This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/shwWHH59CwEK5l3nYzgvrpyDADs.roa
File:                     shwWHH59CwEK5l3nYzgvrpyDADs.roa (raw, json)
Hash identifier:          Xxgj4+MGImPO/BRjCoJfEL8QyT6UC4SQ9MovxKsATjQ=
Subject key identifier:   B2:1C:16:1C:7E:7D:0B:01:0A:E6:5D:E7:63:38:2F:AE:9C:83:00:3B
Certificate issuer:       /CN=ddb71471373bb0603c356eeded4b918292b5beee
Certificate serial:       019B79114351C1325078ED06DF542924F7A3
Authority key identifier: DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/shwWHH59CwEK5l3nYzgvrpyDADs.roa
Signing time:             Thu 01 Jan 2026 10:18:53 +0000
ROA not before:           Thu 01 Jan 2026 10:18:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     33915
IP address blocks:        145.8.180.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:11:43:51:c1:32:50:78:ed:06:df:54:29:24:f7:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb71471373bb0603c356eeded4b918292b5beee
        Validity
            Not Before: Jan  1 10:18:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b21c161c7e7d0b010ae65de763382fae9c83003b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c7:10:ac:0f:f4:2d:c2:81:8c:41:a0:7d:29:
                    dc:2f:fc:0d:df:11:40:d5:97:1b:96:73:3f:e5:5a:
                    dc:18:18:22:0c:16:25:5f:e8:0c:cb:23:e4:5e:b8:
                    59:8a:b0:31:fc:e1:0b:8d:18:ca:49:3d:9d:b3:5c:
                    92:6d:01:8c:07:7e:ea:86:18:29:46:d7:c3:40:03:
                    b7:32:05:96:78:1f:4c:d4:d1:c0:fd:3b:a9:80:02:
                    97:24:34:4d:d4:f3:7f:33:64:03:e0:98:f4:a7:6b:
                    13:2a:92:64:7c:06:f2:01:d5:6b:1e:e9:9c:45:b6:
                    0d:06:3d:5a:3b:26:b5:39:d0:e8:5e:e5:0d:94:7d:
                    a0:a5:69:fb:36:0d:34:df:4b:5e:79:f3:a3:a6:83:
                    e2:a4:24:55:ef:0e:5d:55:60:a0:9e:bc:26:9a:f4:
                    0c:1b:c9:2e:63:18:ea:2c:3e:06:7b:04:59:c1:aa:
                    17:e5:82:d0:41:bf:6e:c1:15:7a:4b:87:f1:48:ae:
                    1b:91:11:b3:b4:d3:78:de:ff:72:91:97:f9:d4:f4:
                    1e:64:3e:bb:22:76:d2:ed:32:6d:38:ea:ce:cc:70:
                    0e:6a:5a:51:7b:da:0f:04:ec:78:1c:ee:42:f9:a8:
                    af:2d:d1:d4:4b:7c:65:7e:e5:cb:46:cf:2f:98:f1:
                    d7:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:1C:16:1C:7E:7D:0B:01:0A:E6:5D:E7:63:38:2F:AE:9C:83:00:3B
            X509v3 Authority Key Identifier:
                keyid:DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/shwWHH59CwEK5l3nYzgvrpyDADs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.8.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:67:d9:f7:b8:83:09:d2:97:e9:a9:56:36:de:7d:d3:27:2e:
         6a:a5:2b:67:8e:b4:c3:d7:03:64:eb:cb:45:c7:a7:62:dc:00:
         a7:7c:45:cd:51:3f:d9:a9:ed:53:7e:b1:16:93:ff:a6:e8:3b:
         bd:fb:e8:38:3e:17:b5:06:b2:15:e6:b1:0d:5d:e6:76:1e:98:
         47:b8:ce:85:ab:5a:7b:aa:a4:a0:7e:65:e9:98:66:b2:40:9f:
         e7:e0:27:1d:df:ff:16:ed:9b:3e:2d:71:1b:77:4e:53:5e:56:
         16:be:1a:0d:7f:76:c3:b8:bc:50:fd:ac:2a:3c:90:8d:1d:ee:
         35:aa:05:70:3a:8b:bf:f7:86:8d:a4:2b:91:bb:24:3e:09:fc:
         e8:74:f3:13:4f:72:ab:a0:57:77:2b:d7:65:91:a1:e5:db:37:
         b4:49:b4:18:b5:25:f8:7b:93:06:c8:9a:0e:dd:62:57:0e:23:
         85:0c:72:53:4d:b1:aa:93:49:28:55:4a:a0:a2:65:88:5d:77:
         86:56:b9:c6:2a:d3:db:2d:b2:c2:7d:fd:80:c7:3d:3c:39:43:
         1e:62:f1:93:c1:9f:75:21:85:a5:e1:ff:d5:e5:63:d5:2c:1f:
         6c:56:f7:a1:77:4f:c0:4b:c0:74:66:73:81:f6:5d:dd:8e:28:
         ae:27:20:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EUNRwTJQeO0G31QpJPejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjcxNDcxMzczYmIwNjAzYzM1NmVlZGVkNGI5MTgyOTJi
NWJlZWUwHhcNMjYwMTAxMTAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFjMTYxYzdlN2QwYjAxMGFlNjVkZTc2MzM4MmZhZTljODMwMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0scQrA/0LcKBjEGgfSncL/wN3xFA
1ZcblnM/5VrcGBgiDBYlX+gMyyPkXrhZirAx/OELjRjKST2ds1ySbQGMB37qhhgp
RtfDQAO3MgWWeB9M1NHA/TupgAKXJDRN1PN/M2QD4Jj0p2sTKpJkfAbyAdVrHumc
RbYNBj1aOya1OdDoXuUNlH2gpWn7Ng0030teefOjpoPipCRV7w5dVWCgnrwmmvQM
G8kuYxjqLD4GewRZwaoX5YLQQb9uwRV6S4fxSK4bkRGztNN43v9ykZf51PQeZD67
InbS7TJtOOrOzHAOalpRe9oPBOx4HO5C+aivLdHUS3xlfuXLRs8vmPHX5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIcFhx+fQsBCuZd52M4L66cgwA7MB8GA1UdIwQY
MBaAFN23FHE3O7BgPDVu7e1LkYKStb7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgt
NjIxMmFjNDljYTNiLzEvc2h3V0hINTlDd0VLNWwzbll6Z3ZycHlEQURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNi
LzEvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQi0MA0G
CSqGSIb3DQEBCwUAA4IBAQAnZ9n3uIMJ0pfpqVY23n3TJy5qpStnjrTD1wNk68tF
x6di3ACnfEXNUT/Zqe1TfrEWk/+m6Du9++g4Phe1BrIV5rENXeZ2HphHuM6Fq1p7
qqSgfmXpmGayQJ/n4Ccd3/8W7Zs+LXEbd05TXlYWvhoNf3bDuLxQ/awqPJCNHe41
qgVwOou/94aNpCuRuyQ+CfzodPMTT3KroFd3K9dlkaHl2ze0SbQYtSX4e5MGyJoO
3WJXDiOFDHJTTbGqk0koVUqgomWIXXeGVrnGKtPbLbLCff2Axz08OUMeYvGTwZ91
IYWl4f/V5WPVLB9sVvehd0/AS8B0ZnOB9l3djiiuJyCM
-----END CERTIFICATE-----