This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/iWLnguhSOb7-X7cfTiILpKUal74.roa
File:                     iWLnguhSOb7-X7cfTiILpKUal74.roa (raw, json)
Hash identifier:          SwM3PBqqQru24uepnr2dP9tkAA5XkqKgSM154kLrCcM=
Subject key identifier:   89:62:E7:82:E8:52:39:BE:FE:5F:B7:1F:4E:22:0B:A4:A5:1A:97:BE
Certificate issuer:       /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial:       019B77C71DBC2D050EF9C85619C82E31F352
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/iWLnguhSOb7-X7cfTiILpKUal74.roa
Signing time:             Thu 01 Jan 2026 04:18:16 +0000
ROA not before:           Thu 01 Jan 2026 04:18:16 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213702
IP address blocks:        103.27.157.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:1d:bc:2d:05:0e:f9:c8:56:19:c8:2e:31:f3:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
        Validity
            Not Before: Jan  1 04:18:16 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8962e782e85239befe5fb71f4e220ba4a51a97be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7e:a2:ba:92:6c:38:b5:31:49:b9:43:7b:c9:
                    83:5e:1e:77:a5:4c:7c:dd:9c:74:11:f7:b4:d8:ec:
                    ef:5a:d7:11:3c:30:b0:01:de:8f:d7:8c:b0:52:3d:
                    f6:b5:70:7e:c0:38:3c:a5:f1:57:43:19:66:b7:5b:
                    fe:fd:29:26:1b:56:c9:cf:f6:1f:d3:6e:de:8d:77:
                    c3:77:8e:e8:4d:d5:d2:66:79:d9:ce:64:1d:6e:49:
                    3d:a2:26:15:40:04:e3:6a:6e:6d:a2:b5:70:25:40:
                    ac:e0:4f:67:97:05:13:a8:1a:1d:64:45:1c:6d:98:
                    bd:94:d7:f2:43:e0:5a:9a:62:55:52:6b:8a:14:b8:
                    5c:47:8c:c4:7a:ec:47:0a:b9:c5:eb:06:a3:4d:74:
                    63:c2:92:ed:a2:68:5c:c5:70:28:0d:4f:67:6f:3e:
                    c3:c5:58:19:45:79:e8:80:68:17:cd:ce:8b:16:70:
                    35:50:0d:cd:98:a2:4d:f3:5d:f6:73:75:a9:0b:8c:
                    d3:ba:54:49:64:a3:86:f5:af:4f:9b:20:89:0e:be:
                    c5:80:ce:f6:8f:f8:d5:98:e0:98:86:12:ec:ae:1d:
                    95:59:4f:da:50:63:aa:9b:4c:ec:ee:dc:15:8a:8a:
                    52:93:19:69:d8:77:0f:3b:55:8c:90:2f:d3:7f:cf:
                    05:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:62:E7:82:E8:52:39:BE:FE:5F:B7:1F:4E:22:0B:A4:A5:1A:97:BE
            X509v3 Authority Key Identifier:
                keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/iWLnguhSOb7-X7cfTiILpKUal74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.27.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:60:e7:38:0f:24:2e:0e:9d:7e:b2:10:85:ba:87:7b:38:6f:
         d0:24:93:6d:fd:a2:66:49:e3:63:03:75:20:4c:72:cd:a0:cc:
         7c:c3:55:57:fc:1a:ee:3e:3f:70:d7:62:13:4a:0b:c6:cc:6d:
         2d:11:8a:fb:94:63:ca:f0:32:8c:0c:09:d9:e4:b5:4c:78:76:
         43:0c:b6:32:2f:db:42:a2:5c:b0:e0:c6:79:db:70:5c:0b:37:
         89:86:9f:e6:df:d4:48:22:f8:7b:99:66:b6:f8:6e:4d:a1:4f:
         e3:36:ca:7e:90:33:ef:c6:7b:57:72:79:a1:a2:0f:b8:e8:1a:
         f8:de:49:d7:25:b5:62:ef:bf:56:9c:a6:bc:2a:29:03:c8:5d:
         d4:fd:8c:d8:3e:11:24:48:0a:b6:f9:43:ab:ef:e8:fe:f5:85:
         6d:c5:09:60:a2:0e:3a:1d:05:c3:b8:fc:2f:f5:5a:72:0b:80:
         b2:57:28:3f:0c:88:d0:5d:f2:62:76:e2:76:c6:f4:fd:ad:08:
         c9:2f:ce:9a:21:1b:f4:0f:ae:52:2b:1d:8f:e4:f0:51:e6:76:
         ab:e8:dd:ec:3e:2c:ef:d4:2f:da:6d:0e:56:bd:af:fd:38:5d:
         e8:a3:dc:46:d5:be:c1:c8:7a:91:4d:01:7d:7e:75:89:b5:6a:
         f2:20:35:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xx28LQUO+chWGcguMfNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwMTAxMDQxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYyZTc4MmU4NTIzOWJlZmU1ZmI3MWY0ZTIyMGJhNGE1MWE5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn36iupJsOLUxSblDe8mDXh53pUx8
3Zx0Efe02OzvWtcRPDCwAd6P14ywUj32tXB+wDg8pfFXQxlmt1v+/SkmG1bJz/Yf
027ejXfDd47oTdXSZnnZzmQdbkk9oiYVQATjam5torVwJUCs4E9nlwUTqBodZEUc
bZi9lNfyQ+BammJVUmuKFLhcR4zEeuxHCrnF6wajTXRjwpLtomhcxXAoDU9nbz7D
xVgZRXnogGgXzc6LFnA1UA3NmKJN8132c3WpC4zTulRJZKOG9a9PmyCJDr7FgM72
j/jVmOCYhhLsrh2VWU/aUGOqm0zs7twViopSkxlp2HcPO1WMkC/Tf88FjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIli54LoUjm+/l+3H04iC6SlGpe+MB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvaVdMbmd1aFNPYjctWDdjZlRpSUxwS1VhbDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxudMA0G
CSqGSIb3DQEBCwUAA4IBAQAJYOc4DyQuDp1+shCFuod7OG/QJJNt/aJmSeNjA3Ug
THLNoMx8w1VX/BruPj9w12ITSgvGzG0tEYr7lGPK8DKMDAnZ5LVMeHZDDLYyL9tC
olyw4MZ523BcCzeJhp/m39RIIvh7mWa2+G5NoU/jNsp+kDPvxntXcnmhog+46Br4
3knXJbVi779WnKa8KikDyF3U/YzYPhEkSAq2+UOr7+j+9YVtxQlgog46HQXDuPwv
9VpyC4CyVyg/DIjQXfJiduJ2xvT9rQjJL86aIRv0D65SKx2P5PBR5nar6N3sPizv
1C/abQ5Wva/9OF3oo9xG1b7ByHqRTQF9fnWJtWryIDXc
-----END CERTIFICATE-----