This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/eHNuPU6iYgVIfZ9NIp8A3552y-I.roa
File:                     eHNuPU6iYgVIfZ9NIp8A3552y-I.roa (raw, json)
Hash identifier:          AOM1Ajc5ONgwd+E4wuOhZtP8/uws9RFZszPyOYWcL2Q=
Subject key identifier:   78:73:6E:3D:4E:A2:62:05:48:7D:9F:4D:22:9F:00:DF:9E:76:CB:E2
Certificate issuer:       /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial:       019B7A5B9DAC874AC3BD252834E547A5960F
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/eHNuPU6iYgVIfZ9NIp8A3552y-I.roa
Signing time:             Thu 01 Jan 2026 16:19:43 +0000
ROA not before:           Thu 01 Jan 2026 16:19:43 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     58282
IP address blocks:        195.231.224.0/19 maxlen: 29
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:9d:ac:87:4a:c3:bd:25:28:34:e5:47:a5:96:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
        Validity
            Not Before: Jan  1 16:19:43 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=78736e3d4ea26205487d9f4d229f00df9e76cbe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7c:5c:5b:f5:82:2d:88:14:c0:18:1c:b4:29:
                    15:b8:1f:c7:ed:98:ac:cb:6f:a9:4d:56:6e:75:10:
                    28:4f:03:59:ee:ce:1f:2a:02:97:8c:0b:00:e7:eb:
                    ef:87:05:15:24:ba:00:52:c7:42:c8:89:1d:5d:58:
                    77:de:a5:f8:50:f1:36:98:0c:74:c4:45:e2:3e:22:
                    67:a3:a0:63:5c:f3:c9:d7:c9:56:c6:94:f1:bd:1d:
                    e3:64:e7:e6:4c:46:3a:33:1e:13:62:e9:10:ab:96:
                    7f:1e:84:a9:1d:4a:17:95:9d:20:d7:3b:33:46:f4:
                    78:6a:69:4f:7c:4a:d9:4d:2f:4a:47:8b:2b:b3:cc:
                    f9:61:f2:7e:ae:69:5a:e2:1f:35:13:f1:d9:7a:bf:
                    e2:3c:32:f6:e6:26:fc:e6:5c:59:01:15:90:18:35:
                    b6:92:75:a5:07:4f:ad:f3:78:7a:43:b8:7b:30:22:
                    b1:df:eb:b5:31:2e:03:fb:75:bc:02:dc:c5:f8:e9:
                    50:0f:d4:31:09:0d:31:50:39:16:8f:32:47:ac:47:
                    7e:13:c3:13:1a:c0:56:14:48:13:95:b4:71:54:ec:
                    60:0b:8f:d3:09:70:23:ec:5f:c6:bc:e1:a7:4b:f9:
                    4a:68:1a:fa:3a:39:03:3d:f6:99:99:e6:14:c2:02:
                    bd:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:73:6E:3D:4E:A2:62:05:48:7D:9F:4D:22:9F:00:DF:9E:76:CB:E2
            X509v3 Authority Key Identifier:
                keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/eHNuPU6iYgVIfZ9NIp8A3552y-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.231.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         92:71:b2:e2:15:52:26:ac:ed:45:92:98:f5:ac:21:d6:e2:52:
         a5:10:33:3a:e7:0c:39:d0:5e:e1:b3:a5:59:d8:3d:7c:69:97:
         a4:5d:0e:bb:d5:f2:74:75:56:b6:a8:fa:78:e0:d8:dc:0a:4f:
         e7:72:4d:f6:ac:6a:6b:5e:de:58:a0:b4:d6:93:b1:a4:fe:d2:
         57:7f:69:6c:9b:7a:ea:7b:ea:20:36:fc:2d:43:5e:44:95:15:
         bf:d0:4a:4f:7c:5d:33:a4:b7:6e:30:f1:b9:84:a4:9c:54:ef:
         d3:83:30:a6:5d:37:ee:09:0e:6f:b7:da:b4:95:a8:2a:d1:a7:
         6f:1e:bc:e8:e1:64:51:ed:7b:53:29:b8:c3:e5:8a:c7:56:65:
         36:f3:99:e4:58:78:ae:ec:a0:0a:3c:56:84:16:1c:e3:c1:20:
         03:dc:1d:d9:77:e5:e3:79:7d:99:a0:3b:29:fe:42:51:0c:d5:
         ff:58:8d:2e:14:3d:87:f3:21:80:49:53:b0:0c:30:22:74:1b:
         19:f2:2f:a0:50:5b:8d:1f:ef:2f:ba:b2:cf:c8:df:53:60:25:
         b6:e0:a2:58:c9:48:63:03:29:3b:80:8d:40:7b:13:11:79:0c:
         08:23:02:a9:a0:80:e2:3b:a6:71:7b:4a:81:fa:98:36:b2:da:
         b7:8a:53:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6W52sh0rDvSUoNOVHpZYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjYwMTAxMTYxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODczNmUzZDRlYTI2MjA1NDg3ZDlmNGQyMjlmMDBkZjllNzZjYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXxcW/WCLYgUwBgctCkVuB/H7Zis
y2+pTVZudRAoTwNZ7s4fKgKXjAsA5+vvhwUVJLoAUsdCyIkdXVh33qX4UPE2mAx0
xEXiPiJno6BjXPPJ18lWxpTxvR3jZOfmTEY6Mx4TYukQq5Z/HoSpHUoXlZ0g1zsz
RvR4amlPfErZTS9KR4srs8z5YfJ+rmla4h81E/HZer/iPDL25ib85lxZARWQGDW2
knWlB0+t83h6Q7h7MCKx3+u1MS4D+3W8AtzF+OlQD9QxCQ0xUDkWjzJHrEd+E8MT
GsBWFEgTlbRxVOxgC4/TCXAj7F/GvOGnS/lKaBr6OjkDPfaZmeYUwgK9YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHhzbj1OomIFSH2fTSKfAN+edsviMB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvZUhOdVBVNmlZZ1ZJZlo5TklwOEEzNTUyeS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFw+fgMA0G
CSqGSIb3DQEBCwUAA4IBAQCScbLiFVImrO1Fkpj1rCHW4lKlEDM65ww50F7hs6VZ
2D18aZekXQ671fJ0dVa2qPp44NjcCk/nck32rGprXt5YoLTWk7Gk/tJXf2lsm3rq
e+ogNvwtQ15ElRW/0EpPfF0zpLduMPG5hKScVO/TgzCmXTfuCQ5vt9q0lagq0adv
Hrzo4WRR7XtTKbjD5YrHVmU285nkWHiu7KAKPFaEFhzjwSAD3B3Zd+XjeX2ZoDsp
/kJRDNX/WI0uFD2H8yGASVOwDDAidBsZ8i+gUFuNH+8vurLPyN9TYCW24KJYyUhj
Ayk7gI1AexMReQwIIwKpoIDiO6Zxe0qB+pg2stq3ilMr
-----END CERTIFICATE-----