This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/UUMyTjiCqTOJ9RxzyslUJ28NkGE.roa
File:                     UUMyTjiCqTOJ9RxzyslUJ28NkGE.roa (raw, json)
Hash identifier:          LT6KzYJU9uNZJmsZb9G6zfqBp9thSTQ3sJt1lTbYuNo=
Subject key identifier:   51:43:32:4E:38:82:A9:33:89:F5:1C:73:CA:C9:54:27:6F:0D:90:61
Certificate issuer:       /CN=5b2528dc075d51e73ee0d090e1d2a1f5cfae8ffb
Certificate serial:       019B79ED36D602BC6789A5B402606E1DFDF6
Authority key identifier: 5B:25:28:DC:07:5D:51:E7:3E:E0:D0:90:E1:D2:A1:F5:CF:AE:8F:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WyUo3AddUec-4NCQ4dKh9c-uj_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/UUMyTjiCqTOJ9RxzyslUJ28NkGE.roa
Signing time:             Thu 01 Jan 2026 14:19:07 +0000
ROA not before:           Thu 01 Jan 2026 14:19:07 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     49556
IP address blocks:        185.94.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/WyUo3AddUec-4NCQ4dKh9c-uj_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/WyUo3AddUec-4NCQ4dKh9c-uj_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WyUo3AddUec-4NCQ4dKh9c-uj_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:36:d6:02:bc:67:89:a5:b4:02:60:6e:1d:fd:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b2528dc075d51e73ee0d090e1d2a1f5cfae8ffb
        Validity
            Not Before: Jan  1 14:19:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5143324e3882a93389f51c73cac954276f0d9061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d7:49:7e:ff:70:03:9b:7f:51:a1:57:2e:16:
                    1c:c8:d4:7b:c0:d2:b4:e8:e5:c8:79:18:d7:d6:f4:
                    16:e6:06:5c:e3:e2:7b:05:83:2f:7b:7b:9e:5e:2d:
                    9c:0a:90:58:90:a5:c4:31:ae:c5:af:a7:32:d8:ac:
                    d2:11:3b:f3:b6:6f:3b:91:f8:70:19:2f:f2:a6:13:
                    fc:93:20:33:56:91:3b:a5:28:fa:ef:9f:59:12:32:
                    ff:5c:10:eb:d5:f7:4b:9a:b7:7e:1e:77:74:c5:23:
                    3e:5c:8f:85:7d:6b:e3:9a:d3:a7:94:0d:1a:1b:85:
                    0f:4f:09:e6:3f:5b:b3:c9:8b:3c:d3:38:37:ee:27:
                    96:a8:c4:68:e5:26:31:1a:1f:c8:fa:cc:5f:9a:b5:
                    e7:8e:eb:60:ff:89:42:76:5e:2e:04:4e:92:55:0a:
                    cd:07:9b:14:84:80:39:23:53:0a:e5:13:ab:cd:f2:
                    bc:d4:d4:1c:41:f1:e0:46:a0:61:4c:f0:08:e6:5a:
                    80:db:98:23:90:06:24:ed:83:93:12:f5:ec:f2:ce:
                    56:69:f6:39:c5:e4:f9:cd:ff:bd:78:c9:6e:25:8a:
                    7a:30:5c:69:3c:ee:c5:cb:92:12:e3:23:89:02:8f:
                    5b:6c:5d:4f:2e:d5:8e:95:b7:b9:3b:9d:8f:b8:ea:
                    11:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:43:32:4E:38:82:A9:33:89:F5:1C:73:CA:C9:54:27:6F:0D:90:61
            X509v3 Authority Key Identifier:
                keyid:5B:25:28:DC:07:5D:51:E7:3E:E0:D0:90:E1:D2:A1:F5:CF:AE:8F:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WyUo3AddUec-4NCQ4dKh9c-uj_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/UUMyTjiCqTOJ9RxzyslUJ28NkGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/03bd39-f9e6-4e39-baff-c2941214cb96/1/WyUo3AddUec-4NCQ4dKh9c-uj_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.94.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:34:e3:3f:07:5a:e1:d0:ff:37:05:aa:fe:b2:9e:11:ac:08:
         76:b1:14:9e:74:4b:40:a6:14:0b:5a:80:96:a7:ad:fa:aa:8c:
         06:d2:36:8f:7e:7e:13:28:b5:68:c8:13:43:d1:9d:7f:16:de:
         a1:77:4e:48:7b:4e:9d:e3:79:71:c7:ef:3b:47:7e:b6:2b:b4:
         07:ef:5e:d7:d1:de:70:06:79:d1:f6:3f:1e:90:3e:ce:45:69:
         09:2e:5c:ec:e4:31:3b:51:16:56:7b:ad:3a:50:1e:a9:9c:38:
         75:7a:bf:cf:ad:55:8f:47:46:df:5a:91:ce:0f:b6:16:ae:a9:
         59:ba:1c:7c:18:79:ec:d2:ad:89:2f:2d:be:40:b4:07:2f:1f:
         f8:9d:8c:73:4c:63:16:02:97:6d:ba:08:de:b0:f8:4d:dc:95:
         55:6b:d5:1b:4d:92:e3:4a:05:51:fb:18:4d:47:21:fe:9c:85:
         b0:3e:1e:36:e5:9d:6f:19:4e:8d:20:fe:81:3e:ad:39:e7:17:
         1a:c7:97:50:a1:db:10:a2:97:f3:a3:ea:46:d2:86:d2:25:54:
         db:f9:d0:8e:e3:96:93:58:b2:2d:37:9f:e9:e8:c3:93:f1:e5:
         a6:fe:7c:7a:7a:51:b1:a4:29:b7:f3:f0:62:3e:f3:16:af:02:
         4e:75:da:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57TbWArxniaW0AmBuHf32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMjUyOGRjMDc1ZDUxZTczZWUwZDA5MGUxZDJhMWY1Y2Zh
ZThmZmIwHhcNMjYwMTAxMTQxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQzMzI0ZTM4ODJhOTMzODlmNTFjNzNjYWM5NTQyNzZmMGQ5MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwddJfv9wA5t/UaFXLhYcyNR7wNK0
6OXIeRjX1vQW5gZc4+J7BYMve3ueXi2cCpBYkKXEMa7Fr6cy2KzSETvztm87kfhw
GS/yphP8kyAzVpE7pSj6759ZEjL/XBDr1fdLmrd+Hnd0xSM+XI+FfWvjmtOnlA0a
G4UPTwnmP1uzyYs80zg37ieWqMRo5SYxGh/I+sxfmrXnjutg/4lCdl4uBE6SVQrN
B5sUhIA5I1MK5ROrzfK81NQcQfHgRqBhTPAI5lqA25gjkAYk7YOTEvXs8s5WafY5
xeT5zf+9eMluJYp6MFxpPO7Fy5IS4yOJAo9bbF1PLtWOlbe5O52PuOoR7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFDMk44gqkzifUcc8rJVCdvDZBhMB8GA1UdIwQY
MBaAFFslKNwHXVHnPuDQkOHSofXPro/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3lVbzNBZGRVZWMtNE5DUTRkS2g5Yy11al9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wM2JkMzktZjllNi00ZTM5LWJhZmYt
YzI5NDEyMTRjYjk2LzEvVVVNeVRqaUNxVE9KOVJ4enlzbFVKMjhOa0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wM2JkMzktZjllNi00ZTM5LWJhZmYtYzI5NDEyMTRjYjk2
LzEvV3lVbzNBZGRVZWMtNE5DUTRkS2g5Yy11al9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV61MA0G
CSqGSIb3DQEBCwUAA4IBAQC7NOM/B1rh0P83Bar+sp4RrAh2sRSedEtAphQLWoCW
p636qowG0jaPfn4TKLVoyBND0Z1/Ft6hd05Ie06d43lxx+87R362K7QH717X0d5w
BnnR9j8ekD7ORWkJLlzs5DE7URZWe606UB6pnDh1er/PrVWPR0bfWpHOD7YWrqlZ
uhx8GHns0q2JLy2+QLQHLx/4nYxzTGMWApdtugjesPhN3JVVa9UbTZLjSgVR+xhN
RyH+nIWwPh425Z1vGU6NIP6BPq055xcax5dQodsQopfzo+pG0obSJVTb+dCO45aT
WLItN5/p6MOT8eWm/nx6elGxpCm38/BiPvMWrwJOddpg
-----END CERTIFICATE-----