This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/58Wp1VF6BHCSakbGBlGUI9YbRbs.roa
File:                     58Wp1VF6BHCSakbGBlGUI9YbRbs.roa (raw, json)
Hash identifier:          g7J5oMZc3VM2uNCFSzdBZ3LlO2X+Hjy8F425/dNCcCo=
Subject key identifier:   E7:C5:A9:D5:51:7A:04:70:92:6A:46:C6:06:51:94:23:D6:1B:45:BB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       019B1493823EBCD81CD4E5CEA4941344B8C5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/58Wp1VF6BHCSakbGBlGUI9YbRbs.roa
Signing time:             Fri 12 Dec 2025 21:59:29 +0000
ROA not before:           Fri 12 Dec 2025 21:59:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     9318
IP address blocks:        163.5.9.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Dec 2025 18:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:14:93:82:3e:bc:d8:1c:d4:e5:ce:a4:94:13:44:b8:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 12 21:59:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e7c5a9d5517a0470926a46c606519423d61b45bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4c:94:f1:0a:6a:1f:fc:c1:20:71:7a:63:62:
                    5b:b4:78:b9:52:47:1d:16:2c:85:3e:f5:a0:72:4e:
                    d2:69:89:46:85:b2:4c:b8:b3:32:de:a4:63:6a:3d:
                    f8:01:0d:fe:1e:e6:d7:72:e5:2f:f2:0e:e6:bd:0d:
                    b1:10:2c:5d:d3:76:93:41:81:1f:45:e5:11:f2:dd:
                    eb:ef:b3:39:e3:78:a2:e7:a1:71:09:67:6f:ad:34:
                    6e:82:e8:37:c6:b5:f0:00:10:97:78:75:fc:5a:f8:
                    55:c5:cc:05:57:32:8a:c5:a6:b8:8f:eb:9f:f9:09:
                    fb:b1:d6:7c:54:f2:6c:53:96:3e:c6:bc:b3:c9:ef:
                    2f:df:ed:7f:e9:9a:1a:08:a6:3e:9b:34:91:96:d8:
                    2c:94:34:b5:ef:64:e9:34:3e:2d:e4:90:ee:43:38:
                    3c:5d:d3:93:21:be:b9:42:9c:68:9c:dd:4f:f4:00:
                    eb:00:73:d8:fc:06:ce:86:d7:4c:58:75:18:14:cc:
                    1d:ea:6f:16:0a:b0:1f:f0:96:73:72:f4:94:38:5e:
                    0f:6e:13:4c:ca:74:7c:f6:6c:40:c2:4f:cb:c5:6e:
                    be:10:67:f3:10:6d:1a:21:8e:76:56:7c:e9:7c:4e:
                    30:7a:2a:7e:9b:84:04:8f:e8:a2:96:c0:ac:7e:e3:
                    fa:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:C5:A9:D5:51:7A:04:70:92:6A:46:C6:06:51:94:23:D6:1B:45:BB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/58Wp1VF6BHCSakbGBlGUI9YbRbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:cc:a9:fd:48:9b:f2:e4:76:15:f4:54:04:6b:53:c4:e9:93:
         b5:47:0a:21:d5:6a:0d:68:96:9f:a5:c0:53:c5:9a:18:4f:2c:
         c5:4a:b2:7b:f6:42:b8:78:76:23:3f:47:31:0a:57:1a:c8:39:
         9b:ac:16:b4:50:95:67:cd:58:f0:70:71:8f:26:2a:07:e6:9e:
         50:dd:8c:3b:6a:cc:28:09:53:36:39:df:ba:21:64:e0:74:a6:
         86:ad:99:91:59:4c:8e:e1:a6:0a:01:05:93:a6:89:2b:90:30:
         97:3e:cb:54:bd:ee:56:19:4b:89:40:37:10:1b:cf:64:ca:5a:
         f1:84:6d:4c:22:5a:60:42:4e:b5:38:bb:49:2c:d9:cf:52:1c:
         73:ff:0d:b5:fa:3e:ab:c5:87:79:d0:e5:51:a8:51:f5:b2:f4:
         16:7a:06:1d:c4:db:4b:8d:60:b6:a3:e2:86:09:07:f0:ab:41:
         21:1e:fe:f8:c6:8b:24:3b:21:e4:70:f5:4b:64:3d:a0:f5:0d:
         ab:b8:94:f7:66:ca:ff:8e:eb:3b:36:34:32:2e:1e:74:37:47:
         9b:18:fd:0a:5f:61:a9:13:07:34:66:76:1b:23:a5:b2:9d:04:
         6d:50:ed:fa:9a:76:ba:22:33:1c:58:6a:a0:cc:18:7e:93:ea:
         54:2c:ac:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZsUk4I+vNgc1OXOpJQTRLjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUxMjEyMjE1OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2M1YTlkNTUxN2EwNDcwOTI2YTQ2YzYwNjUxOTQyM2Q2MWI0NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0yU8QpqH/zBIHF6Y2JbtHi5Ukcd
FiyFPvWgck7SaYlGhbJMuLMy3qRjaj34AQ3+HubXcuUv8g7mvQ2xECxd03aTQYEf
ReUR8t3r77M543ii56FxCWdvrTRugug3xrXwABCXeHX8WvhVxcwFVzKKxaa4j+uf
+Qn7sdZ8VPJsU5Y+xryzye8v3+1/6ZoaCKY+mzSRltgslDS172TpND4t5JDuQzg8
XdOTIb65QpxonN1P9ADrAHPY/AbOhtdMWHUYFMwd6m8WCrAf8JZzcvSUOF4PbhNM
ynR89mxAwk/LxW6+EGfzEG0aIY52VnzpfE4weip+m4QEj+iilsCsfuP6OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfFqdVRegRwkmpGxgZRlCPWG0W7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNThXcDFWRjZCSENTYWtiR0JsR1VJOVliUmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowUJMA0G
CSqGSIb3DQEBCwUAA4IBAQBpzKn9SJvy5HYV9FQEa1PE6ZO1Rwoh1WoNaJafpcBT
xZoYTyzFSrJ79kK4eHYjP0cxClcayDmbrBa0UJVnzVjwcHGPJioH5p5Q3Yw7aswo
CVM2Od+6IWTgdKaGrZmRWUyO4aYKAQWTpokrkDCXPstUve5WGUuJQDcQG89kylrx
hG1MIlpgQk61OLtJLNnPUhxz/w21+j6rxYd50OVRqFH1svQWegYdxNtLjWC2o+KG
CQfwq0EhHv74xoskOyHkcPVLZD2g9Q2ruJT3Zsr/jus7NjQyLh50N0ebGP0KX2Gp
Ewc0ZnYbI6WynQRtUO36mna6IjMcWGqgzBh+k+pULKwM
-----END CERTIFICATE-----