This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/hatB16DXDw0_Vm1ySuNMj5Y6auw.roa
File:                     hatB16DXDw0_Vm1ySuNMj5Y6auw.roa (raw, json)
Hash identifier:          hVNkkdPmq+q7XousYHRGOebUzbj6zgU5nS/86C8jF9A=
Subject key identifier:   85:AB:41:D7:A0:D7:0F:0D:3F:56:6D:72:4A:E3:4C:8F:96:3A:6A:EC
Certificate issuer:       /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial:       019B797EE09234B3F774A7F6E553F9773C16
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/hatB16DXDw0_Vm1ySuNMj5Y6auw.roa
Signing time:             Thu 01 Jan 2026 12:18:36 +0000
ROA not before:           Thu 01 Jan 2026 12:18:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     16347
IP address blocks:        185.14.179.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 12:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:e0:92:34:b3:f7:74:a7:f6:e5:53:f9:77:3c:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
        Validity
            Not Before: Jan  1 12:18:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=85ab41d7a0d70f0d3f566d724ae34c8f963a6aec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a7:b0:30:c5:11:b4:fc:49:32:aa:24:c1:0c:
                    80:0b:d7:24:ac:22:55:f8:a7:c4:2d:44:fe:0d:6e:
                    1f:33:f2:8f:f0:fd:42:8a:81:73:3e:41:7b:5b:5d:
                    73:d2:76:ec:80:88:59:ea:8f:db:67:04:70:cf:c8:
                    3e:a6:8d:92:e4:f6:60:fe:3a:57:d7:cd:44:59:4a:
                    d4:3b:e2:19:6c:84:d1:a0:2a:b9:06:d2:0e:d8:82:
                    f1:29:e6:86:2c:ab:58:0d:1a:82:64:36:a5:67:ee:
                    4b:81:2c:fe:e1:26:c8:fd:e6:e4:90:d3:53:6c:7a:
                    33:4c:7e:09:1a:0c:94:8a:2e:43:2c:fb:b6:e2:40:
                    65:5d:6e:8f:c2:cf:0c:0f:a6:6b:50:92:57:25:23:
                    ec:7c:ae:c6:eb:64:58:63:f8:4e:21:61:19:a5:cd:
                    b5:de:b2:41:63:c2:8e:a6:09:6a:15:b1:25:91:b5:
                    37:71:b6:9e:0b:30:52:5c:b3:72:e5:9f:6e:22:60:
                    8f:a8:97:85:b5:23:d7:62:d7:8a:6d:52:b1:57:df:
                    86:d2:66:15:43:b6:4b:85:6d:3a:d5:1b:6f:71:13:
                    23:01:01:57:0d:67:12:6d:8e:d5:55:fe:77:3a:d4:
                    9e:64:57:c2:ca:4e:5f:a4:58:b0:fc:93:e2:e0:68:
                    06:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:AB:41:D7:A0:D7:0F:0D:3F:56:6D:72:4A:E3:4C:8F:96:3A:6A:EC
            X509v3 Authority Key Identifier:
                keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/hatB16DXDw0_Vm1ySuNMj5Y6auw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:15:e6:61:fc:31:0a:2b:a6:28:70:e6:3f:2a:cd:d1:9d:6c:
         4b:13:9e:9b:7f:db:b4:b0:e4:f5:b6:03:ab:5f:50:fa:d9:e6:
         14:90:7d:d0:3a:83:d0:07:1e:6c:40:b0:b9:10:c8:5a:b1:00:
         66:26:a4:3a:93:d9:39:15:0a:e3:04:76:e3:42:36:22:53:54:
         61:28:e5:12:e8:f3:9b:65:2c:cb:00:3f:9c:1b:94:2f:cc:b0:
         ab:3f:0c:cf:a9:69:a4:51:8b:bb:a8:78:32:48:59:52:ee:8c:
         48:ce:e9:ad:8f:9e:a2:e0:62:e3:8d:64:95:a8:59:db:61:c7:
         af:52:22:01:78:33:19:5e:50:00:c7:00:a6:6a:f1:84:a9:66:
         40:95:82:85:e9:a5:20:89:ae:1a:10:de:c7:02:bd:30:a8:21:
         09:6d:c9:f0:9d:12:5e:a9:89:08:0b:95:e0:0a:6e:2e:19:08:
         0a:a8:66:c4:26:e8:04:df:aa:a1:e1:79:ca:de:b5:c1:79:77:
         a1:b3:92:51:55:59:88:55:14:f6:29:bd:f6:72:2b:40:d8:57:
         49:a9:d9:7a:08:a0:52:99:c3:ae:b5:31:24:08:2f:de:27:c4:
         e3:c7:15:bc:0b:c2:5a:76:8f:ab:a7:b5:75:b4:29:0d:36:6a:
         55:8f:7a:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fuCSNLP3dKf25VP5dzwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjYwMTAxMTIxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFiNDFkN2EwZDcwZjBkM2Y1NjZkNzI0YWUzNGM4Zjk2M2E2YWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKewMMURtPxJMqokwQyAC9ckrCJV
+KfELUT+DW4fM/KP8P1CioFzPkF7W11z0nbsgIhZ6o/bZwRwz8g+po2S5PZg/jpX
181EWUrUO+IZbITRoCq5BtIO2ILxKeaGLKtYDRqCZDalZ+5LgSz+4SbI/ebkkNNT
bHozTH4JGgyUii5DLPu24kBlXW6Pws8MD6ZrUJJXJSPsfK7G62RYY/hOIWEZpc21
3rJBY8KOpglqFbElkbU3cbaeCzBSXLNy5Z9uImCPqJeFtSPXYteKbVKxV9+G0mYV
Q7ZLhW061RtvcRMjAQFXDWcSbY7VVf53OtSeZFfCyk5fpFiw/JPi4GgGdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWrQdeg1w8NP1ZtckrjTI+WOmrsMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvaGF0QjE2RFhEdzBfVm0xeVN1Tk1qNVk2YXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ6zMA0G
CSqGSIb3DQEBCwUAA4IBAQAbFeZh/DEKK6YocOY/Ks3RnWxLE56bf9u0sOT1tgOr
X1D62eYUkH3QOoPQBx5sQLC5EMhasQBmJqQ6k9k5FQrjBHbjQjYiU1RhKOUS6POb
ZSzLAD+cG5QvzLCrPwzPqWmkUYu7qHgySFlS7oxIzumtj56i4GLjjWSVqFnbYcev
UiIBeDMZXlAAxwCmavGEqWZAlYKF6aUgia4aEN7HAr0wqCEJbcnwnRJeqYkIC5Xg
Cm4uGQgKqGbEJugE36qh4XnK3rXBeXehs5JRVVmIVRT2Kb32citA2FdJqdl6CKBS
mcOutTEkCC/eJ8TjxxW8C8Jado+rp7V1tCkNNmpVj3pd
-----END CERTIFICATE-----