This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/XxtWaMM5sBfFC2sC8FpjDL8Ge7Y.roa
File:                     XxtWaMM5sBfFC2sC8FpjDL8Ge7Y.roa (raw, json)
Hash identifier:          HWIQrBtT9vbpCee5Xkd6bp75O2LIMTf2r4JmS0NQHJ4=
Subject key identifier:   5F:1B:56:68:C3:39:B0:17:C5:0B:6B:02:F0:5A:63:0C:BF:06:7B:B6
Certificate issuer:       /CN=73a1b76664717e2a4d2e5cf2bde3b9731907f8c2
Certificate serial:       019B7A599C578F1601D6A06FCE4F1F160041
Authority key identifier: 73:A1:B7:66:64:71:7E:2A:4D:2E:5C:F2:BD:E3:B9:73:19:07:F8:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c6G3ZmRxfipNLlzyveO5cxkH-MI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/XxtWaMM5sBfFC2sC8FpjDL8Ge7Y.roa
Signing time:             Thu 01 Jan 2026 16:17:31 +0000
ROA not before:           Thu 01 Jan 2026 16:17:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     29695
IP address blocks:        193.160.148.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/c6G3ZmRxfipNLlzyveO5cxkH-MI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/c6G3ZmRxfipNLlzyveO5cxkH-MI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c6G3ZmRxfipNLlzyveO5cxkH-MI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 15:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:59:9c:57:8f:16:01:d6:a0:6f:ce:4f:1f:16:00:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73a1b76664717e2a4d2e5cf2bde3b9731907f8c2
        Validity
            Not Before: Jan  1 16:17:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5f1b5668c339b017c50b6b02f05a630cbf067bb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:50:f0:2d:b7:f4:b0:6b:b4:10:c5:1b:8c:06:
                    24:98:20:15:c6:71:0b:79:e9:6e:f1:0b:71:50:39:
                    ff:4b:75:4d:92:bf:85:2e:cc:15:9f:f5:0b:91:fa:
                    6e:e8:6e:31:06:c5:c2:c9:b5:05:e1:54:e1:01:d4:
                    b2:d4:e9:84:0e:c5:96:59:ae:5e:e0:9c:e5:93:a9:
                    0d:55:07:42:4b:d1:d1:48:a1:1b:95:45:3d:d0:32:
                    2c:b4:6f:c2:58:2f:25:22:be:64:a5:a6:6b:b7:e5:
                    36:62:b9:92:b5:b0:3e:ee:1a:14:25:d3:b4:eb:35:
                    a0:fc:81:e6:0c:91:aa:ca:c6:dd:62:a4:0b:4b:18:
                    16:39:c1:5e:70:60:fd:48:69:79:45:49:58:b2:b9:
                    b9:0a:93:e4:62:d5:9e:52:71:cf:3f:df:2c:53:c3:
                    6a:0d:8e:2d:0f:84:cf:0d:69:94:36:b2:7e:43:df:
                    3b:57:20:35:1a:aa:78:db:1d:a2:b8:55:33:d9:c7:
                    9b:5e:16:78:ea:ea:96:7f:ff:cc:48:58:57:9c:91:
                    04:c5:99:e3:bf:14:db:6c:ca:d7:d1:91:df:82:42:
                    e0:bf:8a:ad:22:b0:47:75:5b:8f:a0:6b:f2:9b:80:
                    0c:1a:0e:95:3c:e1:d2:93:dc:0e:ac:89:a8:63:62:
                    58:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:1B:56:68:C3:39:B0:17:C5:0B:6B:02:F0:5A:63:0C:BF:06:7B:B6
            X509v3 Authority Key Identifier:
                keyid:73:A1:B7:66:64:71:7E:2A:4D:2E:5C:F2:BD:E3:B9:73:19:07:F8:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6G3ZmRxfipNLlzyveO5cxkH-MI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/XxtWaMM5sBfFC2sC8FpjDL8Ge7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3d2415-8133-40a0-9d8c-a6319ab179bf/1/c6G3ZmRxfipNLlzyveO5cxkH-MI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.160.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:9c:4e:f8:20:af:7a:f0:6d:5f:e6:e6:88:c7:36:f2:c3:a6:
         ba:ea:6e:ab:64:45:e9:25:5c:7d:46:89:e5:a9:dd:a9:5f:3d:
         f7:4c:93:64:39:95:0f:68:0a:82:2c:30:15:25:81:2d:a7:76:
         94:ad:65:23:93:d1:0a:6a:85:ca:74:f6:12:5d:cf:c3:01:59:
         68:ef:68:9c:2a:3c:ce:06:05:e3:33:0f:19:32:f7:51:64:6c:
         a9:fd:2a:11:88:65:ec:12:0e:d5:dd:46:4e:aa:67:f0:fa:53:
         8e:1e:b4:3b:7d:d5:4d:1f:28:3b:2d:df:15:3d:28:75:b8:f9:
         80:c7:cb:72:54:0f:3a:57:68:69:02:60:5d:8d:bd:37:10:41:
         7e:20:a5:f7:b1:6c:e0:b2:bd:31:c2:b3:a5:98:3c:0a:89:17:
         fe:cb:ec:de:bb:d1:cc:27:58:04:50:c0:6c:00:c1:7c:9b:9f:
         8e:74:62:78:f3:c4:ad:df:a3:16:1d:3f:66:41:0a:16:52:e2:
         6e:07:7e:ff:e3:51:62:31:df:1a:89:2d:39:a8:0b:00:c6:b3:
         0c:c6:28:5f:e0:e6:da:55:4d:7f:c6:ba:a1:cf:72:62:47:7f:
         38:c3:79:eb:83:61:32:0e:f0:1f:e7:3a:50:af:a5:db:d9:54:
         97:f4:9c:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6WZxXjxYB1qBvzk8fFgBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYTFiNzY2NjQ3MTdlMmE0ZDJlNWNmMmJkZTNiOTczMTkw
N2Y4YzIwHhcNMjYwMTAxMTYxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFiNTY2OGMzMzliMDE3YzUwYjZiMDJmMDVhNjMwY2JmMDY3YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1DwLbf0sGu0EMUbjAYkmCAVxnEL
eelu8QtxUDn/S3VNkr+FLswVn/ULkfpu6G4xBsXCybUF4VThAdSy1OmEDsWWWa5e
4Jzlk6kNVQdCS9HRSKEblUU90DIstG/CWC8lIr5kpaZrt+U2YrmStbA+7hoUJdO0
6zWg/IHmDJGqysbdYqQLSxgWOcFecGD9SGl5RUlYsrm5CpPkYtWeUnHPP98sU8Nq
DY4tD4TPDWmUNrJ+Q987VyA1Gqp42x2iuFUz2cebXhZ46uqWf//MSFhXnJEExZnj
vxTbbMrX0ZHfgkLgv4qtIrBHdVuPoGvym4AMGg6VPOHSk9wOrImoY2JYnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8bVmjDObAXxQtrAvBaYwy/Bnu2MB8GA1UdIwQY
MBaAFHOht2ZkcX4qTS5c8r3juXMZB/jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzZHM1ptUnhmaXBOTGx6eXZlTzVjeGtILU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zZDI0MTUtODEzMy00MGEwLTlkOGMt
YTYzMTlhYjE3OWJmLzEvWHh0V2FNTTVzQmZGQzJzQzhGcGpETDhHZTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zZDI0MTUtODEzMy00MGEwLTlkOGMtYTYzMTlhYjE3OWJm
LzEvYzZHM1ptUnhmaXBOTGx6eXZlTzVjeGtILU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaCUMA0G
CSqGSIb3DQEBCwUAA4IBAQBunE74IK968G1f5uaIxzbyw6a66m6rZEXpJVx9Ronl
qd2pXz33TJNkOZUPaAqCLDAVJYEtp3aUrWUjk9EKaoXKdPYSXc/DAVlo72icKjzO
BgXjMw8ZMvdRZGyp/SoRiGXsEg7V3UZOqmfw+lOOHrQ7fdVNHyg7Ld8VPSh1uPmA
x8tyVA86V2hpAmBdjb03EEF+IKX3sWzgsr0xwrOlmDwKiRf+y+zeu9HMJ1gEUMBs
AMF8m5+OdGJ488St36MWHT9mQQoWUuJuB37/41FiMd8aiS05qAsAxrMMxihf4Oba
VU1/xrqhz3JiR384w3nrg2EyDvAf5zpQr6Xb2VSX9JwF
-----END CERTIFICATE-----