This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/ehIM4r7y0MNk_6X7PPB_Xq7ctEo.roa
File:                     ehIM4r7y0MNk_6X7PPB_Xq7ctEo.roa (raw, json)
Hash identifier:          x9UHBy6St0JPZwyF+fAa8ymLClmistFAKiLBfqM/Jyo=
Subject key identifier:   7A:12:0C:E2:BE:F2:D0:C3:64:FF:A5:FB:3C:F0:7F:5E:AE:DC:B4:4A
Certificate issuer:       /CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
Certificate serial:       019B7A5B4E3C8F6BB46F4DA3373AE06DFD7D
Authority key identifier: 1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/ehIM4r7y0MNk_6X7PPB_Xq7ctEo.roa
Signing time:             Thu 01 Jan 2026 16:19:22 +0000
ROA not before:           Thu 01 Jan 2026 16:19:22 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3303
IP address blocks:        2a0d:ed80:101::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:5b:4e:3c:8f:6b:b4:6f:4d:a3:37:3a:e0:6d:fd:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
        Validity
            Not Before: Jan  1 16:19:22 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7a120ce2bef2d0c364ffa5fb3cf07f5eaedcb44a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:45:9e:9e:90:c3:d4:98:d6:a9:9a:88:c9:04:
                    87:9c:2d:b3:2f:c7:b4:fb:7f:9e:67:b5:3e:92:f8:
                    37:91:ec:99:66:a9:fb:cb:7e:d5:c4:ec:8a:5c:5e:
                    80:55:e9:2e:d6:34:53:a7:66:d1:3b:92:6a:4a:5b:
                    73:83:f5:3c:6f:c5:a4:46:76:46:5c:04:b8:58:be:
                    b6:30:8c:0c:90:bb:e7:fc:3c:0d:14:44:9c:f0:17:
                    21:68:f9:94:44:9b:31:39:21:16:9f:93:ee:ce:78:
                    2c:43:eb:40:5c:c8:51:1c:be:5f:e1:d7:95:45:89:
                    f2:fe:6c:89:1a:a0:1e:bf:59:f7:9a:a4:0d:30:f5:
                    7e:ce:d1:eb:1c:34:0e:35:2e:e3:f8:40:1a:06:e7:
                    d9:b8:61:fe:c6:0b:0c:22:a0:21:ce:5e:2d:a2:8c:
                    93:1f:4c:d2:c0:5e:ad:8b:d1:fc:bf:b3:05:1a:4d:
                    59:8d:59:b3:0a:d0:4b:8a:1a:9c:23:42:cd:54:58:
                    c0:0a:9d:8f:32:e1:a5:39:26:cd:4f:a2:d0:b2:b0:
                    5f:5c:e9:27:db:99:a0:f1:5a:5b:8f:e1:fe:82:a8:
                    d5:ff:13:ba:3e:4f:da:f9:c7:35:50:c3:7b:9e:8d:
                    57:5b:2b:3c:65:5e:9a:7a:68:db:9f:e4:f7:8d:ad:
                    7c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:12:0C:E2:BE:F2:D0:C3:64:FF:A5:FB:3C:F0:7F:5E:AE:DC:B4:4A
            X509v3 Authority Key Identifier:
                keyid:1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/ehIM4r7y0MNk_6X7PPB_Xq7ctEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:ed80:101::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:51:97:07:72:44:2e:f1:11:dd:a3:e9:65:e4:e5:7b:0a:34:
         65:5f:50:dc:d4:84:cf:57:97:0b:82:b8:dc:00:0c:47:30:88:
         83:6b:9e:9b:06:64:85:93:78:f2:8e:99:bc:a5:ed:61:02:bd:
         bf:20:73:31:f1:ec:83:b1:a7:77:8c:b2:d0:47:95:db:96:db:
         95:6d:d1:1c:60:ed:c0:0c:f6:f9:40:0a:2e:09:fe:6d:26:8c:
         93:ce:06:f6:3c:52:e8:67:6e:7f:bf:9a:1c:0d:24:c8:b4:07:
         10:0a:7c:f2:78:7e:e1:b7:0b:01:a9:0a:7b:41:41:4b:45:c8:
         b8:c8:ba:76:90:59:8c:af:0f:b1:ab:fb:28:0e:a4:e4:60:15:
         12:73:f7:1c:d9:af:f6:b2:41:0e:fd:f4:e1:c5:05:e6:3e:85:
         f8:fd:f4:f5:32:2f:8a:32:51:97:81:bb:9f:d8:d7:19:7f:bd:
         e7:a5:ca:dd:42:ce:5b:5f:ac:dc:c3:19:e3:90:2d:6b:08:66:
         fe:6c:9e:78:5d:71:00:26:e5:6d:8b:8e:91:85:97:fc:e5:69:
         a7:c4:98:d1:9c:38:4b:3f:7e:80:80:91:a8:76:78:76:7b:a6:
         7d:95:82:96:4d:83:dd:e8:4f:7f:bc:99:e3:f1:83:20:5c:df:
         02:68:86:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt6W048j2u0b02jNzrgbf19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTRiZTc5Yzg5MmI1MzU2YmYxYjdiY2QxMzEzOTdmMmMy
M2FkYzAwHhcNMjYwMTAxMTYxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEyMGNlMmJlZjJkMGMzNjRmZmE1ZmIzY2YwN2Y1ZWFlZGNiNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukWenpDD1JjWqZqIyQSHnC2zL8e0
+3+eZ7U+kvg3keyZZqn7y37VxOyKXF6AVeku1jRTp2bRO5JqSltzg/U8b8WkRnZG
XAS4WL62MIwMkLvn/DwNFESc8BchaPmURJsxOSEWn5PuzngsQ+tAXMhRHL5f4deV
RYny/myJGqAev1n3mqQNMPV+ztHrHDQONS7j+EAaBufZuGH+xgsMIqAhzl4tooyT
H0zSwF6ti9H8v7MFGk1ZjVmzCtBLihqcI0LNVFjACp2PMuGlOSbNT6LQsrBfXOkn
25mg8Vpbj+H+gqjV/xO6Pk/a+cc1UMN7no1XWys8ZV6aemjbn+T3ja183QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHoSDOK+8tDDZP+l+zzwf16u3LRKMB8GA1UdIwQY
MBaAFB1UvnnIkrU1a/G3vNExOX8sI63AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWIt
ODAyYjYzNzZmNzQzLzEvZWhJTTRyN3kwTU5rXzZYN1BQQl9YcTdjdEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWItODAyYjYzNzZmNzQz
LzEvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3tgAEB
MA0GCSqGSIb3DQEBCwUAA4IBAQAFUZcHckQu8RHdo+ll5OV7CjRlX1Dc1ITPV5cL
grjcAAxHMIiDa56bBmSFk3jyjpm8pe1hAr2/IHMx8eyDsad3jLLQR5XbltuVbdEc
YO3ADPb5QAouCf5tJoyTzgb2PFLoZ25/v5ocDSTItAcQCnzyeH7htwsBqQp7QUFL
Rci4yLp2kFmMrw+xq/soDqTkYBUSc/cc2a/2skEO/fThxQXmPoX4/fT1Mi+KMlGX
gbuf2NcZf73npcrdQs5bX6zcwxnjkC1rCGb+bJ54XXEAJuVti46RhZf85WmnxJjR
nDhLP36AgJGodnh2e6Z9lYKWTYPd6E9/vJnj8YMgXN8CaIaq
-----END CERTIFICATE-----