This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/cWmuz8rWpsLyYzFuVbnm5r2sozM.roa
File:                     cWmuz8rWpsLyYzFuVbnm5r2sozM.roa (raw, json)
Hash identifier:          j0YU3bB3glv/xEPniuCcBHAL2FOz8BwUw+pnEkDQbqM=
Subject key identifier:   71:69:AE:CF:CA:D6:A6:C2:F2:63:31:6E:55:B9:E6:E6:BD:AC:A3:33
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       019B783523827C6492B3EC1C81559E954BD3
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/cWmuz8rWpsLyYzFuVbnm5r2sozM.roa
Signing time:             Thu 01 Jan 2026 06:18:27 +0000
ROA not before:           Thu 01 Jan 2026 06:18:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211826
IP address blocks:        80.83.91.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 06:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:23:82:7c:64:92:b3:ec:1c:81:55:9e:95:4b:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Jan  1 06:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7169aecfcad6a6c2f263316e55b9e6e6bdaca333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:da:7a:6d:6d:6b:d4:19:f3:c9:89:da:ef:f6:
                    16:d1:45:8e:f3:26:67:32:86:1a:4e:7b:b6:e4:46:
                    be:4d:58:a4:1a:c0:e4:eb:68:a4:13:27:39:c2:00:
                    b4:4c:6d:73:29:41:97:87:9a:7c:12:17:d5:09:aa:
                    cb:cb:37:5d:14:1c:ed:9a:19:f8:c4:ee:ba:1b:99:
                    46:92:6d:5d:9b:cb:38:15:58:d3:6b:52:21:1a:7b:
                    02:c2:b6:60:31:01:7e:3c:9f:9d:9f:74:79:07:f6:
                    f7:ba:c1:89:32:99:a2:2d:ba:39:ba:d8:d2:cf:9c:
                    49:e6:c1:e4:b5:b8:26:de:79:d3:fa:4d:81:66:47:
                    27:9b:47:87:31:38:be:84:96:69:b7:e7:f9:62:95:
                    3b:70:d6:01:2d:2c:a5:d5:50:97:d3:9d:5c:bb:87:
                    ec:f7:f1:6b:7a:20:43:19:91:54:ef:b3:31:22:20:
                    7c:5e:81:bd:32:2d:18:7f:43:28:b5:92:e7:f3:d9:
                    3d:d3:d9:03:87:ae:67:56:c9:4a:87:1d:62:45:37:
                    fc:25:15:ab:28:9b:66:19:83:a9:3f:2a:08:34:6a:
                    9e:ef:53:03:db:4d:ac:cf:bd:ea:ac:3f:c1:1e:cf:
                    84:f8:98:d2:1b:38:95:f6:cb:e1:b7:f2:35:3c:58:
                    79:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:69:AE:CF:CA:D6:A6:C2:F2:63:31:6E:55:B9:E6:E6:BD:AC:A3:33
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/cWmuz8rWpsLyYzFuVbnm5r2sozM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.83.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:33:bd:71:32:b3:5d:57:7d:38:72:d2:63:c9:aa:ec:cd:55:
         75:3b:73:d5:8d:a6:76:ab:c6:e2:37:d2:e6:46:d7:28:c0:57:
         75:76:9b:ea:8a:a0:62:d8:03:a1:f8:90:bb:c5:96:92:ca:3f:
         9d:e1:d6:8f:18:2c:7e:e0:1a:13:b8:51:cb:0b:cd:30:a6:d5:
         5a:75:ab:a4:18:bf:35:db:6c:bb:58:f7:5f:af:2d:6b:00:7c:
         e6:6d:92:a7:38:32:da:22:b3:04:e1:18:ca:7f:ee:f5:af:d1:
         b6:03:07:97:a2:ee:4a:3d:a1:87:18:bc:91:e0:c7:fe:d8:aa:
         da:d5:e8:42:78:29:5b:3d:9b:9f:d8:f3:ce:47:2f:78:e8:fc:
         ea:73:08:89:23:5b:44:4d:61:b7:9d:e6:fe:b6:89:d0:f0:a5:
         0d:2d:36:ab:85:4b:04:e0:e2:7b:66:43:cb:c0:37:19:ec:86:
         77:6b:c4:fd:82:91:56:c2:05:79:49:a7:69:d8:5a:05:07:f2:
         52:95:ed:77:61:d9:db:a8:6c:c6:7d:d9:e8:9c:02:58:2b:b8:
         9e:3c:68:57:1c:5d:c5:63:58:55:4b:d1:09:78:84:1c:37:2c:
         bc:1e:7b:6e:06:56:52:b3:e9:df:52:8a:c1:ae:9d:b8:a7:79:
         a9:aa:f8:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NSOCfGSSs+wcgVWelUvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjYwMTAxMDYxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTY5YWVjZmNhZDZhNmMyZjI2MzMxNmU1NWI5ZTZlNmJkYWNhMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdp6bW1r1BnzyYna7/YW0UWO8yZn
MoYaTnu25Ea+TVikGsDk62ikEyc5wgC0TG1zKUGXh5p8EhfVCarLyzddFBztmhn4
xO66G5lGkm1dm8s4FVjTa1IhGnsCwrZgMQF+PJ+dn3R5B/b3usGJMpmiLbo5utjS
z5xJ5sHktbgm3nnT+k2BZkcnm0eHMTi+hJZpt+f5YpU7cNYBLSyl1VCX051cu4fs
9/FreiBDGZFU77MxIiB8XoG9Mi0Yf0MotZLn89k909kDh65nVslKhx1iRTf8JRWr
KJtmGYOpPyoINGqe71MD202sz73qrD/BHs+E+JjSGziV9svht/I1PFh5gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFprs/K1qbC8mMxblW55ua9rKMzMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvY1dtdXo4cldwc0x5WXpGdVZibm01cjJzb3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFNbMA0G
CSqGSIb3DQEBCwUAA4IBAQBeM71xMrNdV304ctJjyarszVV1O3PVjaZ2q8biN9Lm
RtcowFd1dpvqiqBi2AOh+JC7xZaSyj+d4daPGCx+4BoTuFHLC80wptVadaukGL81
22y7WPdfry1rAHzmbZKnODLaIrME4RjKf+71r9G2AweXou5KPaGHGLyR4Mf+2Kra
1ehCeClbPZuf2PPORy946PzqcwiJI1tETWG3neb+tonQ8KUNLTarhUsE4OJ7ZkPL
wDcZ7IZ3a8T9gpFWwgV5Sadp2FoFB/JSle13YdnbqGzGfdnonAJYK7iePGhXHF3F
Y1hVS9EJeIQcNyy8HntuBlZSs+nfUorBrp24p3mpqvhW
-----END CERTIFICATE-----