This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/u7WqNNWmQvLm2ApBiH3WqiKbFv8.roa
File:                     u7WqNNWmQvLm2ApBiH3WqiKbFv8.roa (raw, json)
Hash identifier:          ddSXhdjqoU8AGRCQ8Zsoe0zHo4Qki3rGL0wDNBR9/lY=
Subject key identifier:   BB:B5:AA:34:D5:A6:42:F2:E6:D8:0A:41:88:7D:D6:AA:22:9B:16:FF
Certificate issuer:       /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial:       019B7AC9528370D241A65892FF081A568716
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/u7WqNNWmQvLm2ApBiH3WqiKbFv8.roa
Signing time:             Thu 01 Jan 2026 18:19:32 +0000
ROA not before:           Thu 01 Jan 2026 18:19:32 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204666
IP address blocks:        5.59.102.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 08:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c9:52:83:70:d2:41:a6:58:92:ff:08:1a:56:87:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
        Validity
            Not Before: Jan  1 18:19:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=bbb5aa34d5a642f2e6d80a41887dd6aa229b16ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:60:69:7c:ef:1c:ab:0e:d1:bb:04:a6:97:9f:
                    f9:e7:ea:91:21:57:f6:04:e6:e1:30:a0:88:cf:de:
                    c5:1d:5a:a9:4a:8a:ac:6c:2a:85:35:38:22:4b:7a:
                    bf:e8:91:04:e5:d6:d4:ca:c5:00:b6:9f:74:eb:14:
                    93:6a:f9:15:d3:de:d4:92:7e:8f:c7:e3:3a:01:41:
                    c8:26:4d:ac:95:0f:3b:49:59:c3:76:51:55:e7:6b:
                    65:2d:e3:74:6b:b0:e3:ac:ed:90:e1:1e:61:33:75:
                    91:a4:3c:11:9d:58:fc:05:c8:27:82:81:e7:e4:5b:
                    17:f0:ed:78:86:b7:c2:34:1a:bc:15:68:d3:e9:d7:
                    54:af:b0:b9:62:4b:f0:73:56:86:22:ad:73:7e:83:
                    78:b5:cb:9b:0a:2c:f8:cd:0a:9b:2a:d6:f7:1c:cc:
                    32:f2:17:a0:6b:25:c7:3f:d1:27:b1:f2:9f:1a:e2:
                    f5:19:72:e0:42:ec:35:ff:93:39:02:7f:65:80:7b:
                    88:bc:b0:aa:a6:1a:25:b5:b4:99:a6:c3:c8:94:17:
                    d1:d0:c6:0d:01:51:77:80:e6:0e:77:66:d6:1a:22:
                    50:79:c0:82:a4:af:09:25:67:d0:bf:64:15:6c:60:
                    b0:2e:d7:49:87:b2:94:2a:fd:5c:a8:6b:b2:9f:67:
                    32:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B5:AA:34:D5:A6:42:F2:E6:D8:0A:41:88:7D:D6:AA:22:9B:16:FF
            X509v3 Authority Key Identifier:
                keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/u7WqNNWmQvLm2ApBiH3WqiKbFv8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.59.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:3a:63:0d:55:1e:b8:a7:1b:ce:b7:85:15:35:da:c2:6d:a3:
         6e:9a:90:f5:19:ce:d0:2f:09:5a:bf:ba:be:5e:91:2e:df:23:
         3b:27:af:4b:a5:88:1b:03:9e:fa:df:c6:c5:4e:35:19:e3:20:
         c4:f9:2b:b1:ce:2a:e8:35:1a:ae:0e:e3:2c:86:9a:df:10:13:
         55:5e:e8:c9:89:02:d0:d9:88:d0:fe:ef:23:10:25:d2:e1:c5:
         6f:0a:66:7d:46:fa:e3:99:3c:6d:93:2e:7f:e8:80:14:24:26:
         1c:40:03:62:ac:18:68:13:4a:75:d6:03:ce:70:ff:24:9d:4b:
         9a:18:03:b0:ca:ed:99:0b:de:24:3a:d1:6d:13:9e:18:b3:75:
         82:be:ba:eb:97:c0:9d:0b:88:31:df:f5:c7:6c:dc:ee:58:1e:
         5c:9b:1a:7b:ef:b1:8d:06:99:32:22:10:1c:a5:83:dc:ba:20:
         bd:ec:8c:78:e1:52:f2:c9:22:64:b9:90:fb:a2:20:90:cb:72:
         3c:a0:d8:1b:fd:67:b1:59:36:4f:6a:63:66:a5:66:0c:28:14:
         d5:9d:11:80:22:4a:2d:a5:4a:7e:b5:b9:66:0e:52:b1:78:bc:
         23:a2:fc:ac:f7:59:1d:18:81:81:85:b8:2c:ba:3a:1f:b2:c7:
         8f:b7:9b:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yVKDcNJBpliS/wgaVocWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjYwMTAxMTgxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI1YWEzNGQ1YTY0MmYyZTZkODBhNDE4ODdkZDZhYTIyOWIxNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GBpfO8cqw7RuwSml5/55+qRIVf2
BObhMKCIz97FHVqpSoqsbCqFNTgiS3q/6JEE5dbUysUAtp906xSTavkV097Ukn6P
x+M6AUHIJk2slQ87SVnDdlFV52tlLeN0a7DjrO2Q4R5hM3WRpDwRnVj8BcgngoHn
5FsX8O14hrfCNBq8FWjT6ddUr7C5Ykvwc1aGIq1zfoN4tcubCiz4zQqbKtb3HMwy
8hegayXHP9EnsfKfGuL1GXLgQuw1/5M5An9lgHuIvLCqpholtbSZpsPIlBfR0MYN
AVF3gOYOd2bWGiJQecCCpK8JJWfQv2QVbGCwLtdJh7KUKv1cqGuyn2cyJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLu1qjTVpkLy5tgKQYh91qoimxb/MB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvdTdXcU5OV21RdkxtMkFwQmlIM1dxaUtiRnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBTtmMA0G
CSqGSIb3DQEBCwUAA4IBAQCyOmMNVR64pxvOt4UVNdrCbaNumpD1Gc7QLwlav7q+
XpEu3yM7J69LpYgbA57638bFTjUZ4yDE+SuxziroNRquDuMshprfEBNVXujJiQLQ
2YjQ/u8jECXS4cVvCmZ9RvrjmTxtky5/6IAUJCYcQANirBhoE0p11gPOcP8knUua
GAOwyu2ZC94kOtFtE54Ys3WCvrrrl8CdC4gx3/XHbNzuWB5cmxp777GNBpkyIhAc
pYPcuiC97Ix44VLyySJkuZD7oiCQy3I8oNgb/WexWTZPamNmpWYMKBTVnRGAIkot
pUp+tblmDlKxeLwjovys91kdGIGBhbgsujofssePt5tC
-----END CERTIFICATE-----