This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/6ui0ZubBGSljwarxH5G42eha-uE.roa
File:                     6ui0ZubBGSljwarxH5G42eha-uE.roa (raw, json)
Hash identifier:          MmgOiFdsQ+nW5J8yj73fwwfUnxXL9yFGysdIAKf8+pU=
Subject key identifier:   EA:E8:B4:66:E6:C1:19:29:63:C1:AA:F1:1F:91:B8:D9:E8:5A:FA:E1
Certificate issuer:       /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial:       019B33189D388C69F58701D45CB3D9AB4449
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/6ui0ZubBGSljwarxH5G42eha-uE.roa
Signing time:             Thu 18 Dec 2025 20:13:29 +0000
ROA not before:           Thu 18 Dec 2025 20:13:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     205463
IP address blocks:        178.211.159.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 08:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:33:18:9d:38:8c:69:f5:87:01:d4:5c:b3:d9:ab:44:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
        Validity
            Not Before: Dec 18 20:13:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=eae8b466e6c1192963c1aaf11f91b8d9e85afae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:9e:38:ed:a6:91:62:2a:4a:69:ed:f2:5c:c2:
                    b4:b3:fd:4a:92:ad:a7:93:d3:ce:2a:9e:68:98:9e:
                    f0:71:3e:95:c6:bf:a8:2f:36:b0:f0:d4:64:ec:24:
                    0e:0c:32:c0:23:dd:e4:9f:df:1b:ac:88:a0:b5:f3:
                    b0:a7:4a:d2:ac:f4:b1:4a:d5:35:ad:5a:12:3f:7f:
                    9f:03:86:fe:82:2e:6b:d9:56:b5:45:b8:3c:8b:b1:
                    70:3f:c9:74:bc:2f:c8:5d:cb:ff:0f:47:c8:7e:c3:
                    65:36:e6:e0:91:86:60:f7:63:98:dd:7f:df:83:f0:
                    71:70:29:1e:fc:1e:2b:49:5b:a2:26:6d:39:70:d1:
                    db:e8:7d:8a:d1:4f:74:23:c0:5c:81:46:07:2c:0f:
                    dd:55:27:97:ad:43:93:8e:dd:62:c4:34:28:04:46:
                    ae:74:02:cc:05:22:46:d1:35:d0:36:73:fc:6d:9c:
                    82:d2:ec:43:fa:d2:c3:fa:d9:51:b2:81:68:74:1d:
                    77:49:d8:80:e6:75:ed:8f:1c:e7:db:9f:f7:a7:4f:
                    22:8c:05:e6:0e:c1:a2:f2:f1:af:5a:d6:93:18:6f:
                    26:99:e3:5e:6e:9e:2d:a1:39:e3:4a:e5:6d:d2:91:
                    b1:36:27:3a:c5:71:f4:75:67:4f:5e:a5:40:b5:97:
                    c1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:E8:B4:66:E6:C1:19:29:63:C1:AA:F1:1F:91:B8:D9:E8:5A:FA:E1
            X509v3 Authority Key Identifier:
                keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/6ui0ZubBGSljwarxH5G42eha-uE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:bb:6f:c3:62:3a:5e:67:11:be:10:a1:6b:21:76:3e:db:47:
         39:7a:51:85:6a:b4:08:42:d4:d0:b7:02:92:1f:cb:04:24:ee:
         c5:f2:a2:5d:ec:fc:16:e0:d4:48:fc:60:92:a8:00:a6:96:85:
         d1:c6:06:df:d7:6d:66:ec:3f:1b:e6:fa:4f:3e:a8:b3:bd:8a:
         33:57:94:f7:a8:f9:9e:db:3a:a2:db:21:a4:bd:f7:e8:5c:1c:
         09:1e:55:97:66:f4:72:f3:d0:d7:92:e6:80:1a:1a:66:bc:85:
         3c:f2:66:64:0e:05:e2:a5:bb:11:84:0c:ab:21:f2:1d:a5:f3:
         d1:98:00:12:d5:e6:79:d8:5f:08:74:f4:7c:a8:cf:d7:91:0b:
         a7:f4:ce:fd:08:ed:5f:21:9d:0d:94:57:44:20:80:28:48:f1:
         6d:6f:b7:fe:70:1c:73:a7:e2:64:2a:0b:e7:49:bc:9f:7f:36:
         ff:37:4e:85:b2:e0:ba:c4:72:28:af:53:5c:73:d3:45:06:0f:
         0a:c4:78:46:f4:79:d9:80:c3:d9:a2:0b:e3:78:9a:cb:ed:7c:
         e0:e0:db:f1:57:6b:a6:07:1f:47:6f:60:96:c1:5d:0d:a6:0a:
         98:1f:25:26:55:55:49:ce:08:1a:7b:79:87:4d:8e:d6:a8:f1:
         84:14:58:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZszGJ04jGn1hwHUXLPZq0RJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUxMjE4MjAxMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWU4YjQ2NmU2YzExOTI5NjNjMWFhZjExZjkxYjhkOWU4NWFmYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5447aaRYipKae3yXMK0s/1Kkq2n
k9POKp5omJ7wcT6Vxr+oLzaw8NRk7CQODDLAI93kn98brIigtfOwp0rSrPSxStU1
rVoSP3+fA4b+gi5r2Va1Rbg8i7FwP8l0vC/IXcv/D0fIfsNlNubgkYZg92OY3X/f
g/BxcCke/B4rSVuiJm05cNHb6H2K0U90I8BcgUYHLA/dVSeXrUOTjt1ixDQoBEau
dALMBSJG0TXQNnP8bZyC0uxD+tLD+tlRsoFodB13SdiA5nXtjxzn25/3p08ijAXm
DsGi8vGvWtaTGG8mmeNebp4toTnjSuVt0pGxNic6xXH0dWdPXqVAtZfBmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrotGbmwRkpY8Gq8R+RuNnoWvrhMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvNnVpMFp1YkJHU2xqd2FyeEg1RzQyZWhhLXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOfMA0G
CSqGSIb3DQEBCwUAA4IBAQCUu2/DYjpeZxG+EKFrIXY+20c5elGFarQIQtTQtwKS
H8sEJO7F8qJd7PwW4NRI/GCSqACmloXRxgbf121m7D8b5vpPPqizvYozV5T3qPme
2zqi2yGkvffoXBwJHlWXZvRy89DXkuaAGhpmvIU88mZkDgXipbsRhAyrIfIdpfPR
mAAS1eZ52F8IdPR8qM/XkQun9M79CO1fIZ0NlFdEIIAoSPFtb7f+cBxzp+JkKgvn
Sbyffzb/N06FsuC6xHIor1Ncc9NFBg8KxHhG9HnZgMPZogvjeJrL7Xzg4NvxV2um
Bx9Hb2CWwV0NpgqYHyUmVVVJzggae3mHTY7WqPGEFFiy
-----END CERTIFICATE-----