This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/EPMtahwabHgPl-W83_5vNZdf4gw.roa
File:                     EPMtahwabHgPl-W83_5vNZdf4gw.roa (raw, json)
Hash identifier:          0H56HrlbNZtyDi9oYIVx2+vNE4jYkmDivR3ycZsjoTk=
Subject key identifier:   10:F3:2D:6A:1C:1A:6C:78:0F:97:E5:BC:DF:FE:6F:35:97:5F:E2:0C
Certificate issuer:       /CN=45fd3374c7ac3c03778707f367f9148f1fe0390d
Certificate serial:       019B78353EF3C718805E845494A4280E27D7
Authority key identifier: 45:FD:33:74:C7:AC:3C:03:77:87:07:F3:67:F9:14:8F:1F:E0:39:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/EPMtahwabHgPl-W83_5vNZdf4gw.roa
Signing time:             Thu 01 Jan 2026 06:18:34 +0000
ROA not before:           Thu 01 Jan 2026 06:18:34 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8677
IP address blocks:        82.195.32.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 06:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:3e:f3:c7:18:80:5e:84:54:94:a4:28:0e:27:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45fd3374c7ac3c03778707f367f9148f1fe0390d
        Validity
            Not Before: Jan  1 06:18:34 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=10f32d6a1c1a6c780f97e5bcdffe6f35975fe20c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:92:1b:64:02:db:c4:1f:54:7e:f3:83:45:82:
                    1a:02:ef:d5:91:37:d9:03:e3:90:9f:53:57:15:35:
                    f1:c5:0e:4b:bc:fe:72:f8:58:be:fc:2e:2c:9c:0f:
                    ca:00:5a:9f:d1:74:bc:da:b3:97:33:88:f4:14:a2:
                    bd:d1:35:5d:83:b7:48:e2:74:e5:38:09:c7:a2:50:
                    ba:2f:14:a9:da:ae:e1:5e:b9:08:e2:cb:55:f0:ca:
                    91:7b:62:88:19:84:1f:06:cb:23:fd:36:c0:44:b9:
                    4f:02:41:31:03:89:39:55:ab:22:37:a3:7f:53:da:
                    6d:50:19:14:57:dc:d2:1d:9c:e6:23:3a:0c:97:b2:
                    15:18:89:5d:de:3e:f1:aa:97:d4:61:23:46:ca:af:
                    ef:f8:bf:b2:1d:f0:6f:2a:3b:0b:60:a4:0e:34:4c:
                    87:bb:67:75:0c:9f:98:02:fb:a2:3c:0e:16:1e:c9:
                    c4:e1:b9:fa:fb:bc:b8:dc:34:16:9e:a3:fe:83:b0:
                    93:46:0f:ab:50:cf:15:91:16:67:6d:4f:6c:34:8e:
                    b4:c7:19:45:e1:ae:1c:0a:e2:0f:38:98:61:13:d9:
                    f6:5b:87:28:5d:8e:17:bc:12:16:1a:ca:a3:79:e1:
                    2c:44:6f:8c:cd:08:e3:f3:e6:01:c1:09:ab:2e:55:
                    08:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F3:2D:6A:1C:1A:6C:78:0F:97:E5:BC:DF:FE:6F:35:97:5F:E2:0C
            X509v3 Authority Key Identifier:
                keyid:45:FD:33:74:C7:AC:3C:03:77:87:07:F3:67:F9:14:8F:1F:E0:39:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/EPMtahwabHgPl-W83_5vNZdf4gw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.195.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1d:5e:63:f8:f2:c3:47:05:c2:84:bc:16:5d:f9:86:40:91:25:
         f2:89:1a:7d:3d:14:1c:cc:f2:ac:2a:23:23:7f:59:dc:a3:de:
         60:d8:bd:33:98:f2:88:1c:16:b9:20:41:fd:9a:39:8c:a4:17:
         e9:a9:a1:e3:48:1d:6d:f5:50:b6:68:c2:be:54:67:df:74:18:
         6c:83:37:7c:56:a8:a7:9d:90:85:9a:44:7b:a6:ff:52:51:43:
         a3:91:a3:bb:35:cb:1a:3e:fa:86:1f:97:d0:50:7d:42:de:48:
         95:91:b2:bd:22:70:4a:0e:c8:1f:f1:26:52:f5:31:2f:fe:c3:
         38:cd:e0:35:8d:af:1c:e1:61:06:f8:98:d4:20:5c:04:e0:0b:
         49:ed:c3:8a:d1:16:c8:a8:95:e5:63:c1:81:48:56:f4:87:f1:
         b8:cf:1a:68:de:9c:75:ae:84:3c:4a:56:3c:2d:77:53:2d:13:
         92:76:37:5c:f6:44:52:f2:f1:9f:34:e5:de:de:6c:46:e9:aa:
         c9:d5:50:26:29:c2:b5:a4:9c:3f:89:a6:1f:ab:f2:73:2f:2e:
         cd:29:8a:a5:d8:e9:bd:de:18:b5:de:37:14:ba:33:b0:45:bf:
         57:bc:ce:a0:9c:ff:06:ee:6c:f7:00:bb:85:e6:d0:7e:5b:9c:
         b5:50:69:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NT7zxxiAXoRUlKQoDifXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZmQzMzc0YzdhYzNjMDM3Nzg3MDdmMzY3ZjkxNDhmMWZl
MDM5MGQwHhcNMjYwMTAxMDYxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGYzMmQ2YTFjMWE2Yzc4MGY5N2U1YmNkZmZlNmYzNTk3NWZlMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZIbZALbxB9UfvODRYIaAu/VkTfZ
A+OQn1NXFTXxxQ5LvP5y+Fi+/C4snA/KAFqf0XS82rOXM4j0FKK90TVdg7dI4nTl
OAnHolC6LxSp2q7hXrkI4stV8MqRe2KIGYQfBssj/TbARLlPAkExA4k5VasiN6N/
U9ptUBkUV9zSHZzmIzoMl7IVGIld3j7xqpfUYSNGyq/v+L+yHfBvKjsLYKQONEyH
u2d1DJ+YAvuiPA4WHsnE4bn6+7y43DQWnqP+g7CTRg+rUM8VkRZnbU9sNI60xxlF
4a4cCuIPOJhhE9n2W4coXY4XvBIWGsqjeeEsRG+MzQjj8+YBwQmrLlUI+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDzLWocGmx4D5flvN/+bzWXX+IMMB8GA1UdIwQY
MBaAFEX9M3THrDwDd4cH82f5FI8f4DkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmYwemRNZXNQQU4zaHdmelpfa1VqeF9nT1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ODA5YmItMjQ2OC00MWU2LThhNDIt
ZGUyNWNkYzhmMjExLzEvRVBNdGFod2FiSGdQbC1XODNfNXZOWmRmNGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ODA5YmItMjQ2OC00MWU2LThhNDItZGUyNWNkYzhmMjEx
LzEvUmYwemRNZXNQQU4zaHdmelpfa1VqeF9nT1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUsMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAdXmP48sNHBcKEvBZd+YZAkSXyiRp9PRQczPKsKiMj
f1nco95g2L0zmPKIHBa5IEH9mjmMpBfpqaHjSB1t9VC2aMK+VGffdBhsgzd8Vqin
nZCFmkR7pv9SUUOjkaO7NcsaPvqGH5fQUH1C3kiVkbK9InBKDsgf8SZS9TEv/sM4
zeA1ja8c4WEG+JjUIFwE4AtJ7cOK0RbIqJXlY8GBSFb0h/G4zxpo3px1roQ8SlY8
LXdTLROSdjdc9kRS8vGfNOXe3mxG6arJ1VAmKcK1pJw/iaYfq/JzLy7NKYql2Om9
3hi13jcUujOwRb9XvM6gnP8G7mz3ALuF5tB+W5y1UGk5
-----END CERTIFICATE-----