This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/UCPHMmyCJR4JmPeGnCgq8nfbn60.roa
File:                     UCPHMmyCJR4JmPeGnCgq8nfbn60.roa (raw, json)
Hash identifier:          p5d6kd0pgtOUZ1UeSMMJANP3mYr/gpl0DKc8A48nhnk=
Subject key identifier:   50:23:C7:32:6C:82:25:1E:09:98:F7:86:9C:28:2A:F2:77:DB:9F:AD
Certificate issuer:       /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial:       019B79ED5DFAAC1C7D948360471761068C45
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/UCPHMmyCJR4JmPeGnCgq8nfbn60.roa
Signing time:             Thu 01 Jan 2026 14:19:17 +0000
ROA not before:           Thu 01 Jan 2026 14:19:17 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211299
IP address blocks:        2a0e:e704:70::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:5d:fa:ac:1c:7d:94:83:60:47:17:61:06:8c:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
        Validity
            Not Before: Jan  1 14:19:17 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5023c7326c82251e0998f7869c282af277db9fad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:39:0d:67:74:31:2e:5e:70:5b:28:60:3d:09:
                    30:d0:d6:30:e2:a6:a7:09:49:6b:32:15:32:49:d3:
                    ca:0a:ee:d7:e4:c3:69:d5:d1:aa:b3:27:d3:26:58:
                    2c:09:f0:19:b9:1f:7d:3a:94:78:4d:e5:97:46:ec:
                    ac:45:da:1a:e5:8b:3e:a7:2e:b9:c6:1d:70:fc:50:
                    e4:d2:da:21:e4:1a:28:a0:92:a2:5b:4e:b7:ee:88:
                    e6:a0:a2:54:06:50:e5:12:5e:e5:61:be:55:74:ca:
                    80:b7:d8:8a:1f:03:73:60:3a:57:0d:2a:2a:6a:f5:
                    69:9c:6e:eb:46:3a:14:2d:ca:ff:17:eb:d1:89:09:
                    08:bb:93:1b:bc:61:c6:3f:04:c1:60:31:91:b3:8e:
                    3c:18:cc:3c:0a:7d:eb:9f:8b:fa:20:eb:03:95:be:
                    7c:ce:a8:e5:9e:85:81:9f:e9:f9:05:67:b4:ec:cf:
                    de:73:fe:c8:57:21:bd:c0:8e:e0:f7:44:f1:45:1d:
                    ec:f2:f4:00:1d:27:e1:48:16:07:8f:69:ee:44:75:
                    c2:13:a3:94:0f:e7:61:f4:80:5b:b6:59:7b:4e:e1:
                    66:4d:14:45:d2:79:cc:a4:9c:87:ed:6d:d2:1e:2a:
                    54:74:6d:9d:29:25:92:94:b7:2c:ed:20:20:b3:6c:
                    53:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:23:C7:32:6C:82:25:1E:09:98:F7:86:9C:28:2A:F2:77:DB:9F:AD
            X509v3 Authority Key Identifier:
                keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/UCPHMmyCJR4JmPeGnCgq8nfbn60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:e704:70::/48

    Signature Algorithm: sha256WithRSAEncryption
         cc:19:09:0c:9b:43:0b:e0:07:d7:38:84:ab:35:91:13:a5:0d:
         a1:7c:1c:e2:f9:0d:3b:15:46:cf:0e:27:57:b0:8e:96:98:a1:
         a0:ae:32:b6:3e:0e:fb:2d:a7:26:fd:77:2b:06:8b:c5:ca:62:
         d1:14:bd:d3:84:00:52:bd:87:1a:7e:76:f8:50:f2:7a:3b:81:
         c5:49:63:49:ac:2c:13:9b:90:58:05:07:18:97:c1:cb:d7:f7:
         8c:e9:55:1a:12:fd:f2:10:e9:86:49:a0:6d:70:d2:e3:e6:af:
         24:82:52:ad:c5:84:91:07:86:54:20:e3:91:5e:a6:6d:ec:c5:
         c6:1e:88:be:3f:f1:b6:78:b8:ce:c0:ec:50:e4:97:31:33:09:
         48:10:aa:48:c5:f9:cd:e2:51:72:f6:68:fd:7d:47:23:f0:13:
         f5:da:00:d9:a2:c4:65:65:70:01:43:c5:be:40:d9:e1:8d:a3:
         52:e7:64:f5:fc:b5:1c:f5:21:fe:59:06:5b:72:3b:b5:7c:55:
         79:3b:66:35:0a:7a:23:21:34:85:d9:2d:e7:78:0a:ea:0b:c6:
         e5:86:3c:a4:d5:59:26:4f:cb:99:3f:27:a5:2a:1f:67:96:1a:
         48:64:af:a4:b6:1e:1b:26:9b:af:14:c2:b7:bc:37:1e:85:4e:
         8b:c3:20:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt57V36rBx9lINgRxdhBoxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjYwMTAxMTQxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDIzYzczMjZjODIyNTFlMDk5OGY3ODY5YzI4MmFmMjc3ZGI5ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDkNZ3QxLl5wWyhgPQkw0NYw4qan
CUlrMhUySdPKCu7X5MNp1dGqsyfTJlgsCfAZuR99OpR4TeWXRuysRdoa5Ys+py65
xh1w/FDk0toh5BoooJKiW0637ojmoKJUBlDlEl7lYb5VdMqAt9iKHwNzYDpXDSoq
avVpnG7rRjoULcr/F+vRiQkIu5MbvGHGPwTBYDGRs448GMw8Cn3rn4v6IOsDlb58
zqjlnoWBn+n5BWe07M/ec/7IVyG9wI7g90TxRR3s8vQAHSfhSBYHj2nuRHXCE6OU
D+dh9IBbtll7TuFmTRRF0nnMpJyH7W3SHipUdG2dKSWSlLcs7SAgs2xT2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFAjxzJsgiUeCZj3hpwoKvJ325+tMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvVUNQSE1teUNKUjRKbVBlR25DZ3E4bmZibjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABw
MA0GCSqGSIb3DQEBCwUAA4IBAQDMGQkMm0ML4AfXOISrNZETpQ2hfBzi+Q07FUbP
DidXsI6WmKGgrjK2Pg77Lacm/XcrBovFymLRFL3ThABSvYcafnb4UPJ6O4HFSWNJ
rCwTm5BYBQcYl8HL1/eM6VUaEv3yEOmGSaBtcNLj5q8kglKtxYSRB4ZUIOORXqZt
7MXGHoi+P/G2eLjOwOxQ5JcxMwlIEKpIxfnN4lFy9mj9fUcj8BP12gDZosRlZXAB
Q8W+QNnhjaNS52T1/LUc9SH+WQZbcju1fFV5O2Y1CnojITSF2S3neArqC8blhjyk
1VkmT8uZPyelKh9nlhpIZK+kth4bJpuvFMK3vDcehU6LwyAR
-----END CERTIFICATE-----