This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/1-x1SQoCge1oAxdF8NH1g432c8v4.roa
File:                     1-x1SQoCge1oAxdF8NH1g432c8v4.roa (raw, json)
Hash identifier:          gGNG1VzQDUnu5gmTgkEbwFhdDKx8kxbSdmHR7f+ftE8=
Subject key identifier:   FB:1D:52:42:80:A0:7B:5A:00:C5:D1:7C:34:7D:60:E3:7D:9C:F2:FE
Certificate issuer:       /CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
Certificate serial:       019B7F15A800BBA07C00EA6ADB54E59DAD44
Authority key identifier: 77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/1-x1SQoCge1oAxdF8NH1g432c8v4.roa
Signing time:             Fri 02 Jan 2026 14:21:24 +0000
ROA not before:           Fri 02 Jan 2026 14:21:24 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3303
IP address blocks:        193.5.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:a8:00:bb:a0:7c:00:ea:6a:db:54:e5:9d:ad:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
        Validity
            Not Before: Jan  2 14:21:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fb1d524280a07b5a00c5d17c347d60e37d9cf2fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e5:27:9a:b1:64:f4:ca:5b:f6:97:47:ae:b8:
                    4c:30:fb:11:a7:9b:a8:fc:d0:50:f9:85:e2:84:36:
                    11:d3:07:7c:69:82:02:7e:7e:67:a0:cf:e3:50:32:
                    fc:e8:07:c2:17:8d:7d:1d:63:b7:d7:e2:18:3d:85:
                    c3:33:f1:0b:2e:c0:05:a8:c7:81:26:db:54:4d:c8:
                    d0:3c:bc:8e:79:fe:21:31:c6:76:a8:9c:7a:6f:74:
                    4d:19:5c:86:36:8c:86:7d:f5:e6:51:a5:f0:99:8c:
                    a5:9f:4d:bc:98:41:79:f3:13:c8:32:8f:ab:21:de:
                    fb:16:d8:05:ec:25:76:63:2a:96:18:8a:96:b2:54:
                    45:49:9d:5d:46:f9:87:02:f7:b8:ab:4d:9b:db:49:
                    bb:d8:3c:19:f2:06:56:1d:13:f3:ec:d6:a5:4f:be:
                    a3:40:22:36:53:4c:92:5d:5f:04:3a:f4:de:75:c9:
                    02:d7:65:4f:59:e0:14:05:00:a7:10:2b:1d:b9:58:
                    98:67:17:ff:46:5a:13:64:60:8e:af:e6:aa:9c:0e:
                    63:10:1e:da:67:d6:d9:15:a3:99:6c:33:a1:00:1b:
                    bc:1c:dc:36:05:02:c9:df:41:02:2a:25:1e:2c:43:
                    c5:a4:df:31:00:a7:91:7a:30:98:e3:0b:69:39:2b:
                    4b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:1D:52:42:80:A0:7B:5A:00:C5:D1:7C:34:7D:60:E3:7D:9C:F2:FE
            X509v3 Authority Key Identifier:
                keyid:77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/1-x1SQoCge1oAxdF8NH1g432c8v4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:bd:1c:0c:20:f3:81:f6:86:95:06:ad:79:7f:7c:24:81:d8:
         e6:73:de:c9:be:cf:76:11:93:48:ca:33:dd:07:96:28:7a:56:
         a6:d0:e1:2a:68:bd:12:06:47:9d:3b:0e:69:da:d4:fb:a7:a7:
         9d:7f:55:17:bb:c3:b9:d4:5e:0b:a9:9f:ac:d7:4b:c6:95:43:
         84:3a:3d:e9:44:85:f9:43:40:d6:23:0d:d5:8f:fd:3a:c2:a4:
         6d:0d:e3:92:8c:d2:bb:a8:14:14:be:13:49:12:35:c6:a2:a8:
         fe:d5:fc:4a:4c:2c:9c:0e:a3:63:22:ef:5e:c5:b0:10:cd:4f:
         ce:2a:59:c7:73:d9:bf:53:16:50:04:c6:3b:e4:3b:aa:4a:76:
         55:5c:8f:3f:f7:85:89:2c:72:d7:89:32:a7:8d:05:ab:cf:25:
         29:00:37:f8:d4:7d:8c:f7:ba:2f:69:12:ba:5d:56:4c:41:31:
         f9:3f:8c:c6:f3:3f:ca:ea:0c:85:35:e2:38:16:0b:7c:ea:06:
         4f:2a:65:41:11:0b:04:a2:bc:72:f1:a9:20:59:38:c3:11:72:
         67:cf:af:12:f8:9c:0a:c0:10:fb:92:d4:7a:9e:05:84:44:b6:
         71:2e:34:d1:46:81:11:a5:51:05:91:58:b4:2b:60:db:9a:c2:
         05:00:f5:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt/FagAu6B8AOpq21Tlna1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YTM1MGQ5ZmU0ZTlmOTBmZjNlODRlMmY5NjBjYjVkYzNk
NmNlZTEwHhcNMjYwMTAyMTQyMTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFkNTI0MjgwYTA3YjVhMDBjNWQxN2MzNDdkNjBlMzdkOWNmMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+UnmrFk9Mpb9pdHrrhMMPsRp5uo
/NBQ+YXihDYR0wd8aYICfn5noM/jUDL86AfCF419HWO31+IYPYXDM/ELLsAFqMeB
JttUTcjQPLyOef4hMcZ2qJx6b3RNGVyGNoyGffXmUaXwmYyln028mEF58xPIMo+r
Id77FtgF7CV2YyqWGIqWslRFSZ1dRvmHAve4q02b20m72DwZ8gZWHRPz7NalT76j
QCI2U0ySXV8EOvTedckC12VPWeAUBQCnECsduViYZxf/RloTZGCOr+aqnA5jEB7a
Z9bZFaOZbDOhABu8HNw2BQLJ30ECKiUeLEPFpN8xAKeRejCY4wtpOStLqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPsdUkKAoHtaAMXRfDR9YON9nPL+MB8GA1UdIwQY
MBaAFHejUNn+Tp+Q/z6E4vlgy13D1s7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDZOUTJmNU9uNURfUG9UaS1XRExYY1BXenVFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84YmM0NGItNWQ1YS00YjU0LWFiOTEt
ZGExYzUxNWU1YjI5LzEvMS14MVNRb0NnZTFvQXhkRjhOSDFnNDMyYzh2NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvOGJjNDRiLTVkNWEtNGI1NC1hYjkxLWRhMWM1MTVlNWIy
OS8xL2Q2TlEyZjVPbjVEX1BvVGktV0RMWGNQV3p1RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEF/jAN
BgkqhkiG9w0BAQsFAAOCAQEAor0cDCDzgfaGlQateX98JIHY5nPeyb7PdhGTSMoz
3QeWKHpWptDhKmi9EgZHnTsOadrU+6ennX9VF7vDudReC6mfrNdLxpVDhDo96USF
+UNA1iMN1Y/9OsKkbQ3jkozSu6gUFL4TSRI1xqKo/tX8SkwsnA6jYyLvXsWwEM1P
zipZx3PZv1MWUATGO+Q7qkp2VVyPP/eFiSxy14kyp40Fq88lKQA3+NR9jPe6L2kS
ul1WTEEx+T+MxvM/yuoMhTXiOBYLfOoGTyplQRELBKK8cvGpIFk4wxFyZ8+vEvic
CsAQ+5LUep4FhES2cS400UaBEaVRBZFYtCtg25rCBQD1rQ==
-----END CERTIFICATE-----
Generated at Sun Jan 25 17:22:18 2026 by rpki-client