This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/UycNDBh6XIKJ82eOMM9nsWm3RUU.roa
File:                     UycNDBh6XIKJ82eOMM9nsWm3RUU.roa (raw, json)
Hash identifier:          j5CuV0Ecvfd3t9K7/xrfKK4OIBdyHHKPYNpzUJ5l9jc=
Subject key identifier:   53:27:0D:0C:18:7A:5C:82:89:F3:67:8E:30:CF:67:B1:69:B7:45:45
Certificate issuer:       /CN=b68f8f32514a183e977a3c7df36473d56260c4a4
Certificate serial:       019B7F150053E72CDC128720BFD27230640D
Authority key identifier: B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/UycNDBh6XIKJ82eOMM9nsWm3RUU.roa
Signing time:             Fri 02 Jan 2026 14:20:41 +0000
ROA not before:           Fri 02 Jan 2026 14:20:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     1759
IP address blocks:        193.142.26.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 20:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:00:53:e7:2c:dc:12:87:20:bf:d2:72:30:64:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b68f8f32514a183e977a3c7df36473d56260c4a4
        Validity
            Not Before: Jan  2 14:20:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=53270d0c187a5c8289f3678e30cf67b169b74545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:49:d5:58:e6:68:17:7f:49:03:1f:8d:f0:4a:
                    25:7f:6c:39:85:93:8c:01:78:e8:1f:ef:21:ed:1e:
                    44:56:b3:34:c1:1d:75:e6:1c:88:11:c1:62:1e:b2:
                    f5:72:09:2b:4b:10:31:9d:6f:b0:fc:ec:ec:af:0a:
                    e9:3e:fd:71:04:dd:1f:e5:40:5f:22:14:f1:a6:52:
                    d2:02:36:f5:93:42:b4:e3:e2:d8:68:a6:d9:65:3e:
                    27:6e:ce:bf:b7:05:a9:64:87:0e:5e:58:4e:eb:e6:
                    d8:ae:89:ca:77:3e:52:15:03:9a:44:c9:23:6b:db:
                    de:f0:38:13:c6:b9:88:18:f5:ad:dc:fa:c6:53:73:
                    0a:4d:df:e0:db:46:d5:21:ec:4b:ee:43:e7:46:4e:
                    c6:4c:eb:bf:8c:7d:44:a6:79:a8:ad:7d:04:ce:ad:
                    7b:4c:7e:b9:13:2d:b5:a4:20:10:cf:ca:79:3c:23:
                    4f:2f:a6:2a:c7:80:de:8c:50:bc:8e:3f:9e:dc:50:
                    d7:4f:19:83:52:bb:b5:37:82:2b:cb:d2:84:59:ca:
                    93:a1:62:ed:c3:21:23:71:30:42:14:3e:82:47:25:
                    8c:b2:70:0e:a6:af:d8:fd:e0:98:28:0c:59:27:1b:
                    17:59:34:f1:d0:93:d5:2a:9b:f7:70:c9:41:73:6f:
                    a2:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:27:0D:0C:18:7A:5C:82:89:F3:67:8E:30:CF:67:B1:69:B7:45:45
            X509v3 Authority Key Identifier:
                keyid:B6:8F:8F:32:51:4A:18:3E:97:7A:3C:7D:F3:64:73:D5:62:60:C4:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/to-PMlFKGD6Xejx982Rz1WJgxKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/UycNDBh6XIKJ82eOMM9nsWm3RUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3887e4-b598-45e3-8d85-2210ed9d0861/1/to-PMlFKGD6Xejx982Rz1WJgxKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.142.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:b3:76:aa:d7:30:19:c2:36:78:40:58:c8:49:ce:a2:af:36:
         db:70:0c:2c:21:ec:5a:9d:c3:3d:04:76:d1:4d:21:aa:b6:c9:
         34:16:f6:f5:b6:70:b6:5c:cd:3c:18:6b:cc:ab:b2:bc:dc:5b:
         e8:d5:04:82:4d:ce:0d:dd:7f:89:ab:af:e4:db:cc:aa:dc:83:
         86:c3:79:5f:30:44:72:25:aa:42:52:59:09:8b:83:54:74:fc:
         5a:25:41:14:08:37:d5:48:cf:ca:46:d6:8b:8e:fd:e1:24:4f:
         82:39:9e:83:77:8f:b2:c7:39:d2:ee:af:7f:b7:7e:1f:14:27:
         ef:a5:f1:8c:a5:94:e4:9f:80:bc:b0:23:5c:31:5e:f7:ba:46:
         d8:a0:ef:0b:8c:a7:12:31:74:8a:32:c6:6b:e9:eb:06:3f:b1:
         ed:90:80:6a:19:59:04:fe:d9:62:25:65:7f:ba:c5:b5:42:62:
         49:eb:b0:65:8c:7a:28:3e:1e:6f:78:fb:0f:dd:9a:1d:c8:32:
         89:a8:2d:1f:21:16:c5:1f:57:b6:09:17:a4:d7:6e:48:02:29:
         9c:12:b7:80:1d:1b:88:38:57:b7:01:da:fa:55:33:a9:bd:8c:
         d9:8f:1d:7d:d4:10:33:04:ab:37:12:88:8d:61:cf:4d:30:8c:
         d7:72:0e:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FQBT5yzcEocgv9JyMGQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGY4ZjMyNTE0YTE4M2U5NzdhM2M3ZGYzNjQ3M2Q1NjI2
MGM0YTQwHhcNMjYwMTAyMTQyMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzI3MGQwYzE4N2E1YzgyODlmMzY3OGUzMGNmNjdiMTY5Yjc0NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0nVWOZoF39JAx+N8Eolf2w5hZOM
AXjoH+8h7R5EVrM0wR115hyIEcFiHrL1cgkrSxAxnW+w/OzsrwrpPv1xBN0f5UBf
IhTxplLSAjb1k0K04+LYaKbZZT4nbs6/twWpZIcOXlhO6+bYronKdz5SFQOaRMkj
a9ve8DgTxrmIGPWt3PrGU3MKTd/g20bVIexL7kPnRk7GTOu/jH1EpnmorX0Ezq17
TH65Ey21pCAQz8p5PCNPL6Yqx4DejFC8jj+e3FDXTxmDUru1N4Iry9KEWcqToWLt
wyEjcTBCFD6CRyWMsnAOpq/Y/eCYKAxZJxsXWTTx0JPVKpv3cMlBc2+ihwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMnDQwYelyCifNnjjDPZ7Fpt0VFMB8GA1UdIwQY
MBaAFLaPjzJRShg+l3o8ffNkc9ViYMSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUt
MjIxMGVkOWQwODYxLzEvVXljTkRCaDZYSUtKODJlT01NOW5zV20zUlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zODg3ZTQtYjU5OC00NWUzLThkODUtMjIxMGVkOWQwODYx
LzEvdG8tUE1sRktHRDZYZWp4OTgyUnoxV0pneEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY4aMA0G
CSqGSIb3DQEBCwUAA4IBAQACs3aq1zAZwjZ4QFjISc6irzbbcAwsIexancM9BHbR
TSGqtsk0Fvb1tnC2XM08GGvMq7K83Fvo1QSCTc4N3X+Jq6/k28yq3IOGw3lfMERy
JapCUlkJi4NUdPxaJUEUCDfVSM/KRtaLjv3hJE+COZ6Dd4+yxznS7q9/t34fFCfv
pfGMpZTkn4C8sCNcMV73ukbYoO8LjKcSMXSKMsZr6esGP7HtkIBqGVkE/tliJWV/
usW1QmJJ67BljHooPh5vePsP3ZodyDKJqC0fIRbFH1e2CRek125IAimcEreAHRuI
OFe3Adr6VTOpvYzZjx191BAzBKs3EoiNYc9NMIzXcg4c
-----END CERTIFICATE-----
Generated at Mon Jan 26 04:40:43 2026 by rpki-client