This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/ftINbgTGX7o6dou2oYKs0I7El3k.roa
File:                     ftINbgTGX7o6dou2oYKs0I7El3k.roa (raw, json)
Hash identifier:          jNNcSKLkF+5io94CcEYFYhsKdZJ9Jwyes5nzKJmJiP8=
Subject key identifier:   7E:D2:0D:6E:04:C6:5F:BA:3A:76:8B:B6:A1:82:AC:D0:8E:C4:97:79
Certificate issuer:       /CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Certificate serial:       019B7EA6A6FEDBE90766CF897A61324760C6
Authority key identifier: 1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/ftINbgTGX7o6dou2oYKs0I7El3k.roa
Signing time:             Fri 02 Jan 2026 12:20:09 +0000
ROA not before:           Fri 02 Jan 2026 12:20:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     5602
IP address blocks:        62.100.76.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 18:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a6:a6:fe:db:e9:07:66:cf:89:7a:61:32:47:60:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
        Validity
            Not Before: Jan  2 12:20:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7ed20d6e04c65fba3a768bb6a182acd08ec49779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c2:25:a2:ca:62:bf:64:c6:1e:f8:c1:99:c3:
                    d3:59:ba:99:fa:02:2a:05:db:02:88:f4:47:88:35:
                    2f:31:de:bd:c8:90:59:c5:ce:9c:e6:de:b9:46:0b:
                    21:49:88:8c:49:30:63:aa:f4:78:7a:00:1c:05:55:
                    80:a2:f2:65:1e:92:10:e4:01:28:00:b4:9c:f1:c2:
                    7f:fe:65:55:fb:37:8a:8e:d6:3d:8b:fb:29:ee:bb:
                    5b:fe:df:cb:46:2a:2b:62:71:90:5d:30:08:ee:4d:
                    96:60:60:02:3e:fe:03:f4:59:0d:ed:eb:ed:14:a8:
                    75:26:4f:f3:c2:25:45:3d:bb:d9:8c:ed:e9:0d:8f:
                    a8:e8:12:cb:e3:2d:28:ae:4e:fa:c5:aa:9f:0e:2a:
                    f5:1c:f5:d0:d4:2b:5b:3e:7a:0d:7b:b6:69:10:48:
                    9d:5c:1b:0c:ed:2e:e0:ac:ca:d5:51:ba:5c:b0:63:
                    83:5e:9f:e5:01:74:c5:c4:46:bc:8f:a0:d7:4a:08:
                    af:d7:d7:e9:ac:2f:23:4c:ba:5b:66:5f:6c:9a:89:
                    7c:82:64:58:17:90:e5:0b:b6:3c:ab:7c:72:9d:c9:
                    72:e6:7f:ee:34:16:89:eb:e0:c1:53:8c:47:a1:06:
                    e9:3b:72:08:52:b2:8a:14:4c:70:92:50:5c:23:52:
                    d7:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:D2:0D:6E:04:C6:5F:BA:3A:76:8B:B6:A1:82:AC:D0:8E:C4:97:79
            X509v3 Authority Key Identifier:
                keyid:1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/ftINbgTGX7o6dou2oYKs0I7El3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.100.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:2d:49:7e:3a:89:31:65:b1:12:4e:2b:ea:2a:94:d4:b1:c5:
         a8:65:dc:8e:1d:4c:c4:e3:a7:f0:b1:22:ac:14:08:8b:e3:4f:
         f9:25:63:e3:f7:ae:5a:1f:e0:bf:24:7d:72:c1:4a:d0:0d:3c:
         55:72:17:f2:fb:90:8e:ea:11:cf:bc:02:79:4a:43:28:ac:a7:
         3d:53:4a:48:93:b8:11:22:1e:80:20:f1:4c:2f:db:4b:5c:9a:
         0b:18:79:a5:db:6d:bb:23:82:4a:6c:b6:7b:b3:90:6b:a6:f0:
         ac:e8:16:7a:93:0b:36:20:6b:45:99:b2:3a:e0:91:41:83:93:
         80:32:09:5e:46:f0:2e:26:0c:22:ce:73:c9:f0:3c:08:68:25:
         af:f3:56:6a:06:31:9b:6a:e1:4f:cb:7f:d5:ae:6b:d8:0c:2c:
         3b:52:8e:af:74:ef:4c:58:ee:c1:18:0b:d4:21:57:54:55:9b:
         68:43:bb:31:bd:74:78:b4:0f:2e:2b:92:a6:cb:da:39:ff:0e:
         11:0e:d9:86:d8:62:9f:73:a9:22:71:44:40:0d:a8:63:aa:36:
         9a:f8:15:09:56:7e:7d:14:d4:df:bf:18:e9:84:55:3f:fa:68:
         7c:94:08:ed:e8:69:7c:3d:44:b4:25:c9:62:a6:d1:42:13:16:
         bc:32:0e:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pqb+2+kHZs+JemEyR2DGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzQ5MjdhYjE5NGFlMTIzN2ZkZTJkM2JlZjY5MDM4ODkz
ZjBkYzUwHhcNMjYwMTAyMTIyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQyMGQ2ZTA0YzY1ZmJhM2E3NjhiYjZhMTgyYWNkMDhlYzQ5Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8Ilospiv2TGHvjBmcPTWbqZ+gIq
BdsCiPRHiDUvMd69yJBZxc6c5t65RgshSYiMSTBjqvR4egAcBVWAovJlHpIQ5AEo
ALSc8cJ//mVV+zeKjtY9i/sp7rtb/t/LRiorYnGQXTAI7k2WYGACPv4D9FkN7evt
FKh1Jk/zwiVFPbvZjO3pDY+o6BLL4y0ork76xaqfDir1HPXQ1CtbPnoNe7ZpEEid
XBsM7S7grMrVUbpcsGODXp/lAXTFxEa8j6DXSgiv19fprC8jTLpbZl9smol8gmRY
F5DlC7Y8q3xyncly5n/uNBaJ6+DBU4xHoQbpO3IIUrKKFExwklBcI1LXqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH7SDW4Exl+6OnaLtqGCrNCOxJd5MB8GA1UdIwQY
MBaAFB/EknqxlK4SN/3i0772kDiJPw3FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhTU2VyR1VyaEkzX2VMVHZ2YVFPSWtfRGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85NDNkNWQtNTYwYy00MzE0LWFmODIt
OGI4YTAxYmQ3NDE0LzEvZnRJTmJnVEdYN282ZG91Mm9ZS3MwSTdFbDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85NDNkNWQtNTYwYy00MzE0LWFmODItOGI4YTAxYmQ3NDE0
LzEvSDhTU2VyR1VyaEkzX2VMVHZ2YVFPSWtfRGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPmRMMA0G
CSqGSIb3DQEBCwUAA4IBAQCQLUl+OokxZbESTivqKpTUscWoZdyOHUzE46fwsSKs
FAiL40/5JWPj965aH+C/JH1ywUrQDTxVchfy+5CO6hHPvAJ5SkMorKc9U0pIk7gR
Ih6AIPFML9tLXJoLGHml2227I4JKbLZ7s5BrpvCs6BZ6kws2IGtFmbI64JFBg5OA
MgleRvAuJgwiznPJ8DwIaCWv81ZqBjGbauFPy3/VrmvYDCw7Uo6vdO9MWO7BGAvU
IVdUVZtoQ7sxvXR4tA8uK5Kmy9o5/w4RDtmG2GKfc6kicURADahjqjaa+BUJVn59
FNTfvxjphFU/+mh8lAjt6Gl8PUS0JcliptFCExa8Mg6m
-----END CERTIFICATE-----