This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.owl.net/rrdp/owl/1/326130373a643838343a3130303a3a2f34302d3438203d3e203433333537.roa
File:                     326130373a643838343a3130303a3a2f34302d3438203d3e203433333537.roa (raw, json)
Hash identifier:          yeff1biVXFnDfLVq6U0VkDmadS8A+3gHSrquiSqGCKc=
Subject key identifier:   1C:B1:AC:23:AF:D0:21:0E:F1:AA:BD:C6:99:8D:9B:99:3C:66:CA:2C
Certificate issuer:       /CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Certificate serial:       18FAE23C65F9AD558EEDB4FD3A9286D404C8BED1
Authority key identifier: B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject info access:      rsync://rpki.owl.net/rrdp/owl/1/326130373a643838343a3130303a3a2f34302d3438203d3e203433333537.roa
Signing time:             Fri 12 Dec 2025 14:43:57 +0000
ROA not before:           Fri 12 Dec 2025 14:38:57 +0000
ROA not after:            Fri 11 Dec 2026 14:43:57 +0000
asID:                     43357
IP address blocks:        2a07:d884:100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl
                          rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Dec 2025 23:03:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:fa:e2:3c:65:f9:ad:55:8e:ed:b4:fd:3a:92:86:d4:04:c8:be:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
        Validity
            Not Before: Dec 12 14:38:57 2025 GMT
            Not After : Dec 11 14:43:57 2026 GMT
        Subject: CN=1CB1AC23AFD0210EF1AABDC6998D9B993C66CA2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:1a:c0:1a:e3:56:40:a9:b1:d2:e2:3c:33:
                    5b:96:09:b0:4c:52:b5:a2:07:2f:03:e8:f4:0e:1b:
                    db:db:9e:cc:2e:ec:85:13:30:85:2b:b3:bc:47:33:
                    fd:c1:a7:ee:42:ef:09:98:23:22:86:75:bf:be:05:
                    ac:07:25:98:73:28:b9:0c:51:61:71:e9:38:98:13:
                    e2:52:ca:99:77:39:a9:53:6a:48:04:8f:5e:63:f4:
                    a8:0c:cd:e0:62:96:0b:84:a5:96:28:f4:99:7b:75:
                    d1:b6:88:66:f1:77:a1:95:7b:33:5e:07:64:38:79:
                    e0:94:7f:08:bc:e0:96:09:0b:62:80:b3:ad:d9:f8:
                    2d:5f:16:20:73:eb:c5:17:72:d3:b1:3e:de:c4:6b:
                    6a:24:cf:b0:b5:21:ae:4c:2e:11:54:29:5d:ae:f4:
                    66:31:e9:2e:f1:de:b0:df:f2:0d:70:52:d6:d0:35:
                    0a:99:62:19:18:0d:b1:f3:04:cd:aa:c1:ae:c1:e1:
                    97:94:0b:99:5a:87:b8:7f:ec:c5:4b:06:72:2e:f2:
                    5a:7e:a3:6d:71:91:42:ef:54:50:9c:b0:87:ba:c7:
                    a0:de:ea:cd:63:0f:fa:05:ca:2c:5c:2b:0c:fb:7d:
                    d8:02:1b:f5:97:a7:fa:c2:e5:25:f4:b7:49:a7:eb:
                    81:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B1:AC:23:AF:D0:21:0E:F1:AA:BD:C6:99:8D:9B:99:3C:66:CA:2C
            X509v3 Authority Key Identifier:
                keyid:B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.owl.net/rrdp/owl/1/326130373a643838343a3130303a3a2f34302d3438203d3e203433333537.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:d884:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         e5:5a:44:e6:e1:50:d1:5b:68:4e:30:11:85:3a:f7:e6:34:d4:
         2f:d5:3a:3f:57:13:e6:04:54:5f:74:b2:b3:a7:e5:17:77:1d:
         b0:4b:8d:96:02:98:87:5b:1a:7a:fb:e9:82:c7:3c:61:7c:11:
         af:41:07:ae:81:39:34:01:dc:67:b7:e1:4e:ab:40:b1:25:16:
         6a:9c:aa:cb:d5:f2:72:2a:30:39:a1:ad:74:9b:fc:55:bd:e6:
         fe:a3:77:ba:68:89:03:a0:42:cc:d0:57:77:43:cb:63:69:ad:
         0c:cf:64:a4:83:d6:b9:37:81:13:b8:71:51:e4:e3:84:ac:6c:
         98:27:ec:c1:eb:ab:56:77:91:4a:71:9e:22:6f:1a:b9:55:de:
         dc:00:7b:5d:08:4c:a5:0b:b5:ad:b5:f9:85:6d:4f:62:4d:03:
         98:ee:aa:59:ff:f0:9e:73:ce:82:dc:3d:15:3a:75:93:c1:76:
         de:5b:b5:b1:67:2b:05:d5:57:ef:b7:1f:d4:5a:cc:f9:c1:cd:
         d2:28:1d:c7:65:97:5f:83:f9:c6:e4:66:36:ae:cd:78:8c:95:
         55:67:f5:36:70:60:a9:ee:53:64:5c:46:ea:76:df:1a:de:e2:
         1a:63:96:65:2c:50:0f:92:fe:ea:08:19:9b:a8:1b:c9:9d:ef:
         20:16:7c:b3
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUGPriPGX5rVWO7bT9OpKG1ATIvtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjU1ZTJlNzJkN2ZmZGU2YmNlYjczY2UyNmYxODVjNjc4
YTIzODkyZDAeFw0yNTEyMTIxNDM4NTdaFw0yNjEyMTExNDQzNTdaMDMxMTAvBgNV
BAMTKDFDQjFBQzIzQUZEMDIxMEVGMUFBQkRDNjk5OEQ5Qjk5M0M2NkNBMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9wRrAGuNWQKmx0uI8M1uWCbBM
UrWiBy8D6PQOG9vbnswu7IUTMIUrs7xHM/3Bp+5C7wmYIyKGdb++BawHJZhzKLkM
UWFx6TiYE+JSypl3OalTakgEj15j9KgMzeBilguEpZYo9Jl7ddG2iGbxd6GVezNe
B2Q4eeCUfwi84JYJC2KAs63Z+C1fFiBz68UXctOxPt7Ea2okz7C1Ia5MLhFUKV2u
9GYx6S7x3rDf8g1wUtbQNQqZYhkYDbHzBM2qwa7B4ZeUC5lah7h/7MVLBnIu8lp+
o21xkULvVFCcsIe6x6De6s1jD/oFyixcKwz7fdgCG/WXp/rC5SX0t0mn64FrAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUHLGsI6/QIQ7xqr3GmY2bmTxmyiwwHwYDVR0j
BBgwFoAUtV4uctf/3mvOtzzibxhcZ4ojiS0wDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5vd2wubmV0L3JyZHAvb3dsLzEvQjU1
RTJFNzJEN0ZGREU2QkNFQjczQ0UyNkYxODVDNjc4QTIzODkyRC5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3RWNHVjdGZfM212T3R6emlieGhjWjRvamlTMC5jZXIw
fAYIKwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL3Jwa2kub3dsLm5l
dC9ycmRwL293bC8xLzMyNjEzMDM3M2E2NDM4MzgzNDNhMzEzMDMwM2EzYTJmMzQz
MDJkMzQzODIwM2QzZTIwMzQzMzMzMzUzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoH2IQBMA0GCSqG
SIb3DQEBCwUAA4IBAQDlWkTm4VDRW2hOMBGFOvfmNNQv1To/VxPmBFRfdLKzp+UX
dx2wS42WApiHWxp6++mCxzxhfBGvQQeugTk0Adxnt+FOq0CxJRZqnKrL1fJyKjA5
oa10m/xVveb+o3e6aIkDoELM0Fd3Q8tjaa0Mz2Skg9a5N4ETuHFR5OOErGyYJ+zB
66tWd5FKcZ4ibxq5Vd7cAHtdCEylC7WttfmFbU9iTQOY7qpZ//Cec86C3D0VOnWT
wXbeW7WxZysF1Vfvtx/UWsz5wc3SKB3HZZdfg/nG5GY2rs14jJVVZ/U2cGCp7lNk
XEbqdt8a3uIaY5ZlLFAPkv7qCBmbqBvJne8gFnyz
-----END CERTIFICATE-----