This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-isHNNsdA4uqRcKqfvZW4lGXhvU.roa
File:                     1-isHNNsdA4uqRcKqfvZW4lGXhvU.roa (raw, json)
Hash identifier:          dUbgcehjOBZtlP9XqWvkh/huKDNXzThJC32ZbtnvHFs=
Subject key identifier:   FA:2B:07:34:DB:1D:03:8B:AA:45:C2:AA:7E:F6:56:E2:51:97:86:F5
Certificate issuer:       /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial:       019B790FFC47713BD1380FFDDB0B2F892D40
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-isHNNsdA4uqRcKqfvZW4lGXhvU.roa
Signing time:             Thu 01 Jan 2026 10:17:29 +0000
ROA not before:           Thu 01 Jan 2026 10:17:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     60218
IP address blocks:        185.32.64.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:0f:fc:47:71:3b:d1:38:0f:fd:db:0b:2f:89:2d:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
        Validity
            Not Before: Jan  1 10:17:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fa2b0734db1d038baa45c2aa7ef656e2519786f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:56:4d:51:9e:49:bc:d3:e8:c3:25:6b:70:64:
                    b7:e5:2c:56:a0:86:46:62:94:85:99:36:31:48:2e:
                    21:f9:b1:59:c6:3f:b0:76:6a:fc:7e:22:5c:1e:89:
                    fb:e6:9f:1b:42:92:d1:d9:d2:d5:e1:11:e5:1a:b8:
                    60:98:b2:a2:e6:8f:be:02:58:57:0f:89:13:dd:4b:
                    87:56:47:5e:6e:b9:db:67:69:4d:86:89:c6:26:a4:
                    c6:55:02:dc:03:72:87:26:27:4f:0b:03:22:10:09:
                    f7:6e:c2:b6:09:1d:ab:5d:f8:e5:70:63:c8:9d:85:
                    67:1d:dc:8a:1b:d2:12:ad:a8:77:2b:6f:68:1e:21:
                    00:92:00:08:f2:0b:27:17:03:88:34:d7:b3:e5:a5:
                    04:9d:e5:dd:9e:57:00:d2:c0:4f:23:e4:09:54:04:
                    99:9d:d6:7c:eb:e7:2c:c6:f4:73:3a:d8:63:f8:66:
                    d2:52:44:88:94:06:df:ee:d6:c5:ab:70:ce:21:47:
                    12:32:9e:9b:3a:4d:bf:9b:c9:88:94:04:4e:2c:da:
                    43:a4:d5:b6:48:0c:8e:48:8d:a7:51:4e:3f:17:7f:
                    0d:d7:87:c1:be:e3:4c:ae:2b:fc:4f:eb:59:de:0a:
                    a9:f5:e1:fa:5c:7f:06:1c:b7:f4:82:65:09:84:62:
                    8a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:2B:07:34:DB:1D:03:8B:AA:45:C2:AA:7E:F6:56:E2:51:97:86:F5
            X509v3 Authority Key Identifier:
                keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-isHNNsdA4uqRcKqfvZW4lGXhvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.32.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:eb:21:02:e4:3a:74:19:f7:3d:9c:04:ec:83:65:62:cc:e4:
         60:7b:2f:35:10:19:24:23:d8:0d:ab:c4:3e:4c:e3:f9:13:da:
         e3:d0:70:3e:30:1b:13:cc:62:99:7e:bf:6e:6a:08:fa:9d:ac:
         5a:40:84:4d:31:f2:2e:0e:b3:79:9c:e0:29:65:eb:2c:2e:6a:
         7f:5a:ab:77:b5:14:09:73:6f:3a:cd:d4:cb:18:96:b2:f9:7e:
         39:01:4b:a8:0a:aa:96:6d:44:e5:e3:6b:7f:eb:30:fe:d7:24:
         e3:f0:77:23:c1:ef:4f:54:83:28:72:7b:d6:0b:15:45:90:84:
         83:c2:bc:ed:24:3a:0a:5d:18:3b:2e:b5:34:82:4d:fe:44:e5:
         58:22:51:b6:21:07:e4:88:d7:61:28:57:81:ab:b6:14:e8:8d:
         7a:ca:3b:fc:b3:4d:0d:7d:80:6f:71:53:f7:60:5b:89:93:e1:
         0b:8b:93:40:0e:b0:89:d3:f3:8f:da:22:75:90:5f:7b:2d:51:
         0a:23:d4:40:37:53:85:bf:0d:6f:04:2e:57:4e:3a:33:6e:5a:
         49:f9:ce:e2:f8:bc:e8:3a:0b:25:48:ea:5d:80:8c:47:1a:c2:
         f0:12:bb:cc:b1:a6:2f:2b:4b:f8:07:ed:ad:ec:2d:a8:0a:31:
         fa:48:b4:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt5D/xHcTvROA/92wsviS1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjYwMTAxMTAxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJiMDczNGRiMWQwMzhiYWE0NWMyYWE3ZWY2NTZlMjUxOTc4NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11ZNUZ5JvNPowyVrcGS35SxWoIZG
YpSFmTYxSC4h+bFZxj+wdmr8fiJcHon75p8bQpLR2dLV4RHlGrhgmLKi5o++AlhX
D4kT3UuHVkdebrnbZ2lNhonGJqTGVQLcA3KHJidPCwMiEAn3bsK2CR2rXfjlcGPI
nYVnHdyKG9ISrah3K29oHiEAkgAI8gsnFwOINNez5aUEneXdnlcA0sBPI+QJVASZ
ndZ86+csxvRzOthj+GbSUkSIlAbf7tbFq3DOIUcSMp6bOk2/m8mIlAROLNpDpNW2
SAyOSI2nUU4/F38N14fBvuNMriv8T+tZ3gqp9eH6XH8GHLf0gmUJhGKKSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPorBzTbHQOLqkXCqn72VuJRl4b1MB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvMS1pc0hOTnNkQTR1cVJjS3FmdlpXNGxHWGh2VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvN2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4
My8xL0w1UFR1aGxfWE9NSmlfcDNBTFE0Vk9xb0RwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAn+shAuQ6dBn3PZwE7INlYszkYHsvNRAZJCPYDavE
Pkzj+RPa49BwPjAbE8ximX6/bmoI+p2sWkCETTHyLg6zeZzgKWXrLC5qf1qrd7UU
CXNvOs3UyxiWsvl+OQFLqAqqlm1E5eNrf+sw/tck4/B3I8HvT1SDKHJ71gsVRZCE
g8K87SQ6Cl0YOy61NIJN/kTlWCJRtiEH5IjXYShXgau2FOiNeso7/LNNDX2Ab3FT
92BbiZPhC4uTQA6widPzj9oidZBfey1RCiPUQDdThb8NbwQuV046M25aSfnO4vi8
6DoLJUjqXYCMRxrC8BK7zLGmLytL+AftrewtqAox+ki0LQ==
-----END CERTIFICATE-----
Generated at Sun Jan 25 15:02:30 2026 by rpki-client