This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/UPuwaOxvAn_WKqweTSAjA0k5KMc.roa
File:                     UPuwaOxvAn_WKqweTSAjA0k5KMc.roa (raw, json)
Hash identifier:          1l216jqafFRv6rwVNGY7SG/c/eKsgMl5lwtfNPrMUB4=
Subject key identifier:   50:FB:B0:68:EC:6F:02:7F:D6:2A:AC:1E:4D:20:23:03:49:39:28:C7
Certificate issuer:       /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial:       019B7E38568B69A8CBDDD979D8E8C4078B4A
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/UPuwaOxvAn_WKqweTSAjA0k5KMc.roa
Signing time:             Fri 02 Jan 2026 10:19:39 +0000
ROA not before:           Fri 02 Jan 2026 10:19:39 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     207269
IP address blocks:        45.153.180.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:56:8b:69:a8:cb:dd:d9:79:d8:e8:c4:07:8b:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
        Validity
            Not Before: Jan  2 10:19:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=50fbb068ec6f027fd62aac1e4d202303493928c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f0:08:79:22:6d:73:62:f0:1e:a6:26:b8:5e:
                    32:20:4d:af:7b:5e:28:2f:bb:7b:75:3e:2c:ad:86:
                    30:af:61:11:46:79:cb:6a:fe:27:ea:f2:20:60:96:
                    23:d9:f1:4b:aa:cf:99:eb:c3:4d:1b:f1:57:a2:3d:
                    d9:65:bb:c1:aa:f8:df:7d:66:1e:16:fd:84:6c:0f:
                    d1:ca:b1:7a:25:5c:72:63:c5:ca:01:b5:d0:e8:b4:
                    44:bf:d6:f0:c4:02:00:4b:e1:7a:e3:5c:56:65:4e:
                    1c:82:7c:53:6d:6e:51:b2:aa:45:91:6f:57:3c:d2:
                    a9:d6:bb:1c:5b:76:74:07:71:ca:cb:f0:36:41:90:
                    19:aa:84:4a:5e:ef:9e:8d:43:0c:1f:9d:36:80:59:
                    77:db:03:e8:fe:12:ff:36:24:80:3f:07:fe:b0:9a:
                    ef:1e:2d:2e:49:f7:6e:2a:9d:d8:a4:7f:5d:75:79:
                    c7:7d:39:56:ff:a4:c7:21:9c:8a:26:34:1e:70:b7:
                    34:92:f0:36:1a:e1:d8:bd:3a:4f:cc:9b:3f:2b:21:
                    af:22:7b:09:7d:64:a1:0c:8b:e5:46:8d:be:d2:43:
                    0d:0d:49:c7:d2:25:f3:ce:5f:3a:43:7d:0c:53:71:
                    16:28:b0:99:17:07:af:23:05:58:6d:d1:d1:cc:f0:
                    4b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:FB:B0:68:EC:6F:02:7F:D6:2A:AC:1E:4D:20:23:03:49:39:28:C7
            X509v3 Authority Key Identifier:
                keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/UPuwaOxvAn_WKqweTSAjA0k5KMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:15:90:d0:1b:3c:fd:2d:9f:fc:ff:48:4e:c6:66:08:d0:6e:
         38:fb:68:93:50:41:3a:c1:d5:66:94:07:fd:54:a4:1d:92:62:
         d7:c7:f9:b9:fb:00:f8:ba:bb:54:14:f0:5a:bc:bb:eb:f9:78:
         d9:15:6d:4a:a5:50:61:17:17:a1:bc:43:da:12:8c:d9:3b:3d:
         bb:a1:cf:70:a2:9c:11:82:e0:d4:db:3e:df:12:ec:c7:6e:f0:
         10:06:6f:40:bc:9e:a3:d6:7d:9d:76:dc:7d:39:4f:c4:3b:80:
         2e:5c:1a:57:fc:43:c7:5a:37:8a:69:df:8f:21:2c:ac:31:0b:
         94:9d:4c:77:c5:53:cf:57:51:67:c4:19:3d:e1:61:b4:9d:d3:
         cb:ba:24:69:65:8b:88:8e:a1:71:11:86:86:c2:d8:4c:6d:ec:
         55:cd:c5:0f:67:0e:84:32:af:3b:a5:17:60:2e:d9:6d:8b:71:
         dd:50:68:ce:11:24:f3:31:51:a2:75:15:50:c1:d4:bd:9f:ad:
         93:68:01:b6:7f:00:ce:35:81:3d:f2:b8:29:08:f1:45:dd:b6:
         df:5e:ba:fb:be:98:a8:60:c4:44:90:0e:b0:8a:70:37:bd:7c:
         d0:48:6f:f4:86:a6:2c:3b:07:3f:8a:dc:2e:86:e1:dc:9e:f9:
         06:8c:25:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OFaLaajL3dl52OjEB4tKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjYwMTAyMTAxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZiYjA2OGVjNmYwMjdmZDYyYWFjMWU0ZDIwMjMwMzQ5MzkyOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfAIeSJtc2LwHqYmuF4yIE2ve14o
L7t7dT4srYYwr2ERRnnLav4n6vIgYJYj2fFLqs+Z68NNG/FXoj3ZZbvBqvjffWYe
Fv2EbA/RyrF6JVxyY8XKAbXQ6LREv9bwxAIAS+F641xWZU4cgnxTbW5RsqpFkW9X
PNKp1rscW3Z0B3HKy/A2QZAZqoRKXu+ejUMMH502gFl32wPo/hL/NiSAPwf+sJrv
Hi0uSfduKp3YpH9ddXnHfTlW/6THIZyKJjQecLc0kvA2GuHYvTpPzJs/KyGvInsJ
fWShDIvlRo2+0kMNDUnH0iXzzl86Q30MU3EWKLCZFwevIwVYbdHRzPBL7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFD7sGjsbwJ/1iqsHk0gIwNJOSjHMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvVVB1d2FPeHZBbl9XS3F3ZVRTQWpBMGs1S01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZm0MA0G
CSqGSIb3DQEBCwUAA4IBAQCjFZDQGzz9LZ/8/0hOxmYI0G44+2iTUEE6wdVmlAf9
VKQdkmLXx/m5+wD4urtUFPBavLvr+XjZFW1KpVBhFxehvEPaEozZOz27oc9wopwR
guDU2z7fEuzHbvAQBm9AvJ6j1n2ddtx9OU/EO4AuXBpX/EPHWjeKad+PISysMQuU
nUx3xVPPV1FnxBk94WG0ndPLuiRpZYuIjqFxEYaGwthMbexVzcUPZw6EMq87pRdg
Ltlti3HdUGjOESTzMVGidRVQwdS9n62TaAG2fwDONYE98rgpCPFF3bbfXrr7vpio
YMREkA6winA3vXzQSG/0hqYsOwc/itwuhuHcnvkGjCUq
-----END CERTIFICATE-----