This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WT53O2-JwHld_6Q5CNCEdnkw7rY.roa
File:                     WT53O2-JwHld_6Q5CNCEdnkw7rY.roa (raw, json)
Hash identifier:          uNkSptEeBy4hV2fGfWH8FL1dFTYkDUQLFw4OXxS4m2U=
Subject key identifier:   59:3E:77:3B:6F:89:C0:79:5D:FF:A4:39:08:D0:84:76:79:30:EE:B6
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       019B77C695E859E6DCE0203012E3E046E076
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WT53O2-JwHld_6Q5CNCEdnkw7rY.roa
Signing time:             Thu 01 Jan 2026 04:17:41 +0000
ROA not before:           Thu 01 Jan 2026 04:17:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204774
IP address blocks:        5.154.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 21:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:95:e8:59:e6:dc:e0:20:30:12:e3:e0:46:e0:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  1 04:17:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=593e773b6f89c0795dffa43908d084767930eeb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:6e:24:3b:51:b5:06:1a:01:c7:7b:d4:54:79:
                    ab:f5:aa:10:03:00:15:11:4a:df:15:b6:0d:7a:bb:
                    55:fa:fa:6b:d0:8b:fa:b7:c4:43:8b:cc:94:e5:ff:
                    7f:51:b0:9e:d0:63:dc:e1:b9:10:3c:a3:b1:6f:4c:
                    dd:93:4c:33:e9:4c:07:cc:4b:35:c8:04:ff:75:3f:
                    43:0c:97:b3:95:e8:f4:83:b9:b4:1f:2d:fd:a9:e4:
                    78:a6:19:ef:9c:c8:ba:f0:f4:b7:8c:a1:df:07:83:
                    37:ea:40:d7:9a:b3:e7:a7:3f:52:9b:2d:bc:fd:5f:
                    af:0a:6f:d8:25:ea:77:01:0d:61:22:57:30:c6:b5:
                    a4:b3:38:04:1a:ac:69:a7:59:2f:34:b6:5c:cb:c2:
                    7a:bd:90:9c:fe:05:1a:47:06:f6:a9:fc:d2:5f:5e:
                    0c:58:fc:55:9d:2c:de:62:2a:0f:62:4d:4d:cf:c2:
                    c2:d1:94:76:20:94:81:df:90:12:78:6c:d6:26:a1:
                    6d:4f:5e:a9:cd:a2:b5:ab:ca:63:8c:58:29:a8:ba:
                    7d:90:5f:3c:9c:89:86:5a:0d:69:d9:a7:05:6d:09:
                    9e:42:cc:a2:2b:08:5f:b8:13:26:74:81:86:c3:4f:
                    6c:68:fc:3a:c0:2f:0b:ef:68:ef:ce:6f:95:ea:5e:
                    55:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:3E:77:3B:6F:89:C0:79:5D:FF:A4:39:08:D0:84:76:79:30:EE:B6
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/WT53O2-JwHld_6Q5CNCEdnkw7rY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:de:c7:2b:d1:ab:05:f4:27:27:2e:20:9d:09:87:8d:7d:17:
         79:bc:25:e3:ff:43:2c:c6:fb:6b:fa:d4:52:e7:98:67:97:b8:
         57:48:1b:ca:d7:3a:f2:44:2f:bb:f9:84:77:e7:4e:0c:fe:f9:
         5b:6b:df:ef:bf:3b:fa:7f:38:3e:8c:80:77:9f:b1:9f:40:58:
         0b:e0:11:a0:a1:a2:65:83:6b:df:b7:a8:ff:e2:64:2b:37:02:
         25:13:d0:40:14:bd:03:12:4d:2f:ee:26:ea:12:59:a7:38:a8:
         d0:53:d3:e3:4e:3e:d6:72:ed:39:8f:27:51:f7:4f:6c:b4:c3:
         0c:e2:bd:31:bb:30:ff:f5:c6:3e:66:79:ad:17:41:78:89:ed:
         d7:e1:b4:28:91:bb:22:f5:af:f9:84:9a:87:e2:83:3a:94:56:
         5a:fa:b9:7f:59:e3:08:07:5b:46:e0:21:e8:d6:1e:0c:21:57:
         b2:ea:67:06:9f:c7:0c:2d:a5:08:0d:9d:77:a5:cb:cd:49:3d:
         5e:2d:c9:d0:85:97:4a:fb:31:8a:c2:e4:91:64:6c:65:5b:ba:
         ce:42:9a:a0:e6:a0:e5:fe:1d:c0:c4:26:ea:dc:0d:e8:70:d4:
         1b:23:a9:c2:61:37:f1:95:39:f4:27:15:d2:73:b9:9d:a8:4e:
         ad:29:43:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xpXoWebc4CAwEuPgRuB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjYwMTAxMDQxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNlNzczYjZmODljMDc5NWRmZmE0MzkwOGQwODQ3Njc5MzBlZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5G4kO1G1BhoBx3vUVHmr9aoQAwAV
EUrfFbYNertV+vpr0Iv6t8RDi8yU5f9/UbCe0GPc4bkQPKOxb0zdk0wz6UwHzEs1
yAT/dT9DDJezlej0g7m0Hy39qeR4phnvnMi68PS3jKHfB4M36kDXmrPnpz9Smy28
/V+vCm/YJep3AQ1hIlcwxrWkszgEGqxpp1kvNLZcy8J6vZCc/gUaRwb2qfzSX14M
WPxVnSzeYioPYk1Nz8LC0ZR2IJSB35ASeGzWJqFtT16pzaK1q8pjjFgpqLp9kF88
nImGWg1p2acFbQmeQsyiKwhfuBMmdIGGw09saPw6wC8L72jvzm+V6l5VmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFk+dztvicB5Xf+kOQjQhHZ5MO62MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvV1Q1M08yLUp3SGxkXzZRNUNOQ0Vkbmt3N3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZpLMA0G
CSqGSIb3DQEBCwUAA4IBAQBV3scr0asF9CcnLiCdCYeNfRd5vCXj/0Msxvtr+tRS
55hnl7hXSBvK1zryRC+7+YR3504M/vlba9/vvzv6fzg+jIB3n7GfQFgL4BGgoaJl
g2vft6j/4mQrNwIlE9BAFL0DEk0v7ibqElmnOKjQU9PjTj7Wcu05jydR909stMMM
4r0xuzD/9cY+ZnmtF0F4ie3X4bQokbsi9a/5hJqH4oM6lFZa+rl/WeMIB1tG4CHo
1h4MIVey6mcGn8cMLaUIDZ13pcvNST1eLcnQhZdK+zGKwuSRZGxlW7rOQpqg5qDl
/h3AxCbq3A3ocNQbI6nCYTfxlTn0JxXSc7mdqE6tKUMy
-----END CERTIFICATE-----