This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AHUKnErfTdd73p4bYOK90XDEM78.roa
File:                     AHUKnErfTdd73p4bYOK90XDEM78.roa (raw, json)
Hash identifier:          5EaqsItxZ1BQsHU9Kr2YPy6oSupY2lc793z7PhSn48k=
Subject key identifier:   00:75:0A:9C:4A:DF:4D:D7:7B:DE:9E:1B:60:E2:BD:D1:70:C4:33:BF
Certificate issuer:       /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial:       019B7EA494DCD88594E065496B26288AA0E6
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AHUKnErfTdd73p4bYOK90XDEM78.roa
Signing time:             Fri 02 Jan 2026 12:17:53 +0000
ROA not before:           Fri 02 Jan 2026 12:17:53 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     2834
IP address blocks:        193.10.132.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a4:94:dc:d8:85:94:e0:65:49:6b:26:28:8a:a0:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
        Validity
            Not Before: Jan  2 12:17:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=00750a9c4adf4dd77bde9e1b60e2bdd170c433bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:43:0f:ba:2e:88:5c:72:41:64:46:f2:f6:f4:
                    f0:4f:28:98:33:b9:59:42:8c:ce:10:a9:d5:5e:40:
                    2f:fb:83:30:0d:1e:71:12:96:b4:96:70:40:c8:5f:
                    81:43:3a:a3:30:d9:c2:54:2d:ba:05:a7:40:cd:70:
                    d8:ce:e0:67:b2:c0:95:d7:bf:1d:53:6f:de:32:f7:
                    fd:00:7f:52:61:9f:c9:cd:51:31:12:8d:65:5e:f2:
                    9b:78:31:6a:67:4a:cc:e0:d9:01:53:64:2f:fc:97:
                    54:1e:8b:a9:ed:de:b4:16:80:c8:86:72:0c:5d:fd:
                    cc:db:31:e4:79:80:20:b7:cf:0f:a4:e4:47:0d:7e:
                    7b:34:fb:75:35:b2:e2:50:3f:f9:8a:19:67:f9:e4:
                    3a:12:00:bf:85:0a:ae:7f:a4:3e:c1:7c:3f:11:7a:
                    a0:86:06:4f:8a:96:d6:55:06:46:b5:6c:68:1c:21:
                    6d:2f:a7:67:83:e8:f1:29:db:36:38:f9:e9:13:57:
                    c3:e6:e7:69:d7:d4:91:eb:6c:b2:67:55:cd:63:b3:
                    e8:32:0b:f4:2e:be:e9:7b:94:13:85:53:21:30:e5:
                    9f:13:d3:ea:82:ce:5f:eb:18:a3:1d:1e:7b:b2:1e:
                    4e:64:9c:91:10:21:3e:47:eb:ba:75:50:58:21:aa:
                    4e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:75:0A:9C:4A:DF:4D:D7:7B:DE:9E:1B:60:E2:BD:D1:70:C4:33:BF
            X509v3 Authority Key Identifier:
                keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AHUKnErfTdd73p4bYOK90XDEM78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.10.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c6:4d:06:e2:11:25:cb:f9:b1:98:64:27:d0:68:7e:f7:cd:c6:
         7a:f9:90:fe:60:bb:fb:49:ee:b7:be:fe:c3:46:31:c9:70:5d:
         9b:d6:f7:b6:38:5d:80:bf:10:a0:fd:dd:b4:e0:94:15:33:6e:
         7e:e1:d5:39:b3:4b:1d:16:eb:84:67:ab:77:fc:e2:f9:57:fe:
         75:d9:cc:fd:08:1b:d6:10:77:d5:94:29:aa:ec:c4:eb:48:47:
         27:f8:df:3a:62:aa:9e:eb:4c:91:5e:1b:29:70:69:df:30:f5:
         d6:f1:d2:52:ea:2f:45:a0:61:ff:15:31:56:47:80:5b:b6:08:
         cc:0a:5d:71:db:82:87:09:f4:3f:c0:b0:82:aa:55:ee:ff:86:
         fb:70:fb:35:c4:79:6f:c2:f5:7d:55:36:9c:eb:92:24:d3:3f:
         87:3f:90:8d:e7:b3:3e:b2:c6:80:eb:ec:81:73:aa:43:35:4d:
         31:8a:8a:5d:31:ac:b2:2a:fd:97:f5:b5:78:0d:2c:e5:ba:ca:
         21:80:de:2e:f4:a5:ed:56:50:3d:0f:ef:11:26:28:8d:3e:f5:
         ed:62:91:9b:9c:c0:6e:28:93:c3:c0:9c:de:70:c0:84:47:3a:
         be:e6:3e:79:fe:de:b6:e7:fe:3e:a3:6f:2d:23:f9:68:f8:7e:
         f7:79:e1:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+pJTc2IWU4GVJayYoiqDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjYwMTAyMTIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc1MGE5YzRhZGY0ZGQ3N2JkZTllMWI2MGUyYmRkMTcwYzQzM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0MPui6IXHJBZEby9vTwTyiYM7lZ
QozOEKnVXkAv+4MwDR5xEpa0lnBAyF+BQzqjMNnCVC26BadAzXDYzuBnssCV178d
U2/eMvf9AH9SYZ/JzVExEo1lXvKbeDFqZ0rM4NkBU2Qv/JdUHoup7d60FoDIhnIM
Xf3M2zHkeYAgt88PpORHDX57NPt1NbLiUD/5ihln+eQ6EgC/hQquf6Q+wXw/EXqg
hgZPipbWVQZGtWxoHCFtL6dng+jxKds2OPnpE1fD5udp19SR62yyZ1XNY7PoMgv0
Lr7pe5QThVMhMOWfE9Pqgs5f6xijHR57sh5OZJyRECE+R+u6dVBYIapOPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAB1CpxK303Xe96eG2DivdFwxDO/MB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvQUhVS25FcmZUZGQ3M3A0YllPSzkwWERFTTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQqEMA0G
CSqGSIb3DQEBCwUAA4IBAQDGTQbiESXL+bGYZCfQaH73zcZ6+ZD+YLv7Se63vv7D
RjHJcF2b1ve2OF2AvxCg/d204JQVM25+4dU5s0sdFuuEZ6t3/OL5V/512cz9CBvW
EHfVlCmq7MTrSEcn+N86Yqqe60yRXhspcGnfMPXW8dJS6i9FoGH/FTFWR4BbtgjM
Cl1x24KHCfQ/wLCCqlXu/4b7cPs1xHlvwvV9VTac65Ik0z+HP5CN57M+ssaA6+yB
c6pDNU0xiopdMayyKv2X9bV4DSzlusohgN4u9KXtVlA9D+8RJiiNPvXtYpGbnMBu
KJPDwJzecMCERzq+5j55/t625/4+o28tI/lo+H73eeF2
-----END CERTIFICATE-----