This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/WWUJ0b2mKsJU4aWCDcCYWe3B3Q8.roa
File:                     WWUJ0b2mKsJU4aWCDcCYWe3B3Q8.roa (raw, json)
Hash identifier:          OR5UXYV6xuApBIfkbkR4RJywXInN6wryK+o2woE8n2A=
Subject key identifier:   59:65:09:D1:BD:A6:2A:C2:54:E1:A5:82:0D:C0:98:59:ED:C1:DD:0F
Certificate issuer:       /CN=261b941dbe59651fafbba9724a12775e07edb635
Certificate serial:       019B79ECDA053BD147E552437066591434AC
Authority key identifier: 26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/WWUJ0b2mKsJU4aWCDcCYWe3B3Q8.roa
Signing time:             Thu 01 Jan 2026 14:18:44 +0000
ROA not before:           Thu 01 Jan 2026 14:18:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3215
IP address blocks:        185.172.152.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/JhuUHb5ZZR-vu6lyShJ3XgfttjU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/JhuUHb5ZZR-vu6lyShJ3XgfttjU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:da:05:3b:d1:47:e5:52:43:70:66:59:14:34:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=261b941dbe59651fafbba9724a12775e07edb635
        Validity
            Not Before: Jan  1 14:18:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=596509d1bda62ac254e1a5820dc09859edc1dd0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:28:54:53:96:5d:51:b2:62:57:72:d1:a7:8b:
                    27:e7:51:43:e5:55:7d:7c:dd:28:8f:a7:d4:c7:0b:
                    38:51:36:4e:94:fd:ca:f2:06:7f:e3:a8:3a:d0:a9:
                    84:99:2f:1f:f9:8f:20:79:ad:a1:10:12:20:4f:27:
                    f1:12:84:56:46:45:dd:ed:bf:b9:e1:12:fe:d7:5b:
                    2b:ee:2b:bf:23:e6:db:84:22:cc:6c:92:74:39:cc:
                    04:8c:da:92:1e:ce:92:bc:f9:85:2b:8b:83:60:14:
                    d3:ae:c7:74:28:38:6c:e6:b2:61:d5:17:f0:23:78:
                    74:5b:b9:bd:07:25:5d:a7:75:1d:f7:68:e3:16:97:
                    d9:3b:c9:e2:ad:67:94:d9:2d:36:7b:a8:db:69:e7:
                    0f:74:f8:cd:73:fa:a0:17:70:c9:8d:33:c5:c9:31:
                    87:30:34:25:bc:07:14:3b:16:b3:ad:31:37:3a:aa:
                    c7:fc:11:e0:20:8a:d3:9b:f2:1f:e5:64:cd:71:a4:
                    5f:5d:0e:cc:1d:d6:09:b7:78:d8:3f:0f:4f:68:f3:
                    70:71:65:1c:24:3f:b6:1b:27:fd:43:ad:7e:13:80:
                    bd:57:8e:16:46:64:a9:0b:aa:9b:d2:76:d7:04:1d:
                    08:99:12:77:59:e6:99:c1:27:00:ce:49:83:de:6e:
                    a1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:65:09:D1:BD:A6:2A:C2:54:E1:A5:82:0D:C0:98:59:ED:C1:DD:0F
            X509v3 Authority Key Identifier:
                keyid:26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/WWUJ0b2mKsJU4aWCDcCYWe3B3Q8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/JhuUHb5ZZR-vu6lyShJ3XgfttjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:a0:2b:f3:c2:07:fc:c4:b7:23:f0:ba:1e:a0:d7:cc:c8:dd:
         1d:7e:6b:86:52:2b:f0:92:d5:29:1f:32:d8:46:59:df:4c:09:
         f0:33:ee:4a:ee:04:63:e1:af:c0:de:6b:6c:b3:b8:a9:fd:10:
         43:b2:73:a3:39:c8:e6:cd:fe:4f:ce:4a:90:df:42:63:93:df:
         ae:b8:3a:00:5d:c5:e9:e3:55:c4:62:a5:bd:a5:23:7e:84:ba:
         4a:7b:56:8c:21:57:5d:a0:67:43:71:5c:c3:da:bc:50:ed:fa:
         58:92:69:ec:0b:33:7e:c1:f6:ba:35:08:31:8a:06:b6:8d:f0:
         7d:06:0c:6b:48:33:c4:52:3c:9a:7a:76:35:ea:95:45:07:01:
         90:5a:e8:70:37:27:c1:9f:6e:0b:ae:4d:12:7b:71:c7:df:c0:
         94:4c:ec:00:c6:05:2b:66:1a:da:f4:dd:b7:50:87:0f:10:85:
         0e:15:60:54:bf:60:68:75:05:ec:d0:74:eb:f3:39:ff:27:c9:
         35:d0:10:5d:7e:52:8f:90:fe:b8:00:a4:03:ec:57:99:e3:a0:
         a5:e4:de:91:7d:32:69:ad:61:ba:6f:6a:81:f7:55:60:06:51:
         86:6b:53:f7:be:be:9a:f0:8a:49:04:81:00:bb:56:de:df:74:
         13:4b:93:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57NoFO9FH5VJDcGZZFDSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MWI5NDFkYmU1OTY1MWZhZmJiYTk3MjRhMTI3NzVlMDdl
ZGI2MzUwHhcNMjYwMTAxMTQxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTY1MDlkMWJkYTYyYWMyNTRlMWE1ODIwZGMwOTg1OWVkYzFkZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyhUU5ZdUbJiV3LRp4sn51FD5VV9
fN0oj6fUxws4UTZOlP3K8gZ/46g60KmEmS8f+Y8gea2hEBIgTyfxEoRWRkXd7b+5
4RL+11sr7iu/I+bbhCLMbJJ0OcwEjNqSHs6SvPmFK4uDYBTTrsd0KDhs5rJh1Rfw
I3h0W7m9ByVdp3Ud92jjFpfZO8nirWeU2S02e6jbaecPdPjNc/qgF3DJjTPFyTGH
MDQlvAcUOxazrTE3OqrH/BHgIIrTm/If5WTNcaRfXQ7MHdYJt3jYPw9PaPNwcWUc
JD+2Gyf9Q61+E4C9V44WRmSpC6qb0nbXBB0ImRJ3WeaZwScAzkmD3m6hbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFllCdG9pirCVOGlgg3AmFntwd0PMB8GA1UdIwQY
MBaAFCYblB2+WWUfr7upckoSd14H7bY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAt
Yjk4ZGY1NDRiYzIwLzEvV1dVSjBiMm1Lc0pVNGFXQ0RjQ1lXZTNCM1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAtYjk4ZGY1NDRiYzIw
LzEvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuayYMA0G
CSqGSIb3DQEBCwUAA4IBAQCwoCvzwgf8xLcj8LoeoNfMyN0dfmuGUivwktUpHzLY
RlnfTAnwM+5K7gRj4a/A3mtss7ip/RBDsnOjOcjmzf5PzkqQ30Jjk9+uuDoAXcXp
41XEYqW9pSN+hLpKe1aMIVddoGdDcVzD2rxQ7fpYkmnsCzN+wfa6NQgxiga2jfB9
BgxrSDPEUjyaenY16pVFBwGQWuhwNyfBn24Lrk0Se3HH38CUTOwAxgUrZhra9N23
UIcPEIUOFWBUv2BodQXs0HTr8zn/J8k10BBdflKPkP64AKQD7FeZ46Cl5N6RfTJp
rWG6b2qB91VgBlGGa1P3vr6a8IpJBIEAu1be33QTS5PA
-----END CERTIFICATE-----