This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PTGyUwQacDaGhQIuIZOoa6nTpvk.roa
File:                     PTGyUwQacDaGhQIuIZOoa6nTpvk.roa (raw, json)
Hash identifier:          d8gQY40qBKDSo+9HdrRgdvVvoIeZ+jy7n0T8j5ijwCg=
Subject key identifier:   3D:31:B2:53:04:1A:70:36:86:85:02:2E:21:93:A8:6B:A9:D3:A6:F9
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       019B76EACB4B7CFA4585D200F661DF1ED51B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PTGyUwQacDaGhQIuIZOoa6nTpvk.roa
Signing time:             Thu 01 Jan 2026 00:17:37 +0000
ROA not before:           Thu 01 Jan 2026 00:17:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     198607
IP address blocks:        5.180.49.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:ea:cb:4b:7c:fa:45:85:d2:00:f6:61:df:1e:d5:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 00:17:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3d31b253041a70368685022e2193a86ba9d3a6f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:b5:63:d6:34:55:f5:a8:47:01:2d:49:54:
                    ad:69:20:c2:a8:8e:43:02:ce:28:93:3a:5f:c1:98:
                    72:01:37:a5:34:47:01:01:30:82:1b:0f:aa:67:e4:
                    70:13:de:17:91:9c:c7:46:ef:be:e6:98:54:ca:d8:
                    2c:d9:c3:03:c8:57:70:57:0b:e1:4a:40:18:3a:0f:
                    56:7c:be:be:3e:ae:5c:f4:bc:47:36:d3:a9:35:d7:
                    c8:b9:90:15:1b:e7:b1:b0:47:b6:9d:3d:7c:9b:0d:
                    67:77:96:ac:33:a2:44:33:9a:93:b2:57:5a:e8:ad:
                    e2:da:85:a8:9a:ac:32:5f:f6:97:a1:0b:3a:bc:91:
                    db:2d:53:d6:f9:6d:28:72:b0:03:ff:4c:f3:11:82:
                    b6:3f:c2:62:3a:78:c9:96:08:86:64:f5:b5:c7:85:
                    9b:79:75:84:45:14:d8:42:c1:68:a3:fa:fa:41:17:
                    29:38:e3:b9:b3:54:bb:14:70:3a:d7:88:24:65:b4:
                    71:33:37:1e:0b:e9:3b:b5:5e:84:1c:d1:58:95:bb:
                    ef:1f:8f:98:fb:60:4d:03:70:b9:0c:bf:4d:3c:4d:
                    83:55:31:5b:f6:d2:83:54:1b:84:a9:14:84:68:cd:
                    58:de:a0:4c:8d:ea:f1:9c:8a:63:16:2f:f8:2c:22:
                    c0:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:31:B2:53:04:1A:70:36:86:85:02:2E:21:93:A8:6B:A9:D3:A6:F9
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PTGyUwQacDaGhQIuIZOoa6nTpvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:6e:2e:94:85:d5:5f:d3:99:a5:79:3c:78:65:8e:ce:5a:51:
         d0:68:d2:ac:cb:0c:28:47:f8:0e:97:a2:06:0c:56:8f:e5:69:
         cc:eb:41:d5:39:18:cc:79:39:53:f7:31:c3:6e:2c:4b:99:86:
         20:10:82:1c:10:1c:30:8c:d6:8a:66:16:2f:6c:2e:c7:de:51:
         08:8f:65:fd:ea:f5:ae:47:a9:9c:a6:9e:71:58:ea:dd:3b:b5:
         3d:ab:b5:fc:1a:3d:f3:77:c3:e6:bb:f3:ae:03:0c:c0:51:88:
         92:5e:4a:52:ac:d3:1d:54:ce:0a:ca:9f:4b:56:1c:8d:8f:03:
         e7:52:46:15:ed:c0:8e:af:6f:28:eb:58:0d:80:7f:08:c7:77:
         45:3f:39:11:e0:83:67:79:74:5f:c8:5a:84:b5:c2:22:c0:0b:
         81:33:d0:bb:f8:e4:ff:d4:5e:22:63:1d:cf:d9:ee:71:f4:17:
         5a:84:e8:9d:ca:39:65:ae:1b:3e:0f:e9:cc:10:e6:bf:49:bb:
         62:dc:dd:c2:47:d1:e4:83:d1:0f:6d:8b:91:3b:3f:65:e4:7d:
         c6:72:22:cc:24:66:69:c4:51:25:eb:47:b5:1a:41:61:ba:f9:
         d8:72:2c:22:f5:4b:a2:13:a7:01:a8:d5:7f:35:4a:27:af:c0:
         75:7a:94:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26stLfPpFhdIA9mHfHtUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMTAxMDAxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDMxYjI1MzA0MWE3MDM2ODY4NTAyMmUyMTkzYTg2YmE5ZDNhNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMe1Y9Y0VfWoRwEtSVStaSDCqI5D
As4okzpfwZhyATelNEcBATCCGw+qZ+RwE94XkZzHRu++5phUytgs2cMDyFdwVwvh
SkAYOg9WfL6+Pq5c9LxHNtOpNdfIuZAVG+exsEe2nT18mw1nd5asM6JEM5qTslda
6K3i2oWomqwyX/aXoQs6vJHbLVPW+W0ocrAD/0zzEYK2P8JiOnjJlgiGZPW1x4Wb
eXWERRTYQsFoo/r6QRcpOOO5s1S7FHA614gkZbRxMzceC+k7tV6EHNFYlbvvH4+Y
+2BNA3C5DL9NPE2DVTFb9tKDVBuEqRSEaM1Y3qBMjerxnIpjFi/4LCLA1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0xslMEGnA2hoUCLiGTqGup06b5MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUFRHeVV3UWFjRGFHaFFJdUlaT29hNm5UcHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQxMA0G
CSqGSIb3DQEBCwUAA4IBAQAybi6UhdVf05mleTx4ZY7OWlHQaNKsywwoR/gOl6IG
DFaP5WnM60HVORjMeTlT9zHDbixLmYYgEIIcEBwwjNaKZhYvbC7H3lEIj2X96vWu
R6mcpp5xWOrdO7U9q7X8Gj3zd8Pmu/OuAwzAUYiSXkpSrNMdVM4Kyp9LVhyNjwPn
UkYV7cCOr28o61gNgH8Ix3dFPzkR4INneXRfyFqEtcIiwAuBM9C7+OT/1F4iYx3P
2e5x9BdahOidyjllrhs+D+nMEOa/Sbti3N3CR9Hkg9EPbYuROz9l5H3GciLMJGZp
xFEl60e1GkFhuvnYciwi9UuiE6cBqNV/NUonr8B1epSN
-----END CERTIFICATE-----