This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/etcUvrpfPKP_RFS8q4I2oRGtIpU.roa
File:                     etcUvrpfPKP_RFS8q4I2oRGtIpU.roa (raw, json)
Hash identifier:          QazyHRaqwRmfbynAWmgSgFTPgoxpLo3PBLZtnvBUmtQ=
Subject key identifier:   7A:D7:14:BE:BA:5F:3C:A3:FF:44:54:BC:AB:82:36:A1:11:AD:22:95
Certificate issuer:       /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial:       019B7B362AF037C4069A0F583244E577282B
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/etcUvrpfPKP_RFS8q4I2oRGtIpU.roa
Signing time:             Thu 01 Jan 2026 20:18:26 +0000
ROA not before:           Thu 01 Jan 2026 20:18:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     12541
IP address blocks:        212.31.198.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:2a:f0:37:c4:06:9a:0f:58:32:44:e5:77:28:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
        Validity
            Not Before: Jan  1 20:18:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7ad714beba5f3ca3ff4454bcab8236a111ad2295
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:5f:b9:ab:ef:56:8f:ec:46:c6:29:c4:bb:20:
                    e4:12:a8:a5:7b:cd:5a:c6:f9:f0:5c:53:c8:70:b8:
                    31:46:78:f0:28:b5:be:7c:19:42:b9:e9:ad:34:93:
                    53:39:92:c5:e3:bd:6b:d9:0f:8f:d3:cd:a1:72:8c:
                    8e:cf:5b:0c:71:96:fe:0b:46:88:5c:32:15:7a:f3:
                    c3:74:58:cb:dd:9a:51:79:f6:bf:b7:fa:e5:43:8b:
                    18:e7:b1:ef:20:a1:d1:7f:60:97:34:c3:9e:82:ed:
                    eb:4e:27:1e:40:9d:18:5f:56:bf:5a:06:8e:a3:02:
                    78:2b:cb:e6:6a:0d:c4:70:71:46:65:04:a6:d7:39:
                    52:ed:1b:a5:c5:60:6f:67:05:bf:3c:8b:31:14:39:
                    0f:3f:8a:c6:84:e4:c1:31:83:86:a6:e3:a8:36:d0:
                    c1:b3:c5:38:d6:81:61:88:0c:3b:53:7a:f0:51:2c:
                    c7:42:a3:c6:72:dd:99:09:69:0c:50:dd:7e:2e:3e:
                    e9:41:8a:85:20:f1:28:f4:28:9c:4a:03:f2:81:ef:
                    31:f7:d7:e3:c8:fc:61:60:f7:b1:05:38:36:b3:1a:
                    7f:fd:0e:da:b0:e7:1b:72:bd:13:af:44:ba:e1:38:
                    5a:75:60:02:f9:81:e9:8b:0d:22:9d:fe:95:23:0b:
                    59:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D7:14:BE:BA:5F:3C:A3:FF:44:54:BC:AB:82:36:A1:11:AD:22:95
            X509v3 Authority Key Identifier:
                keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/etcUvrpfPKP_RFS8q4I2oRGtIpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.31.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:0f:8a:1e:b6:83:80:78:38:9f:28:49:98:de:16:ea:eb:45:
         8b:2b:a1:a0:0f:59:8e:ca:c5:d2:c9:c9:fe:d3:5e:2a:72:54:
         d5:f1:9a:27:c4:9a:31:be:30:21:f7:ab:05:97:c5:bd:ad:ac:
         be:2b:83:e5:8b:cc:c5:52:d1:2b:26:12:10:54:bc:2a:a7:8a:
         92:e8:bf:1b:d3:a7:77:7d:72:c6:1b:46:d1:61:ae:d2:18:40:
         96:f7:e5:99:43:03:d7:f9:23:ea:fe:73:37:7f:c0:c2:a3:9f:
         3f:18:16:13:58:15:99:2e:d9:64:be:16:d5:f1:76:65:4d:5e:
         dc:20:ff:e9:9f:13:c9:a0:da:ab:2f:a0:f1:70:b2:99:1c:39:
         62:16:a6:c4:60:60:5f:6e:4d:cf:68:42:f5:bf:20:9f:42:b1:
         1d:6c:0b:64:39:d0:fa:8e:a3:83:61:57:d4:2b:e3:75:d7:18:
         b8:58:12:27:2c:9b:38:29:cd:c9:d1:f8:fb:a4:8f:c6:03:d9:
         0e:21:f1:c5:73:6f:21:07:5f:25:8e:08:80:37:0c:95:8f:2d:
         47:26:67:63:01:35:69:ae:29:27:94:32:ad:a9:34:85:63:71:
         a1:66:b8:5c:d1:86:5b:ca:31:65:3a:2e:83:b8:51:47:1a:59:
         30:be:99:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NirwN8QGmg9YMkTldygrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjYwMTAxMjAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQ3MTRiZWJhNWYzY2EzZmY0NDU0YmNhYjgyMzZhMTExYWQyMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl+5q+9Wj+xGxinEuyDkEqile81a
xvnwXFPIcLgxRnjwKLW+fBlCuemtNJNTOZLF471r2Q+P082hcoyOz1sMcZb+C0aI
XDIVevPDdFjL3ZpRefa/t/rlQ4sY57HvIKHRf2CXNMOegu3rTiceQJ0YX1a/WgaO
owJ4K8vmag3EcHFGZQSm1zlS7RulxWBvZwW/PIsxFDkPP4rGhOTBMYOGpuOoNtDB
s8U41oFhiAw7U3rwUSzHQqPGct2ZCWkMUN1+Lj7pQYqFIPEo9CicSgPyge8x99fj
yPxhYPexBTg2sxp//Q7asOcbcr0Tr0S64ThadWAC+YHpiw0inf6VIwtZEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrXFL66Xzyj/0RUvKuCNqERrSKVMB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvZXRjVXZycGZQS1BfUkZTOHE0STJvUkd0SXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1B/GMA0G
CSqGSIb3DQEBCwUAA4IBAQA0D4oetoOAeDifKEmY3hbq60WLK6GgD1mOysXSycn+
014qclTV8ZonxJoxvjAh96sFl8W9ray+K4Pli8zFUtErJhIQVLwqp4qS6L8b06d3
fXLGG0bRYa7SGECW9+WZQwPX+SPq/nM3f8DCo58/GBYTWBWZLtlkvhbV8XZlTV7c
IP/pnxPJoNqrL6DxcLKZHDliFqbEYGBfbk3PaEL1vyCfQrEdbAtkOdD6jqODYVfU
K+N11xi4WBInLJs4Kc3J0fj7pI/GA9kOIfHFc28hB18ljgiANwyVjy1HJmdjATVp
riknlDKtqTSFY3GhZrhc0YZbyjFlOi6DuFFHGlkwvplu
-----END CERTIFICATE-----