This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/7hii_CBkhWFEcR7PBsbgDyXmQ9Y.roa
File:                     7hii_CBkhWFEcR7PBsbgDyXmQ9Y.roa (raw, json)
Hash identifier:          VParP3CSdlBKMMaiiyOgc9apoYvJ3aLSGeumM5G2suQ=
Subject key identifier:   EE:18:A2:FC:20:64:85:61:44:71:1E:CF:06:C6:E0:0F:25:E6:43:D6
Certificate issuer:       /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial:       019B7C129A6F02F3257C7284C163B25ED3FA
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/7hii_CBkhWFEcR7PBsbgDyXmQ9Y.roa
Signing time:             Fri 02 Jan 2026 00:19:12 +0000
ROA not before:           Fri 02 Jan 2026 00:19:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2027
IP address blocks:        80.67.167.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:9a:6f:02:f3:25:7c:72:84:c1:63:b2:5e:d3:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
        Validity
            Not Before: Jan  2 00:19:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ee18a2fc2064856144711ecf06c6e00f25e643d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e5:eb:84:23:4d:7c:53:3e:2f:18:43:66:07:
                    56:e3:f4:a9:89:dc:96:d9:2c:d8:5c:af:da:51:bc:
                    1e:f2:15:df:7e:6f:ae:c7:b4:b1:fc:8d:ff:4d:db:
                    94:98:69:dd:33:07:72:1b:bd:68:4a:e5:f4:c2:f1:
                    77:87:4a:17:48:01:d0:1c:83:cb:9d:fa:37:46:01:
                    c4:ec:aa:2e:b6:48:cb:cb:b2:3a:70:4c:53:2f:57:
                    14:ce:39:81:5e:5b:4a:d9:2f:34:f9:9a:51:73:be:
                    6f:cc:cb:7a:e4:a4:fc:dd:d4:4d:1f:ca:f0:ed:9e:
                    b9:e3:8f:30:7a:3a:f3:1c:08:f6:f0:88:69:17:cb:
                    aa:1b:a6:81:65:e0:95:18:7e:2f:07:6d:3e:7c:63:
                    81:f1:77:47:22:d6:ab:f7:e4:88:83:0d:18:27:58:
                    c7:97:7c:f2:e0:22:ab:b6:aa:80:9e:a0:98:9a:52:
                    40:bd:eb:99:2f:cf:0c:55:3b:82:5c:9a:4d:af:05:
                    62:9d:1d:63:dd:91:7d:58:90:f5:6d:1a:34:2f:2c:
                    90:ce:42:99:bd:d0:18:a9:ba:5b:3f:15:bf:41:f7:
                    16:e0:87:01:95:d0:bb:d4:2c:69:fe:fd:49:16:b9:
                    4b:73:f2:1d:b8:76:6d:bb:e1:90:ff:49:56:d8:a6:
                    36:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:18:A2:FC:20:64:85:61:44:71:1E:CF:06:C6:E0:0F:25:E6:43:D6
            X509v3 Authority Key Identifier:
                keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/7hii_CBkhWFEcR7PBsbgDyXmQ9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.67.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:94:56:aa:6c:e5:5f:0c:ed:47:c9:02:d0:f3:8d:b7:fc:a3:
         e6:cd:74:bb:ef:12:eb:57:6c:13:51:82:9b:c8:ce:48:54:91:
         6e:13:36:93:b1:d0:4c:6e:30:7a:47:f3:1c:9a:ab:da:ce:1d:
         55:6c:23:0b:da:24:a6:b3:26:1d:2e:a0:f1:79:fe:53:ce:05:
         62:bf:77:ef:25:83:68:19:99:6d:fa:ed:01:74:ce:b1:bc:cb:
         a3:d7:97:fa:13:40:ad:22:db:22:9f:3c:6a:61:81:63:2c:61:
         cb:4f:c4:9c:36:9a:83:5c:39:df:1a:51:cc:5c:46:0c:aa:84:
         d6:1b:07:2e:b5:35:65:82:43:18:de:60:fa:c7:84:00:1f:a6:
         63:59:8a:f8:8f:42:7c:eb:76:bb:d7:d7:72:61:40:d9:46:52:
         8c:cc:31:fa:25:db:19:0b:50:c8:f3:3c:6b:7d:2e:84:24:8b:
         0d:e0:c3:7a:19:83:bb:07:5e:32:2c:f1:f6:61:88:48:f2:a9:
         cb:7a:1f:c6:95:e6:fa:ac:81:3d:38:53:99:d8:15:44:8f:0d:
         e0:88:59:fe:ed:7d:cc:d2:81:2f:1f:6d:ca:1a:32:96:9d:82:
         c7:8f:a5:1d:8e:65:bd:c0:0f:c7:af:8d:35:e6:b4:bf:e5:77:
         5c:25:53:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8EppvAvMlfHKEwWOyXtP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjYwMTAyMDAxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE4YTJmYzIwNjQ4NTYxNDQ3MTFlY2YwNmM2ZTAwZjI1ZTY0M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeXrhCNNfFM+LxhDZgdW4/SpidyW
2SzYXK/aUbwe8hXffm+ux7Sx/I3/TduUmGndMwdyG71oSuX0wvF3h0oXSAHQHIPL
nfo3RgHE7KoutkjLy7I6cExTL1cUzjmBXltK2S80+ZpRc75vzMt65KT83dRNH8rw
7Z65448wejrzHAj28IhpF8uqG6aBZeCVGH4vB20+fGOB8XdHItar9+SIgw0YJ1jH
l3zy4CKrtqqAnqCYmlJAveuZL88MVTuCXJpNrwVinR1j3ZF9WJD1bRo0LyyQzkKZ
vdAYqbpbPxW/QfcW4IcBldC71Cxp/v1JFrlLc/IduHZtu+GQ/0lW2KY2+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4YovwgZIVhRHEezwbG4A8l5kPWMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvN2hpaV9DQmtoV0ZFY1I3UEJzYmdEeVhtUTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEOnMA0G
CSqGSIb3DQEBCwUAA4IBAQCplFaqbOVfDO1HyQLQ8423/KPmzXS77xLrV2wTUYKb
yM5IVJFuEzaTsdBMbjB6R/Mcmqvazh1VbCML2iSmsyYdLqDxef5TzgViv3fvJYNo
GZlt+u0BdM6xvMuj15f6E0CtItsinzxqYYFjLGHLT8ScNpqDXDnfGlHMXEYMqoTW
GwcutTVlgkMY3mD6x4QAH6ZjWYr4j0J863a719dyYUDZRlKMzDH6JdsZC1DI8zxr
fS6EJIsN4MN6GYO7B14yLPH2YYhI8qnLeh/Gleb6rIE9OFOZ2BVEjw3giFn+7X3M
0oEvH23KGjKWnYLHj6UdjmW9wA/Hr4015rS/5XdcJVNr
-----END CERTIFICATE-----