This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/twEMmtfBV99HW5nscrfnQhuvuvI.roa
File:                     twEMmtfBV99HW5nscrfnQhuvuvI.roa (raw, json)
Hash identifier:          1xHoOtaqWUst1xovj3fa8KNoOl9YR5tackHlgrLIRQ0=
Subject key identifier:   B7:01:0C:9A:D7:C1:57:DF:47:5B:99:EC:72:B7:E7:42:1B:AF:BA:F2
Certificate issuer:       /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial:       019B7DCAC3717FB8CD6634DFFB3CB2AF2195
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/twEMmtfBV99HW5nscrfnQhuvuvI.roa
Signing time:             Fri 02 Jan 2026 08:19:58 +0000
ROA not before:           Fri 02 Jan 2026 08:19:58 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202571
IP address blocks:        94.184.80.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7d:ca:c3:71:7f:b8:cd:66:34:df:fb:3c:b2:af:21:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
        Validity
            Not Before: Jan  2 08:19:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b7010c9ad7c157df475b99ec72b7e7421bafbaf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:15:b2:91:9a:7a:79:d3:20:d9:1d:b6:52:1b:
                    b5:99:3f:db:7d:a1:17:f1:da:26:cb:4d:43:a2:d4:
                    b1:3f:a7:ac:31:76:8a:9d:81:d9:7f:46:04:e1:57:
                    e1:23:95:83:d9:73:92:58:22:55:70:82:00:b9:0b:
                    b6:51:34:a5:9b:01:05:78:e2:6d:09:b2:6a:df:b3:
                    f6:2b:73:9f:5f:dc:62:24:d8:fa:54:e6:b2:6b:b8:
                    4d:c2:fc:82:01:c4:e0:08:eb:5a:e9:38:a4:da:ec:
                    31:a0:ca:a0:ad:d9:f7:97:14:e6:42:83:f7:cd:4b:
                    fa:c1:91:16:84:95:5f:07:fe:b0:c6:ff:f9:7a:80:
                    ac:46:d6:cc:2b:aa:5a:d7:2b:ab:e4:64:2b:a1:75:
                    73:0d:44:f7:63:2b:9a:1b:4a:ef:ec:4c:7c:f6:03:
                    54:f7:8d:4d:91:05:0a:77:f4:47:a7:62:e9:ea:89:
                    10:44:bd:5e:29:8e:f1:09:0a:f2:91:1c:76:1f:4b:
                    f0:85:76:06:48:79:28:3e:9b:3d:5d:0d:43:0a:c7:
                    f1:50:63:d8:74:df:11:e0:32:ad:a8:32:e5:27:32:
                    4a:74:9c:c5:0f:2a:af:56:23:2c:9d:f0:33:84:cb:
                    9c:99:1a:0e:02:a2:0f:d1:65:9f:b1:6b:b2:23:7b:
                    9f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:01:0C:9A:D7:C1:57:DF:47:5B:99:EC:72:B7:E7:42:1B:AF:BA:F2
            X509v3 Authority Key Identifier:
                keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/twEMmtfBV99HW5nscrfnQhuvuvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.184.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6b:c9:1c:d8:2d:a9:3e:4a:7c:08:ec:e2:1b:28:a6:62:97:87:
         5f:dd:a0:47:6f:f6:06:be:30:d4:c8:b2:f9:d6:47:a9:42:c2:
         44:5e:63:f3:8d:2d:48:41:9e:33:5c:bf:0b:cb:0f:72:c6:09:
         7d:b2:22:15:e6:ac:a9:d4:2d:a7:46:c9:07:07:f5:9a:b3:0e:
         9b:02:b8:89:c3:89:0e:55:cf:5c:1d:e6:59:04:fa:d3:71:1f:
         3c:b7:64:19:40:d7:64:a0:c6:60:2d:cd:c2:48:00:0c:be:1b:
         4d:87:f9:bd:02:71:c0:c6:88:6a:42:1c:21:39:2c:6a:e2:07:
         d9:dc:51:97:d9:b4:0f:55:b7:4d:3c:e5:a7:52:88:94:42:12:
         89:03:76:8f:47:10:c4:99:9b:49:9e:14:26:e0:6d:9a:f4:56:
         8f:7a:08:70:83:30:b1:28:d5:39:9c:d9:7c:1f:47:18:59:63:
         50:bc:08:c1:a2:2e:66:d1:0e:57:ac:8f:00:50:78:02:02:0e:
         81:c6:7b:fc:2d:01:33:91:19:b0:04:61:05:b3:ff:78:b7:2a:
         f6:91:73:df:8e:21:1a:28:da:5e:74:3b:ed:17:95:db:da:98:
         c3:3d:39:4e:37:f6:68:d0:51:df:42:7e:41:69:3d:6c:ee:e3:
         40:a9:a8:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9ysNxf7jNZjTf+zyyryGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjYwMTAyMDgxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAxMGM5YWQ3YzE1N2RmNDc1Yjk5ZWM3MmI3ZTc0MjFiYWZiYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxWykZp6edMg2R22Uhu1mT/bfaEX
8domy01DotSxP6esMXaKnYHZf0YE4VfhI5WD2XOSWCJVcIIAuQu2UTSlmwEFeOJt
CbJq37P2K3OfX9xiJNj6VOaya7hNwvyCAcTgCOta6Tik2uwxoMqgrdn3lxTmQoP3
zUv6wZEWhJVfB/6wxv/5eoCsRtbMK6pa1yur5GQroXVzDUT3YyuaG0rv7Ex89gNU
941NkQUKd/RHp2Lp6okQRL1eKY7xCQrykRx2H0vwhXYGSHkoPps9XQ1DCsfxUGPY
dN8R4DKtqDLlJzJKdJzFDyqvViMsnfAzhMucmRoOAqIP0WWfsWuyI3ufJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcBDJrXwVffR1uZ7HK350Ibr7ryMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvdHdFTW10ZkJWOTlIVzVuc2NyZm5RaHV2dXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXrhQMA0G
CSqGSIb3DQEBCwUAA4IBAQBryRzYLak+SnwI7OIbKKZil4df3aBHb/YGvjDUyLL5
1kepQsJEXmPzjS1IQZ4zXL8Lyw9yxgl9siIV5qyp1C2nRskHB/Wasw6bAriJw4kO
Vc9cHeZZBPrTcR88t2QZQNdkoMZgLc3CSAAMvhtNh/m9AnHAxohqQhwhOSxq4gfZ
3FGX2bQPVbdNPOWnUoiUQhKJA3aPRxDEmZtJnhQm4G2a9FaPeghwgzCxKNU5nNl8
H0cYWWNQvAjBoi5m0Q5XrI8AUHgCAg6Bxnv8LQEzkRmwBGEFs/94tyr2kXPfjiEa
KNpedDvtF5Xb2pjDPTlON/Zo0FHfQn5BaT1s7uNAqai2
-----END CERTIFICATE-----