This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/HCfgldAudjj-QJp0v9tfxs8SS7s.roa
File:                     HCfgldAudjj-QJp0v9tfxs8SS7s.roa (raw, json)
Hash identifier:          scE7gtW6qWeNCkYq9sEgw17dRXKm9IoFbwhoZjct248=
Subject key identifier:   1C:27:E0:95:D0:2E:76:38:FE:40:9A:74:BF:DB:5F:C6:CF:12:4B:BB
Certificate issuer:       /CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Certificate serial:       019B77C6BD38F833C380D1D0827808A199A6
Authority key identifier: 40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/HCfgldAudjj-QJp0v9tfxs8SS7s.roa
Signing time:             Thu 01 Jan 2026 04:17:51 +0000
ROA not before:           Thu 01 Jan 2026 04:17:51 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     208685
IP address blocks:        92.60.72.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 24 Jan 2026 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:bd:38:f8:33:c3:80:d1:d0:82:78:08:a1:99:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
        Validity
            Not Before: Jan  1 04:17:51 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1c27e095d02e7638fe409a74bfdb5fc6cf124bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f1:94:c1:78:32:89:14:d8:fc:f2:38:05:96:
                    99:ac:69:f6:0b:9b:79:78:90:4c:b6:d5:de:6c:8a:
                    1e:be:fb:2e:c7:09:57:0f:31:65:1f:08:fc:c7:90:
                    44:f7:c5:0a:0d:34:a9:b8:3a:f9:26:85:e9:a5:13:
                    7b:61:a7:31:40:85:a1:73:e0:4c:30:68:1e:74:38:
                    11:fb:14:10:80:26:c8:0f:88:ba:7b:ca:a0:80:dc:
                    7b:a6:f9:6e:3d:73:c5:99:51:2d:40:5f:72:60:80:
                    25:3f:42:06:91:6b:e0:9d:61:93:67:df:09:84:a9:
                    8f:71:a5:1c:2d:76:79:c1:99:d0:e4:ae:28:42:e5:
                    66:fe:a6:50:7b:33:62:ef:0a:15:5e:e7:cd:da:ad:
                    13:ab:bd:37:6e:18:c6:73:80:1b:5e:b9:8a:94:fe:
                    6e:e7:fe:04:cc:de:9c:e6:ab:26:81:54:ef:f4:bf:
                    72:fd:c4:8c:db:c4:02:91:69:e7:df:0c:c7:b4:e1:
                    8d:40:f4:60:47:be:59:10:97:70:4a:cc:ba:d9:bc:
                    49:e4:b4:73:ff:7f:0f:6d:52:2b:f0:b8:65:2a:b3:
                    44:33:23:24:18:ea:e9:f2:cc:b1:bd:48:b9:8f:7f:
                    17:11:b6:15:a7:61:89:45:96:fb:65:c6:85:f4:d8:
                    7b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:27:E0:95:D0:2E:76:38:FE:40:9A:74:BF:DB:5F:C6:CF:12:4B:BB
            X509v3 Authority Key Identifier:
                keyid:40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/HCfgldAudjj-QJp0v9tfxs8SS7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:bc:b5:cd:ff:5f:92:2e:98:88:ba:90:8c:e8:f0:44:93:61:
         2b:8d:4a:6a:e5:38:7d:9b:15:48:90:f2:8f:5b:08:fa:62:9a:
         b3:05:51:e3:74:e5:7a:1e:ad:f7:92:69:83:75:57:57:20:a6:
         ba:ac:70:72:ed:4b:35:db:a9:b6:be:9b:13:05:e6:98:77:a3:
         e7:43:01:16:02:41:f1:f0:49:14:e9:10:6c:f2:e2:fa:a1:37:
         4d:c3:69:06:a2:9e:ee:0a:9b:eb:9f:3d:b3:b1:c8:3f:4a:11:
         69:1b:c3:25:f4:d8:e8:05:a1:b4:10:63:4e:eb:1b:de:92:b1:
         22:74:e0:9a:b5:28:25:a5:06:90:6c:6f:85:16:4b:0d:a8:fc:
         8d:1a:22:da:a5:9c:23:76:0b:8d:02:ab:0a:f1:59:ba:b0:f6:
         23:89:b5:c0:b6:b8:08:0a:60:5c:02:f5:49:6c:08:6f:35:1a:
         55:72:6d:c0:15:07:28:ca:54:d3:2e:4d:32:55:55:96:76:29:
         fa:c1:d6:7e:22:11:a5:f9:f2:6a:51:b0:0f:f5:2c:21:ca:65:
         8f:aa:f9:b9:e9:78:1f:e9:51:41:4e:8b:f1:a2:14:7a:eb:05:
         b6:4d:95:c6:db:45:56:27:e1:ed:d6:9c:1e:d9:c4:79:72:8e:
         df:f7:56:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xr04+DPDgNHQgngIoZmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZGRlNzFiNDFiZmZiMWI1MTZlMDdiMGM2MTM5MWJkZjRk
M2JmMTEwHhcNMjYwMTAxMDQxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI3ZTA5NWQwMmU3NjM4ZmU0MDlhNzRiZmRiNWZjNmNmMTI0YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfGUwXgyiRTY/PI4BZaZrGn2C5t5
eJBMttXebIoevvsuxwlXDzFlHwj8x5BE98UKDTSpuDr5JoXppRN7YacxQIWhc+BM
MGgedDgR+xQQgCbID4i6e8qggNx7pvluPXPFmVEtQF9yYIAlP0IGkWvgnWGTZ98J
hKmPcaUcLXZ5wZnQ5K4oQuVm/qZQezNi7woVXufN2q0Tq703bhjGc4AbXrmKlP5u
5/4EzN6c5qsmgVTv9L9y/cSM28QCkWnn3wzHtOGNQPRgR75ZEJdwSsy62bxJ5LRz
/38PbVIr8LhlKrNEMyMkGOrp8syxvUi5j38XEbYVp2GJRZb7ZcaF9Nh7KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwn4JXQLnY4/kCadL/bX8bPEku7MB8GA1UdIwQY
MBaAFEDd5xtBv/sbUW4HsMYTkb30078RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYt
MmJhZGNlNDY2ODUzLzEvSENmZ2xkQXVkamotUUpwMHY5dGZ4czhTUzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYtMmJhZGNlNDY2ODUz
LzEvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXDxIMA0G
CSqGSIb3DQEBCwUAA4IBAQBsvLXN/1+SLpiIupCM6PBEk2ErjUpq5Th9mxVIkPKP
Wwj6YpqzBVHjdOV6Hq33kmmDdVdXIKa6rHBy7Us126m2vpsTBeaYd6PnQwEWAkHx
8EkU6RBs8uL6oTdNw2kGop7uCpvrnz2zscg/ShFpG8Ml9NjoBaG0EGNO6xvekrEi
dOCatSglpQaQbG+FFksNqPyNGiLapZwjdguNAqsK8Vm6sPYjibXAtrgICmBcAvVJ
bAhvNRpVcm3AFQcoylTTLk0yVVWWdin6wdZ+IhGl+fJqUbAP9SwhymWPqvm56Xgf
6VFBTovxohR66wW2TZXG20VWJ+Ht1pwe2cR5co7f91Yz
-----END CERTIFICATE-----