6:ea:18:42:e7:da:53:d3:0d:c0:
                    61:e1:4e:2e:a8:51:aa:d1:37:53:41:bb:88:84:4a:
                    0c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:0A:04:6C:0F:AC:E0:FA:AC:0D:08:E6:23:75:F9:DC:56:91:48:9D
            X509v3 Authority Key Identifier:
                keyid:E7:D9:CF:B0:78:ED:A5:81:6F:C8:09:E9:8C:25:CB:71:96:3E:75:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59nPsHjtpYFvyAnpjCXLcZY-dbc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/gwoEbA-s4PqsDQjmI3X53FaRSJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/000ea7-c9f4-4ebb-b9b1-feee7c29d4de/1/59nPsHjtpYFvyAnpjCXLcZY-dbc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:87:49:c8:82:e7:31:a9:b7:52:a5:19:2f:88:02:53:7b:2e:
         f6:f6:a9:88:8a:b5:28:0e:39:9e:7f:93:7b:bc:53:57:a9:58:
         9b:77:52:a8:3f:40:e8:b6:ba:b2:86:2e:b8:d9:20:1f:7d:67:
         31:13:9c:b3:ab:2f:ba:b0:8f:7a:1d:73:e7:b4:b6:62:f7:4e:
         a1:53:53:ea:e5:f4:15:43:fe:5e:e7:d5:61:89:3c:d8:8a:3c:
         30:ad:db:83:43:a8:01:e8:52:b8:42:e8:e1:c0:14:5e:db:bb:
         47:c5:d8:f0:91:22:e1:dc:6c:88:cc:50:c3:61:63:18:7b:b4:
         29:e3:4f:4b:d6:a3:6c:e8:25:7c:df:72:d0:d8:d0:66:bc:87:
         48:9b:34:48:9b:e3:b8:eb:fd:65:d3:59:c1:2f:b2:43:c8:4e:
         c8:be:a1:7e:16:d2:2b:c8:95:44:11:5b:32:13:fa:c4:3a:27:
         3d:d5:de:c3:08:cc:aa:f5:c6:a5:63:94:a6:35:4c:9e:9b:11:
         57:79:71:af:7b:c7:37:94:34:b3:10:3d:a2:3f:22:46:c1:cf:
         11:5b:c0:a3:6c:c1:72:d0:af:6c:85:38:76:ec:00:5a:c8:89:
         9f:b7:56:ca:6b:7c:2a:11:d6:55:f9:69:ea:dc:a1:2d:58:bc:
         ae:50:ac:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EUxTjO+sB+iukIlD/CdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDljZmIwNzhlZGE1ODE2ZmM4MDllOThjMjVjYjcxOTYz
ZTc1YjcwHhcNMjYwMTAxMTAxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzBhMDQ2YzBmYWNlMGZhYWMwZDA4ZTYyMzc1ZjlkYzU2OTE0ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne4Mz2W548S+biRF0xoQMtX8laDS
DqlGZ0UgAD63c1OxuXutI2z7UGZYDGTDSTVE1mSq9bD72FxZEkiA8GnFt4+8dWX5
UXp9cKRMDVnPsBmJfdtaKks26PUWTRHKiBAfgJnPIYtjsD51HjCOcTipBZicuEgU
8QT/K3bO30RUQt95L+I4hsYo7zZkZnfQViSy3nQalAs+CJGmVo7MEK+rIY+ZpBOk
DyPkLGU1GPWm2oyApx6YzjwXWRVDXIdiqQ10Dn5i54i0d+kMhRUwwy73t/exQfmC
c5xk4gfG9dlFhjlOjYjPP+bqGELn2lPTDcBh4U4uqFGq0TdTQbuIhEoMFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMKBGwPrOD6rA0I5iN1+dxWkUidMB8GA1UdIwQY
MBaAFOfZz7B47aWBb8gJ6Ywly3GWPnW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTluUHNIanRwWUZ2eUFucGpDWExjWlktZGJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wMDBlYTctYzlmNC00ZWJiLWI5YjEt
ZmVlZTdjMjlkNGRlLzEvZ3dvRWJBLXM0UHFzRFFqbUkzWDUzRmFSU0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wMDBlYTctYzlmNC00ZWJiLWI5YjEtZmVlZTdjMjlkNGRl
LzEvNTluUHNIanRwWUZ2eUFucGpDWExjWlktZGJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUBgMA0G
CSqGSIb3DQEBCwUAA4IBAQBkh0nIgucxqbdSpRkviAJTey729qmIirUoDjmef5N7
vFNXqVibd1KoP0Dotrqyhi642SAffWcxE5yzqy+6sI96HXPntLZi906hU1Pq5fQV
Q/5e59VhiTzYijwwrduDQ6gB6FK4QujhwBRe27tHxdjwkSLh3GyIzFDDYWMYe7Qp
409L1qNs6CV833LQ2NBmvIdImzRIm+O46/1l01nBL7JDyE7IvqF+FtIryJVEEVsy
E/rEOic91d7DCMyq9calY5SmNUyemxFXeXGve8c3lDSzED2iPyJGwc8RW8CjbMFy
0K9shTh27ABayImft1bKa3wqEdZV+Wnq3KEtWLyuUKx/
-----END CERTIFICATE-----