This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MTuNC7YxMqCq1p4XgA1qyILUuXU.roa
File:                     MTuNC7YxMqCq1p4XgA1qyILUuXU.roa (raw, json)
Hash identifier:          +/gYg3JzJJ2E43y6Ufu5yuzL4TSgU/YcFEdmXyNUrgk=
Subject key identifier:   31:3B:8D:0B:B6:31:32:A0:AA:D6:9E:17:80:0D:6A:C8:82:D4:B9:75
Certificate issuer:       /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial:       019B7AC94C5EA34C00B90CCC87BE609156F2
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MTuNC7YxMqCq1p4XgA1qyILUuXU.roa
Signing time:             Thu 01 Jan 2026 18:19:31 +0000
ROA not before:           Thu 01 Jan 2026 18:19:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57707
IP address blocks:        5.59.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c9:4c:5e:a3:4c:00:b9:0c:cc:87:be:60:91:56:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
        Validity
            Not Before: Jan  1 18:19:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=313b8d0bb63132a0aad69e17800d6ac882d4b975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:de:ab:a0:dd:ed:06:13:4c:a2:ac:bc:82:82:
                    93:34:32:e4:9f:3f:5e:9e:4e:2d:d0:6d:86:bf:f3:
                    4f:b3:93:78:fe:04:f2:78:bb:89:ca:be:24:a9:85:
                    df:81:b0:0e:4e:20:64:06:aa:6b:1c:dd:9a:8a:ff:
                    74:55:30:70:6d:7b:40:65:3e:b5:d1:26:80:bc:a9:
                    6d:c3:c1:0c:75:52:54:7b:4e:83:f1:a1:8c:1c:15:
                    76:fc:72:23:54:fc:ec:4f:83:4a:4f:f5:cc:52:9a:
                    60:c5:f5:25:e4:18:aa:c9:76:47:a9:97:56:56:8e:
                    6e:82:7c:ba:19:3f:60:1d:35:bb:e4:5b:d4:39:98:
                    c3:9b:4a:ec:5e:64:28:88:e5:e0:d6:28:30:85:30:
                    6b:df:a7:62:c6:28:81:9d:56:00:5a:00:3c:3c:d9:
                    4f:c9:82:e5:13:0b:5d:df:f8:7b:cc:d3:aa:7f:61:
                    c6:30:bd:3f:6a:10:16:33:29:e9:ea:0f:90:8a:d5:
                    41:18:ad:64:c8:72:ce:bf:e9:5c:44:39:65:19:f0:
                    1c:bb:9b:64:a6:b6:6f:d7:fe:c7:92:66:d0:e8:b8:
                    fe:a2:f3:3b:05:60:e0:1d:67:8e:9b:cb:a8:15:9f:
                    cc:07:a9:e3:b6:60:26:e7:6d:58:df:ee:ed:2e:29:
                    d6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:3B:8D:0B:B6:31:32:A0:AA:D6:9E:17:80:0D:6A:C8:82:D4:B9:75
            X509v3 Authority Key Identifier:
                keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/MTuNC7YxMqCq1p4XgA1qyILUuXU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.59.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:3c:17:0f:1d:12:b3:3f:39:2e:0a:10:ce:5d:7a:51:d6:41:
         89:fd:e6:46:8b:a3:68:cf:93:47:1c:ac:76:83:3d:e5:b4:13:
         09:ab:44:d7:2f:c4:c0:c2:2e:d3:d3:a5:a3:88:f4:23:e1:5b:
         79:05:41:47:0b:68:11:3d:19:22:a3:da:0b:f2:33:80:ea:91:
         23:d6:e1:cc:c2:f7:37:ae:bc:5b:d7:3f:6f:c7:b3:74:66:3a:
         20:4a:62:63:fd:15:9e:0a:0d:76:9c:fb:5c:d6:50:5d:09:5c:
         d1:30:81:74:ce:ca:1a:7a:6a:a3:55:ba:e4:21:9c:fb:08:59:
         59:b4:65:1c:1d:46:73:2b:2b:b8:79:d0:f8:56:e0:dd:6a:ba:
         f9:43:5c:3f:49:85:5d:7a:3f:97:ca:bf:f9:49:a5:50:c7:ca:
         74:5d:53:8e:85:1c:14:f4:a7:09:16:c7:83:b3:b5:42:d0:74:
         9a:90:ab:7c:94:d5:2a:ea:ce:d8:df:bd:ae:2c:fa:d4:fd:f0:
         0f:6d:e2:ab:29:45:ab:7b:25:e7:ed:a1:c8:a9:f2:43:df:96:
         55:f5:d4:41:4f:9c:ff:e3:ae:76:4e:7b:63:08:bb:0d:fd:91:
         9f:92:07:74:fc:66:b4:0c:90:14:2f:8c:5b:34:68:1e:c7:e6:
         af:a6:02:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yUxeo0wAuQzMh75gkVbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjYwMTAxMTgxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNiOGQwYmI2MzEzMmEwYWFkNjllMTc4MDBkNmFjODgyZDRiOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt6roN3tBhNMoqy8goKTNDLknz9e
nk4t0G2Gv/NPs5N4/gTyeLuJyr4kqYXfgbAOTiBkBqprHN2aiv90VTBwbXtAZT61
0SaAvKltw8EMdVJUe06D8aGMHBV2/HIjVPzsT4NKT/XMUppgxfUl5BiqyXZHqZdW
Vo5ugny6GT9gHTW75FvUOZjDm0rsXmQoiOXg1igwhTBr36dixiiBnVYAWgA8PNlP
yYLlEwtd3/h7zNOqf2HGML0/ahAWMynp6g+QitVBGK1kyHLOv+lcRDllGfAcu5tk
prZv1/7HkmbQ6Lj+ovM7BWDgHWeOm8uoFZ/MB6njtmAm521Y3+7tLinWGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDE7jQu2MTKgqtaeF4ANasiC1Ll1MB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvTVR1TkM3WXhNcUNxMXA0WGdBMXF5SUxVdVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTthMA0G
CSqGSIb3DQEBCwUAA4IBAQCRPBcPHRKzPzkuChDOXXpR1kGJ/eZGi6Noz5NHHKx2
gz3ltBMJq0TXL8TAwi7T06WjiPQj4Vt5BUFHC2gRPRkio9oL8jOA6pEj1uHMwvc3
rrxb1z9vx7N0ZjogSmJj/RWeCg12nPtc1lBdCVzRMIF0zsoaemqjVbrkIZz7CFlZ
tGUcHUZzKyu4edD4VuDdarr5Q1w/SYVdej+Xyr/5SaVQx8p0XVOOhRwU9KcJFseD
s7VC0HSakKt8lNUq6s7Y372uLPrU/fAPbeKrKUWreyXn7aHIqfJD35ZV9dRBT5z/
4652TntjCLsN/ZGfkgd0/Ga0DJAUL4xbNGgex+avpgJ7
-----END CERTIFICATE-----