This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/wbgHSq1P1hT1c4Z9yPLSRLsBMLY.roa
File:                     wbgHSq1P1hT1c4Z9yPLSRLsBMLY.roa (raw, json)
Hash identifier:          M1CVH/hZaoiDk+r9nDNnbsek6x6GBh3SGNDKUroXUZQ=
Subject key identifier:   C1:B8:07:4A:AD:4F:D6:14:F5:73:86:7D:C8:F2:D2:44:BB:01:30:B6
Certificate issuer:       /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial:       019B7C8040981F44EE15934D5F1931CD698F
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/wbgHSq1P1hT1c4Z9yPLSRLsBMLY.roa
Signing time:             Fri 02 Jan 2026 02:18:58 +0000
ROA not before:           Fri 02 Jan 2026 02:18:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     56729
IP address blocks:        89.40.96.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 11:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:40:98:1f:44:ee:15:93:4d:5f:19:31:cd:69:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
        Validity
            Not Before: Jan  2 02:18:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c1b8074aad4fd614f573867dc8f2d244bb0130b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d2:d1:d1:36:b3:a9:e4:44:6a:12:e5:ab:39:
                    fa:1b:48:86:b6:14:ce:9b:14:40:4d:c9:27:29:cc:
                    e8:a3:9e:10:b0:ab:e9:a6:a7:4a:61:e1:11:39:68:
                    fe:af:83:dd:74:80:08:3f:18:0d:0f:70:03:8f:0c:
                    8f:d1:c7:dc:88:95:fe:f7:72:46:f1:cd:61:0c:ce:
                    ad:2d:0d:5d:25:10:f2:5e:28:7b:76:31:45:f4:28:
                    a0:8f:75:da:63:ab:17:b3:41:67:45:6f:e8:b4:2a:
                    ff:84:26:cc:11:9e:ac:08:66:53:1c:7c:07:cc:a2:
                    90:b9:b1:01:16:2b:5a:b9:6f:bd:f8:c6:55:c3:2a:
                    98:03:77:5d:bd:fe:98:d5:2a:c1:84:d9:04:f4:46:
                    e4:bd:59:2e:1f:81:4f:2c:9a:9b:0b:e0:e6:41:40:
                    bc:fa:c1:02:02:11:a6:f3:23:de:f1:fc:42:43:c7:
                    0a:27:81:9b:e5:97:23:de:45:40:a1:a7:ef:ad:e2:
                    19:c1:3a:96:eb:d9:ed:76:0b:a1:8d:ab:84:33:f3:
                    a1:d8:c4:ef:32:74:85:5f:d6:4a:78:8a:fa:dc:07:
                    a2:b0:5e:bd:3c:e6:ee:75:f2:42:99:84:dd:63:21:
                    18:f7:b7:06:a0:30:20:f3:33:62:88:5b:64:11:aa:
                    8b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:B8:07:4A:AD:4F:D6:14:F5:73:86:7D:C8:F2:D2:44:BB:01:30:B6
            X509v3 Authority Key Identifier:
                keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/wbgHSq1P1hT1c4Z9yPLSRLsBMLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.40.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:30:ab:03:b4:7b:ec:65:8b:31:24:f6:cf:46:26:06:f9:c0:
         46:54:20:1c:d7:69:92:67:d1:1e:6f:14:75:fb:1a:34:e7:ef:
         52:8e:6e:da:d3:1a:5a:df:af:9c:9c:0b:97:21:05:aa:ce:67:
         00:35:d1:10:56:e6:38:a3:ae:56:2e:b3:34:06:34:c7:e1:c2:
         3e:b2:1c:5d:a8:b1:26:92:6d:68:bd:1e:cd:ed:c7:b9:21:cf:
         6c:c5:f7:2f:0b:73:ea:5d:86:ed:b2:25:c1:a2:59:c8:f8:13:
         4d:f3:5f:12:54:7b:3c:c1:cc:97:59:82:7d:54:05:ed:db:ab:
         21:5f:37:a6:8f:fb:bb:23:de:f6:28:21:00:56:cc:8c:9b:6a:
         ed:71:ba:56:e2:67:2c:17:33:5a:76:29:1e:65:e7:15:dd:ee:
         9e:8f:68:4f:dd:8d:0f:30:2d:6b:82:e0:18:4d:3d:6a:e1:ac:
         db:3b:ad:e4:2a:ea:74:90:6c:f7:b2:b4:c9:22:ec:12:45:1f:
         f8:4c:18:43:18:05:2c:f6:b6:7b:47:1a:2e:ff:0e:c1:6c:d7:
         57:32:3a:22:a2:0c:ea:9c:8a:11:3c:64:28:db:03:d6:cc:3e:
         d9:b6:a9:8b:1d:01:35:08:85:d9:29:8a:37:15:04:16:f1:24:
         dd:20:89:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8gECYH0TuFZNNXxkxzWmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjYwMTAyMDIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWI4MDc0YWFkNGZkNjE0ZjU3Mzg2N2RjOGYyZDI0NGJiMDEzMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtLR0TazqeREahLlqzn6G0iGthTO
mxRATcknKczoo54QsKvppqdKYeEROWj+r4PddIAIPxgND3ADjwyP0cfciJX+93JG
8c1hDM6tLQ1dJRDyXih7djFF9Cigj3XaY6sXs0FnRW/otCr/hCbMEZ6sCGZTHHwH
zKKQubEBFitauW+9+MZVwyqYA3ddvf6Y1SrBhNkE9EbkvVkuH4FPLJqbC+DmQUC8
+sECAhGm8yPe8fxCQ8cKJ4Gb5Zcj3kVAoafvreIZwTqW69ntdguhjauEM/Oh2MTv
MnSFX9ZKeIr63AeisF69PObudfJCmYTdYyEY97cGoDAg8zNiiFtkEaqLXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMG4B0qtT9YU9XOGfcjy0kS7ATC2MB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvd2JnSFNxMVAxaFQxYzRaOXlQTFNSTHNCTUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWShgMA0G
CSqGSIb3DQEBCwUAA4IBAQARMKsDtHvsZYsxJPbPRiYG+cBGVCAc12mSZ9EebxR1
+xo05+9Sjm7a0xpa36+cnAuXIQWqzmcANdEQVuY4o65WLrM0BjTH4cI+shxdqLEm
km1ovR7N7ce5Ic9sxfcvC3PqXYbtsiXBolnI+BNN818SVHs8wcyXWYJ9VAXt26sh
Xzemj/u7I972KCEAVsyMm2rtcbpW4mcsFzNadikeZecV3e6ej2hP3Y0PMC1rguAY
TT1q4azbO63kKup0kGz3srTJIuwSRR/4TBhDGAUs9rZ7Rxou/w7BbNdXMjoiogzq
nIoRPGQo2wPWzD7ZtqmLHQE1CIXZKYo3FQQW8STdIIk+
-----END CERTIFICATE-----
Generated at Sun Jan 25 22:13:08 2026 by rpki-client