This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/hB2BZEp3k3snIXX7WqS-RdwWQys.roa
File:                     hB2BZEp3k3snIXX7WqS-RdwWQys.roa (raw, json)
Hash identifier:          8rMtnmtq8bnekYwB36ieFLOQVbfHr0cVP7kSuphbKKc=
Subject key identifier:   84:1D:81:64:4A:77:93:7B:27:21:75:FB:5A:A4:BE:45:DC:16:43:2B
Certificate issuer:       /CN=66306e3acf3eb903cc73973fb62860b663516c93
Certificate serial:       019B78352099E9DE48C57CE2B1F9B77935A3
Authority key identifier: 66:30:6E:3A:CF:3E:B9:03:CC:73:97:3F:B6:28:60:B6:63:51:6C:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/hB2BZEp3k3snIXX7WqS-RdwWQys.roa
Signing time:             Thu 01 Jan 2026 06:18:26 +0000
ROA not before:           Thu 01 Jan 2026 06:18:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     48779
IP address blocks:        80.173.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:20:99:e9:de:48:c5:7c:e2:b1:f9:b7:79:35:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66306e3acf3eb903cc73973fb62860b663516c93
        Validity
            Not Before: Jan  1 06:18:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=841d81644a77937b272175fb5aa4be45dc16432b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:50:91:fa:8e:fe:58:13:0d:e3:a1:17:73:23:
                    89:b2:b0:6d:88:f6:39:b4:f5:cf:72:76:6c:7b:75:
                    92:88:7f:0f:30:83:9a:18:6e:37:fd:36:09:a0:86:
                    6b:ed:58:ba:90:d5:5b:aa:00:92:77:0b:04:da:ea:
                    72:ef:f9:f8:0f:51:34:fe:1c:ec:6a:53:f6:d6:16:
                    94:9d:c5:15:c0:01:75:f9:d5:e7:c5:22:bc:ec:ba:
                    7f:23:b1:bb:fe:9e:ed:6a:d2:3e:05:17:31:23:07:
                    03:86:83:96:a5:46:9f:ae:2a:15:97:54:38:da:eb:
                    12:77:84:15:6e:42:57:a8:49:9c:b1:d9:3a:81:14:
                    02:a3:59:f1:09:24:e2:61:1f:76:4a:a3:99:aa:3c:
                    33:f7:94:92:f0:9e:18:4d:15:f6:81:15:35:b3:81:
                    f8:a2:94:1c:22:93:8d:da:52:1a:5d:b9:39:0d:42:
                    65:b0:e3:20:91:63:80:90:cf:2f:ec:64:0b:91:94:
                    14:48:c9:69:63:49:72:ed:11:d5:8e:b5:d6:5d:8d:
                    e9:c6:9c:ad:b2:7f:4b:dd:29:ba:44:b5:a5:39:a1:
                    35:1e:be:1f:f2:b9:50:d8:9c:c0:96:b5:df:cc:43:
                    47:fd:b6:10:51:b4:eb:04:54:9e:ca:45:87:e9:e4:
                    b3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:1D:81:64:4A:77:93:7B:27:21:75:FB:5A:A4:BE:45:DC:16:43:2B
            X509v3 Authority Key Identifier:
                keyid:66:30:6E:3A:CF:3E:B9:03:CC:73:97:3F:B6:28:60:B6:63:51:6C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/hB2BZEp3k3snIXX7WqS-RdwWQys.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.173.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:1a:43:64:bb:a5:3f:06:76:2f:f4:38:b6:31:96:33:03:70:
         e9:8d:0d:4b:79:85:ef:e8:e9:10:77:1e:15:9b:f2:12:4c:c2:
         bb:90:53:c6:bb:da:77:a2:5a:f5:89:43:02:0c:50:45:24:07:
         17:c4:15:7c:bd:10:87:d0:6d:3d:10:a1:a4:c1:ef:41:92:da:
         2e:b0:55:e7:0e:c2:95:2d:47:84:42:fb:96:35:98:59:92:0a:
         e8:32:53:91:26:16:53:a2:d7:19:20:5b:ef:3a:2f:34:bf:86:
         39:5f:98:46:10:ea:41:ae:a6:58:a4:b7:83:a8:c9:39:60:f4:
         95:dc:eb:3b:ee:22:11:38:42:11:be:8f:d9:cd:48:56:02:fc:
         9f:8f:79:e6:c6:d9:b1:b5:f3:b0:e6:76:27:2f:30:f9:bd:70:
         b4:a1:6c:d1:09:e7:e3:8b:09:db:c6:e5:da:bc:85:80:6b:22:
         bb:21:d5:f1:72:1a:be:7b:e2:03:ff:27:f8:a0:bb:95:f7:fe:
         f8:e6:79:7b:5a:f4:13:22:3b:2f:3b:c5:de:85:c5:ab:fd:98:
         66:4d:e6:62:6c:0a:93:99:90:d4:95:98:e5:eb:03:c8:50:dc:
         cd:45:87:e3:a8:bc:10:68:c9:56:ed:57:11:a0:f7:d3:13:57:
         2e:b4:30:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NSCZ6d5IxXzisfm3eTWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MzA2ZTNhY2YzZWI5MDNjYzczOTczZmI2Mjg2MGI2NjM1
MTZjOTMwHhcNMjYwMTAxMDYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFkODE2NDRhNzc5MzdiMjcyMTc1ZmI1YWE0YmU0NWRjMTY0MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71CR+o7+WBMN46EXcyOJsrBtiPY5
tPXPcnZse3WSiH8PMIOaGG43/TYJoIZr7Vi6kNVbqgCSdwsE2upy7/n4D1E0/hzs
alP21haUncUVwAF1+dXnxSK87Lp/I7G7/p7tatI+BRcxIwcDhoOWpUafrioVl1Q4
2usSd4QVbkJXqEmcsdk6gRQCo1nxCSTiYR92SqOZqjwz95SS8J4YTRX2gRU1s4H4
opQcIpON2lIaXbk5DUJlsOMgkWOAkM8v7GQLkZQUSMlpY0ly7RHVjrXWXY3pxpyt
sn9L3Sm6RLWlOaE1Hr4f8rlQ2JzAlrXfzENH/bYQUbTrBFSeykWH6eSzcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQdgWRKd5N7JyF1+1qkvkXcFkMrMB8GA1UdIwQY
MBaAFGYwbjrPPrkDzHOXP7YoYLZjUWyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmpCdU9zOC11UVBNYzVjX3RpaGd0bU5SYkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82NGRhYmItN2EwMS00MGQ1LWE1ODct
ZWUyN2NiY2E3NDdlLzEvaEIyQlpFcDNrM3NuSVhYN1dxUy1SZHdXUXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82NGRhYmItN2EwMS00MGQ1LWE1ODctZWUyN2NiY2E3NDdl
LzEvWmpCdU9zOC11UVBNYzVjX3RpaGd0bU5SYkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUK3NMA0G
CSqGSIb3DQEBCwUAA4IBAQAHGkNku6U/BnYv9Di2MZYzA3DpjQ1LeYXv6OkQdx4V
m/ISTMK7kFPGu9p3olr1iUMCDFBFJAcXxBV8vRCH0G09EKGkwe9BktousFXnDsKV
LUeEQvuWNZhZkgroMlORJhZTotcZIFvvOi80v4Y5X5hGEOpBrqZYpLeDqMk5YPSV
3Os77iIROEIRvo/ZzUhWAvyfj3nmxtmxtfOw5nYnLzD5vXC0oWzRCefjiwnbxuXa
vIWAayK7IdXxchq+e+ID/yf4oLuV9/745nl7WvQTIjsvO8XehcWr/ZhmTeZibAqT
mZDUlZjl6wPIUNzNRYfjqLwQaMlW7VcRoPfTE1cutDAv
-----END CERTIFICATE-----