This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/h-Wv51tawGDDmzKTTiZygQFK1dI.roa
File:                     h-Wv51tawGDDmzKTTiZygQFK1dI.roa (raw, json)
Hash identifier:          gqUuhqm1O9kzFr7mzHK7ZrQWJPre8M3ei4+B6j2pDcQ=
Subject key identifier:   87:E5:AF:E7:5B:5A:C0:60:C3:9B:32:93:4E:26:72:81:01:4A:D5:D2
Certificate issuer:       /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial:       019B7E39200D217BB1B2E13891ABB17FBF28
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/h-Wv51tawGDDmzKTTiZygQFK1dI.roa
Signing time:             Fri 02 Jan 2026 10:20:31 +0000
ROA not before:           Fri 02 Jan 2026 10:20:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211195
IP address blocks:        185.65.71.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:39:20:0d:21:7b:b1:b2:e1:38:91:ab:b1:7f:bf:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
        Validity
            Not Before: Jan  2 10:20:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=87e5afe75b5ac060c39b32934e267281014ad5d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0f:6f:ee:da:70:9a:45:44:82:6c:21:fd:f8:
                    cc:e4:28:9e:d9:57:0f:5b:cc:e9:3e:50:84:a5:a8:
                    7b:9b:33:28:8e:95:15:18:13:92:a3:2f:9c:35:69:
                    bc:81:22:48:49:21:53:5c:32:d7:f1:e5:ea:0d:1d:
                    57:3c:c3:9f:70:4b:56:5f:74:01:14:2f:98:3d:2e:
                    73:16:91:26:b3:7d:6b:36:f8:7c:94:f1:fc:89:21:
                    93:af:f8:ba:1c:b1:ab:9a:7f:0e:b6:cb:e1:01:a1:
                    2a:39:49:b7:94:7b:40:3f:09:f8:db:f5:7b:40:e0:
                    d7:a5:f2:a8:01:94:69:e0:98:a2:ab:ad:a4:98:db:
                    83:4f:f1:2f:17:46:1f:3b:3f:fa:a3:e1:9c:cf:c9:
                    0b:44:c7:1e:77:90:4d:f1:d7:95:b4:7f:85:83:9f:
                    08:24:80:c6:fc:d0:e5:14:4b:e7:d4:22:99:38:d6:
                    01:98:31:d7:3c:dd:fa:dd:da:c4:69:0c:cb:57:a3:
                    17:69:97:cf:44:c8:1f:05:8e:01:0a:32:f7:95:c6:
                    b2:0d:c7:21:e8:86:1c:93:2a:e5:ea:6b:3b:61:21:
                    7c:ad:f4:be:a3:21:3d:47:08:e8:46:c9:5b:19:a5:
                    5d:af:42:ef:60:9c:65:67:07:34:a8:5a:eb:76:30:
                    e7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:E5:AF:E7:5B:5A:C0:60:C3:9B:32:93:4E:26:72:81:01:4A:D5:D2
            X509v3 Authority Key Identifier:
                keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/h-Wv51tawGDDmzKTTiZygQFK1dI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.65.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:7c:77:98:61:8b:1b:e1:4c:b7:7b:dd:28:57:9f:15:04:a7:
         ac:0a:5d:70:dc:8f:59:ec:fd:d1:db:e1:3b:3c:e2:96:86:b9:
         a3:8b:04:f0:71:ac:1d:7d:04:a5:98:0f:b4:13:bf:a5:89:30:
         2c:7c:4c:5c:8d:b0:f3:bf:3f:84:b2:88:41:14:15:d0:28:e2:
         8a:0b:14:6e:f2:8f:5f:03:f1:92:74:04:90:8f:8c:80:dc:cc:
         6f:2e:24:82:f8:0a:67:2d:a7:e2:23:af:bc:b9:45:97:11:b8:
         b3:f0:45:37:11:bb:58:f0:b3:9b:d4:42:59:12:9e:b8:c3:f6:
         5d:bb:22:31:1f:4d:61:e3:7b:24:47:42:b0:5c:5d:68:69:6a:
         ba:e3:ea:e4:63:68:1a:40:90:ad:ea:02:e7:20:c9:73:24:0e:
         82:cc:13:4b:53:1c:68:be:14:17:c9:c0:63:7e:60:84:e1:6f:
         cb:3f:6c:28:85:51:e8:86:af:6d:a4:2d:5c:86:07:4f:58:39:
         37:44:99:73:dd:85:47:23:89:5b:50:4f:da:6f:03:16:21:25:
         57:fa:7c:03:9e:a4:4c:34:83:ea:36:cf:95:74:1b:2d:76:37:
         5a:36:19:d8:14:d4:7a:8c:b0:55:bf:d1:21:6a:bd:9a:ff:24:
         75:58:d9:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OSANIXuxsuE4kauxf78oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjYwMTAyMTAyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U1YWZlNzViNWFjMDYwYzM5YjMyOTM0ZTI2NzI4MTAxNGFkNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ9v7tpwmkVEgmwh/fjM5Cie2VcP
W8zpPlCEpah7mzMojpUVGBOSoy+cNWm8gSJISSFTXDLX8eXqDR1XPMOfcEtWX3QB
FC+YPS5zFpEms31rNvh8lPH8iSGTr/i6HLGrmn8OtsvhAaEqOUm3lHtAPwn42/V7
QODXpfKoAZRp4Jiiq62kmNuDT/EvF0YfOz/6o+Gcz8kLRMced5BN8deVtH+Fg58I
JIDG/NDlFEvn1CKZONYBmDHXPN363drEaQzLV6MXaZfPRMgfBY4BCjL3lcayDcch
6IYckyrl6ms7YSF8rfS+oyE9RwjoRslbGaVdr0LvYJxlZwc0qFrrdjDn1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIflr+dbWsBgw5syk04mcoEBStXSMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvaC1XdjUxdGF3R0REbXpLVFRpWnlnUUZLMWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUFHMA0G
CSqGSIb3DQEBCwUAA4IBAQBdfHeYYYsb4Uy3e90oV58VBKesCl1w3I9Z7P3R2+E7
POKWhrmjiwTwcawdfQSlmA+0E7+liTAsfExcjbDzvz+EsohBFBXQKOKKCxRu8o9f
A/GSdASQj4yA3MxvLiSC+ApnLafiI6+8uUWXEbiz8EU3EbtY8LOb1EJZEp64w/Zd
uyIxH01h43skR0KwXF1oaWq64+rkY2gaQJCt6gLnIMlzJA6CzBNLUxxovhQXycBj
fmCE4W/LP2wohVHohq9tpC1chgdPWDk3RJlz3YVHI4lbUE/abwMWISVX+nwDnqRM
NIPqNs+VdBstdjdaNhnYFNR6jLBVv9Ehar2a/yR1WNmT
-----END CERTIFICATE-----