This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/HBpn81d4cG4_UILVsdO8exzlDsY.roa
File:                     HBpn81d4cG4_UILVsdO8exzlDsY.roa (raw, json)
Hash identifier:          kRgmgXZK5yKUe+saBJuegm6bkvNmijxbzes8bqH8BJE=
Subject key identifier:   1C:1A:67:F3:57:78:70:6E:3F:50:82:D5:B1:D3:BC:7B:1C:E5:0E:C6
Certificate issuer:       /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial:       019B7B365C327C101345576B1C1CE73822B2
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/HBpn81d4cG4_UILVsdO8exzlDsY.roa
Signing time:             Thu 01 Jan 2026 20:18:38 +0000
ROA not before:           Thu 01 Jan 2026 20:18:38 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     202243
IP address blocks:        77.74.204.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:5c:32:7c:10:13:45:57:6b:1c:1c:e7:38:22:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
        Validity
            Not Before: Jan  1 20:18:38 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1c1a67f35778706e3f5082d5b1d3bc7b1ce50ec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a5:d7:26:57:4d:af:9d:95:1c:fe:1f:ab:33:
                    4b:ee:d6:dc:1a:f5:2a:a7:b1:f2:6b:ae:f4:73:db:
                    c5:3b:d9:28:4b:e4:69:12:10:e2:c7:b5:04:40:cc:
                    fd:ed:84:5b:f7:1b:c1:8c:79:e3:0e:a6:cf:3e:70:
                    36:64:d3:e5:dd:f7:86:87:6c:b9:c7:78:fe:f2:e6:
                    fd:0c:9c:f0:7e:ab:f7:6a:ae:07:cc:f4:8d:27:d5:
                    1d:ff:b4:a0:9f:c4:5b:ac:b8:19:3c:14:02:dd:6d:
                    ad:25:47:cb:6b:c0:08:e2:14:2d:3d:60:d4:da:b5:
                    09:02:68:56:43:a3:f3:8c:56:b0:54:65:60:11:e6:
                    da:23:22:16:4b:db:e7:a9:5b:45:ce:b1:80:d0:5a:
                    51:28:2f:70:1f:8d:9d:3c:02:9f:66:3f:0c:31:0d:
                    87:5d:57:aa:12:81:38:11:d4:a7:c0:6a:67:88:63:
                    88:75:0b:66:b1:63:13:f5:f9:ba:c2:5c:10:99:83:
                    aa:4d:83:60:87:35:45:91:f6:56:0e:a1:98:38:4b:
                    05:04:b3:0c:ed:ba:3d:bb:99:e0:4f:7e:ca:fb:a0:
                    e5:8c:ac:7a:9f:9c:25:ad:a1:8b:78:20:e5:36:f8:
                    1a:16:9f:2b:0b:00:fc:c7:6f:ba:d1:a1:a4:19:e3:
                    fa:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:1A:67:F3:57:78:70:6E:3F:50:82:D5:B1:D3:BC:7B:1C:E5:0E:C6
            X509v3 Authority Key Identifier:
                keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/HBpn81d4cG4_UILVsdO8exzlDsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:cd:ac:88:02:9b:3a:a2:9b:78:e5:23:d7:11:d4:e7:39:d8:
         09:af:d7:3b:74:7e:19:11:7f:d3:98:e0:47:60:ac:b5:23:34:
         4e:e6:06:8a:6d:47:d1:40:64:a0:0e:38:cd:90:b6:04:86:04:
         6d:35:41:d2:19:b4:43:4b:53:01:9c:a3:e2:21:d2:c7:5b:4d:
         cf:f6:a9:2f:bd:fb:5d:db:c2:61:fb:56:50:05:c0:92:fd:4b:
         bf:6b:ed:fc:0f:a1:b4:9f:96:04:d8:3d:34:60:2f:8d:b6:3d:
         57:19:bb:a0:93:e0:4e:57:b9:e1:53:15:a9:0e:e8:56:be:4a:
         c7:96:aa:30:e8:59:97:f2:4c:19:2a:8f:1d:cd:61:b5:49:9a:
         ef:8a:25:ca:dc:e7:20:57:3e:3c:30:72:45:20:fc:49:7b:76:
         f6:23:40:47:76:63:24:75:20:dc:62:e5:2e:b5:d2:8e:7e:72:
         3b:7c:ff:f3:19:c4:6b:d4:82:d3:77:30:7c:c9:73:97:96:9a:
         13:8a:b6:24:ed:4b:4b:92:4e:7b:b7:1b:93:79:b9:93:0e:13:
         2b:74:f6:6c:24:f8:87:6e:32:07:aa:3c:7d:a3:f4:ca:1a:08:
         42:e1:a8:a1:e2:87:fc:da:ed:86:88:44:39:40:2f:1f:53:97:
         52:e0:29:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NlwyfBATRVdrHBznOCKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjYwMTAxMjAxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFhNjdmMzU3Nzg3MDZlM2Y1MDgyZDViMWQzYmM3YjFjZTUwZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqXXJldNr52VHP4fqzNL7tbcGvUq
p7Hya670c9vFO9koS+RpEhDix7UEQMz97YRb9xvBjHnjDqbPPnA2ZNPl3feGh2y5
x3j+8ub9DJzwfqv3aq4HzPSNJ9Ud/7Sgn8RbrLgZPBQC3W2tJUfLa8AI4hQtPWDU
2rUJAmhWQ6PzjFawVGVgEebaIyIWS9vnqVtFzrGA0FpRKC9wH42dPAKfZj8MMQ2H
XVeqEoE4EdSnwGpniGOIdQtmsWMT9fm6wlwQmYOqTYNghzVFkfZWDqGYOEsFBLMM
7bo9u5ngT37K+6DljKx6n5wlraGLeCDlNvgaFp8rCwD8x2+60aGkGeP6FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwaZ/NXeHBuP1CC1bHTvHsc5Q7GMB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvSEJwbjgxZDRjRzRfVUlMVnNkTzhleHpsRHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTUrMMA0G
CSqGSIb3DQEBCwUAA4IBAQAVzayIAps6opt45SPXEdTnOdgJr9c7dH4ZEX/TmOBH
YKy1IzRO5gaKbUfRQGSgDjjNkLYEhgRtNUHSGbRDS1MBnKPiIdLHW03P9qkvvftd
28Jh+1ZQBcCS/Uu/a+38D6G0n5YE2D00YC+Ntj1XGbugk+BOV7nhUxWpDuhWvkrH
lqow6FmX8kwZKo8dzWG1SZrviiXK3OcgVz48MHJFIPxJe3b2I0BHdmMkdSDcYuUu
tdKOfnI7fP/zGcRr1ILTdzB8yXOXlpoTirYk7UtLkk57txuTebmTDhMrdPZsJPiH
bjIHqjx9o/TKGghC4aih4of82u2GiEQ5QC8fU5dS4CkR
-----END CERTIFICATE-----