This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ptwWAfUIQhVLhqDQn5RDQ5c7CTA.roa
File:                     ptwWAfUIQhVLhqDQn5RDQ5c7CTA.roa (raw, json)
Hash identifier:          Nd7kZjPWVNNkDzbbN1dtVJihtNFnEpHnC+VpDFqPs8A=
Subject key identifier:   A6:DC:16:01:F5:08:42:15:4B:86:A0:D0:9F:94:43:43:97:3B:09:30
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       019B7C11FD82F59BB67B6277D340D2C7D893
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ptwWAfUIQhVLhqDQn5RDQ5c7CTA.roa
Signing time:             Fri 02 Jan 2026 00:18:32 +0000
ROA not before:           Fri 02 Jan 2026 00:18:32 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     210221
IP address blocks:        193.118.165.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:11:fd:82:f5:9b:b6:7b:62:77:d3:40:d2:c7:d8:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: Jan  2 00:18:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a6dc1601f50842154b86a0d09f944343973b0930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:41:8e:12:d3:90:c3:34:8a:2d:78:d8:d8:ca:
                    9f:a3:be:4d:0d:e1:5d:9e:62:3e:f0:22:b3:f8:d7:
                    5b:0e:34:fc:58:a8:df:b2:f9:0f:2c:49:de:86:0a:
                    52:25:57:de:51:f9:c9:6d:a4:a5:16:2d:6f:e3:28:
                    70:83:af:ea:bc:19:67:0b:46:cd:33:62:96:ae:52:
                    fe:ff:b9:c3:93:20:12:28:c3:6b:56:72:5a:07:2e:
                    0e:9a:af:94:01:13:3b:da:3e:08:7b:d0:1f:64:ea:
                    56:f2:01:6f:9e:83:1b:82:c9:b5:8e:55:f3:f7:97:
                    95:3f:bd:98:6e:5b:c7:65:02:81:41:98:71:f9:0c:
                    f9:03:5f:fe:57:c7:80:a8:66:68:5e:a6:e9:68:fc:
                    cf:ef:69:cd:9f:54:37:42:73:b4:ce:9a:b4:20:2a:
                    c0:18:96:80:7a:e4:10:9a:49:ff:36:98:54:f1:7d:
                    2a:68:fb:a6:b9:71:bc:96:18:8c:84:5b:f1:af:17:
                    ab:ed:c8:a3:2e:e6:ed:3d:6c:f7:f7:d4:2d:01:a2:
                    90:5b:39:04:b3:19:8f:09:cb:18:b1:66:0e:c4:3a:
                    87:69:9e:a9:d4:ee:b1:14:7b:5b:8c:0b:b4:2c:19:
                    d6:72:1d:3e:cb:c7:f2:5e:4b:67:38:d4:3f:18:1a:
                    92:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:DC:16:01:F5:08:42:15:4B:86:A0:D0:9F:94:43:43:97:3B:09:30
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ptwWAfUIQhVLhqDQn5RDQ5c7CTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:a9:8d:90:52:c4:68:cb:bc:b0:cc:e6:ff:f8:75:65:cc:90:
         5a:a2:6c:57:fa:e8:51:85:93:42:15:3c:57:1a:f8:d0:d5:c4:
         e8:35:1f:4a:9e:e0:e1:b0:4e:3d:a1:9a:a8:32:fb:05:fe:dc:
         50:3b:da:84:ba:76:e8:d0:eb:1b:30:50:ea:d2:08:1f:c6:51:
         1d:6f:86:7d:15:d2:95:b2:e4:f3:32:ff:46:80:83:16:e2:a5:
         50:a1:91:db:5e:8d:a4:99:e0:65:d5:8b:da:4f:4b:0f:e0:cc:
         3e:df:b5:79:7c:b7:b9:0e:df:23:38:ef:a3:8e:30:04:8c:97:
         d9:bf:35:3d:2e:38:1f:41:c7:e8:ab:e6:1d:48:62:3c:87:04:
         18:c1:d8:75:9a:3b:46:1d:25:f7:f1:62:2d:d4:7b:90:f1:c8:
         a7:2f:e3:1a:20:40:15:2f:83:5d:63:4c:7b:ac:cc:76:e1:18:
         1f:ed:0e:d9:0f:4d:39:38:f9:01:3e:0b:f3:a5:45:cb:d6:9d:
         dc:8f:8b:5c:11:31:8f:4e:ec:de:c8:9d:ca:40:86:6c:9c:b2:
         4a:da:e4:7b:91:21:90:9c:2a:59:b5:8c:2b:fd:fc:02:94:48:
         5b:7b:ad:df:ec:fa:3d:c0:90:00:dd:3f:1a:27:56:84:7e:01:
         af:e3:76:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8Ef2C9Zu2e2J300DSx9iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjYwMTAyMDAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRjMTYwMWY1MDg0MjE1NGI4NmEwZDA5Zjk0NDM0Mzk3M2IwOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0GOEtOQwzSKLXjY2Mqfo75NDeFd
nmI+8CKz+NdbDjT8WKjfsvkPLEnehgpSJVfeUfnJbaSlFi1v4yhwg6/qvBlnC0bN
M2KWrlL+/7nDkyASKMNrVnJaBy4Omq+UARM72j4Ie9AfZOpW8gFvnoMbgsm1jlXz
95eVP72YblvHZQKBQZhx+Qz5A1/+V8eAqGZoXqbpaPzP72nNn1Q3QnO0zpq0ICrA
GJaAeuQQmkn/NphU8X0qaPumuXG8lhiMhFvxrxer7cijLubtPWz399QtAaKQWzkE
sxmPCcsYsWYOxDqHaZ6p1O6xFHtbjAu0LBnWch0+y8fyXktnONQ/GBqSPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbcFgH1CEIVS4ag0J+UQ0OXOwkwMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvcHR3V0FmVUlRaFZMaHFEUW41UkRRNWM3Q1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXalMA0G
CSqGSIb3DQEBCwUAA4IBAQCWqY2QUsRoy7ywzOb/+HVlzJBaomxX+uhRhZNCFTxX
GvjQ1cToNR9KnuDhsE49oZqoMvsF/txQO9qEunbo0OsbMFDq0ggfxlEdb4Z9FdKV
suTzMv9GgIMW4qVQoZHbXo2kmeBl1YvaT0sP4Mw+37V5fLe5Dt8jOO+jjjAEjJfZ
vzU9LjgfQcfoq+YdSGI8hwQYwdh1mjtGHSX38WIt1HuQ8cinL+MaIEAVL4NdY0x7
rMx24Rgf7Q7ZD005OPkBPgvzpUXL1p3cj4tcETGPTuzeyJ3KQIZsnLJK2uR7kSGQ
nCpZtYwr/fwClEhbe63f7Po9wJAA3T8aJ1aEfgGv43bX
-----END CERTIFICATE-----