This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/WIAk63chBCdGYiGDL4jJVIzgpHA.roa
File:                     WIAk63chBCdGYiGDL4jJVIzgpHA.roa (raw, json)
Hash identifier:          e3taT/GSCbu7IKCePzef39V4CQeoRg7zNm3KotlMe7A=
Subject key identifier:   58:80:24:EB:77:21:04:27:46:62:21:83:2F:88:C9:54:8C:E0:A4:70
Certificate issuer:       /CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Certificate serial:       019B7BA33EEA5CE7BCD07B0FBB8052CEBAD0
Authority key identifier: B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/WIAk63chBCdGYiGDL4jJVIzgpHA.roa
Signing time:             Thu 01 Jan 2026 22:17:34 +0000
ROA not before:           Thu 01 Jan 2026 22:17:34 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     43349
IP address blocks:        91.215.201.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a3:3e:ea:5c:e7:bc:d0:7b:0f:bb:80:52:ce:ba:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
        Validity
            Not Before: Jan  1 22:17:34 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=588024eb77210427466221832f88c9548ce0a470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ff:6c:76:46:96:b9:1e:ae:6d:9a:a3:cd:d7:
                    d1:ae:9c:40:f3:2b:fd:38:64:05:66:48:22:7d:0b:
                    65:ad:fd:d9:74:db:81:2b:c0:be:ce:86:6f:3d:db:
                    80:05:4b:39:6a:6b:49:6b:61:f9:30:16:44:c3:d7:
                    cc:a3:61:0e:0b:a9:02:81:05:e0:d9:14:bf:d0:31:
                    7d:ea:60:d6:5a:08:4c:a6:b7:ac:55:84:0c:11:e0:
                    20:34:6e:75:3f:fb:2b:6e:59:d1:15:62:9b:6f:fc:
                    9b:75:9b:c3:55:0b:cc:4b:25:03:b6:a1:6d:94:76:
                    11:6a:9d:20:6e:b7:a9:13:f0:35:0c:c0:59:13:ae:
                    1a:0e:e0:00:3a:76:9d:3d:5d:0b:ba:36:d7:64:aa:
                    e2:05:a1:a1:1a:c4:ae:9c:80:64:5a:f9:dd:7e:56:
                    3f:f2:eb:35:c4:c5:12:2e:80:58:b7:cb:2e:8a:fd:
                    0d:fa:f4:3c:f8:09:eb:c0:4d:67:58:94:9f:47:d6:
                    81:6d:bf:32:b6:40:df:fd:d9:b0:b3:e3:ff:ac:ce:
                    b5:06:fa:1e:4a:82:7d:e4:78:c3:c4:c0:2c:14:89:
                    ec:4f:bf:12:68:ad:be:4e:1e:0a:08:c7:3e:da:70:
                    18:10:33:b7:b4:19:54:44:82:7c:be:b5:53:68:eb:
                    4c:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:80:24:EB:77:21:04:27:46:62:21:83:2F:88:C9:54:8C:E0:A4:70
            X509v3 Authority Key Identifier:
                keyid:B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/WIAk63chBCdGYiGDL4jJVIzgpHA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.215.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:17:34:32:54:0f:eb:2e:01:ce:3e:0a:77:3b:93:f0:c2:a7:
         b2:13:71:92:7d:0b:6d:b6:da:f2:81:32:0f:36:de:39:86:ce:
         a0:01:ca:59:9c:c7:46:ac:3f:8a:1f:73:d9:d6:1d:0d:e4:6e:
         2f:75:d5:02:2c:bb:1e:61:11:6b:be:b6:e2:98:74:30:19:0b:
         79:82:fc:f8:88:5a:bc:80:10:ae:51:03:82:a8:eb:64:ff:04:
         36:09:af:ec:bd:5e:32:63:1a:18:ae:4b:89:2b:5b:44:f1:7f:
         62:ff:10:af:10:b9:4f:d0:e3:00:a1:58:6c:ce:76:72:3c:49:
         95:66:72:ff:c0:f9:1e:f3:da:66:51:97:6b:1c:1f:6f:6a:61:
         71:d9:ca:8e:99:98:9d:2a:c1:69:2d:66:37:50:d0:6e:82:0e:
         60:cf:ca:aa:c6:d5:ab:91:02:85:1c:04:3a:75:61:8f:0a:fb:
         d8:8f:f8:9d:60:da:5e:af:92:77:89:48:89:11:0e:62:a3:13:
         b9:03:8a:04:ce:25:db:42:4a:ff:ef:aa:22:34:29:e8:e6:ff:
         29:ba:b6:c4:63:0f:49:9b:57:e9:26:f6:d2:62:0b:f7:c8:6b:
         40:7e:59:86:f2:07:ff:e6:35:10:ff:50:d7:31:56:6b:76:66:
         68:a3:21:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7oz7qXOe80HsPu4BSzrrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWQzZWJjZDIxNTVmOWExNzhhMTAzYWRhYjQ4ZmRhOGIy
Mjc1YTUwHhcNMjYwMTAxMjIxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODgwMjRlYjc3MjEwNDI3NDY2MjIxODMyZjg4Yzk1NDhjZTBhNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/9sdkaWuR6ubZqjzdfRrpxA8yv9
OGQFZkgifQtlrf3ZdNuBK8C+zoZvPduABUs5amtJa2H5MBZEw9fMo2EOC6kCgQXg
2RS/0DF96mDWWghMpresVYQMEeAgNG51P/srblnRFWKbb/ybdZvDVQvMSyUDtqFt
lHYRap0gbrepE/A1DMBZE64aDuAAOnadPV0LujbXZKriBaGhGsSunIBkWvndflY/
8us1xMUSLoBYt8suiv0N+vQ8+AnrwE1nWJSfR9aBbb8ytkDf/dmws+P/rM61Bvoe
SoJ95HjDxMAsFInsT78SaK2+Th4KCMc+2nAYEDO3tBlURIJ8vrVTaOtM4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiAJOt3IQQnRmIhgy+IyVSM4KRwMB8GA1UdIwQY
MBaAFLjtPrzSFV+aF4oQOtq0j9qLInWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMt
ZGVhMTJkZDhjN2Y0LzEvV0lBazYzY2hCQ2RHWWlHREw0akpWSXpncEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMtZGVhMTJkZDhjN2Y0
LzEvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9fJMA0G
CSqGSIb3DQEBCwUAA4IBAQB/FzQyVA/rLgHOPgp3O5PwwqeyE3GSfQttttrygTIP
Nt45hs6gAcpZnMdGrD+KH3PZ1h0N5G4vddUCLLseYRFrvrbimHQwGQt5gvz4iFq8
gBCuUQOCqOtk/wQ2Ca/svV4yYxoYrkuJK1tE8X9i/xCvELlP0OMAoVhsznZyPEmV
ZnL/wPke89pmUZdrHB9vamFx2cqOmZidKsFpLWY3UNBugg5gz8qqxtWrkQKFHAQ6
dWGPCvvYj/idYNper5J3iUiJEQ5ioxO5A4oEziXbQkr/76oiNCno5v8purbEYw9J
m1fpJvbSYgv3yGtAflmG8gf/5jUQ/1DXMVZrdmZooyEK
-----END CERTIFICATE-----