This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.pudu.be/repo/pudu/1/323030313a3637633a6238383a3a2f34382d3438203d3e20323130373631.roa
File:                     323030313a3637633a6238383a3a2f34382d3438203d3e20323130373631.roa (raw, json)
Hash identifier:          gCkKOnxFjxxQuyxsmkIuFDYUOSkhKIumzrDy3kvYaVo=
Subject key identifier:   10:1D:67:96:72:D8:80:B1:FA:4B:AA:8B:7A:4E:94:A6:99:41:8F:FA
Certificate issuer:       /CN=cf7dc5a4f702d3dc9d56ea35b9ee202ec549647e
Certificate serial:       6A0623C45416EB7FF47F7063A4F4FFD1C27EC091
Authority key identifier: CF:7D:C5:A4:F7:02:D3:DC:9D:56:EA:35:B9:EE:20:2E:C5:49:64:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z33FpPcC09ydVuo1ue4gLsVJZH4.cer
Subject info access:      rsync://rpki.pudu.be/repo/pudu/1/323030313a3637633a6238383a3a2f34382d3438203d3e20323130373631.roa
Signing time:             Sun 14 Dec 2025 07:24:32 +0000
ROA not before:           Sun 14 Dec 2025 07:19:32 +0000
ROA not after:            Sun 13 Dec 2026 07:24:32 +0000
asID:                     210761
IP address blocks:        2001:67c:b88::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.pudu.be/repo/pudu/1/CF7DC5A4F702D3DC9D56EA35B9EE202EC549647E.crl
                          rsync://rpki.pudu.be/repo/pudu/1/CF7DC5A4F702D3DC9D56EA35B9EE202EC549647E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z33FpPcC09ydVuo1ue4gLsVJZH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 04:07:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:06:23:c4:54:16:eb:7f:f4:7f:70:63:a4:f4:ff:d1:c2:7e:c0:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7dc5a4f702d3dc9d56ea35b9ee202ec549647e
        Validity
            Not Before: Dec 14 07:19:32 2025 GMT
            Not After : Dec 13 07:24:32 2026 GMT
        Subject: CN=101D679672D880B1FA4BAA8B7A4E94A699418FFA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f0:e8:78:75:ca:c5:d5:10:73:2f:e3:df:b0:
                    e4:b5:f1:69:ab:2b:56:a5:05:80:da:79:77:18:98:
                    fb:7b:4b:a0:5d:65:5c:75:b8:24:ae:85:a9:de:61:
                    41:e5:fc:9d:75:16:da:58:4a:e4:06:59:dd:5d:bb:
                    59:79:6b:b5:a1:0c:6d:ba:c0:22:b0:71:1d:85:9c:
                    5d:ff:17:44:72:db:cd:f6:c6:d3:6a:80:34:dd:7f:
                    c6:f4:ca:88:49:91:30:d1:41:88:7f:57:b9:7e:9d:
                    66:74:f4:cc:7b:e6:05:66:56:86:51:a7:17:8c:25:
                    bd:dd:b2:a8:3a:9d:52:95:d5:94:5e:d9:84:cb:86:
                    8d:88:01:5b:fb:22:9b:51:bb:bf:79:08:61:87:f1:
                    38:14:58:01:73:83:71:5f:74:9b:23:21:5f:4e:a4:
                    c7:b4:52:0f:1f:e5:07:f6:53:31:3e:3b:48:b7:d3:
                    15:68:6f:4b:16:2e:94:7a:22:bb:b8:97:fd:e3:ac:
                    70:a1:35:6d:f2:01:ea:f7:75:64:27:85:1b:59:a4:
                    9d:7b:8d:1d:7b:f6:23:c5:5a:7d:44:53:ce:71:c7:
                    7f:89:8a:15:e8:d6:64:59:20:c7:fa:ca:d3:69:4c:
                    45:c4:65:3b:aa:9b:e3:ae:5e:3d:c8:7a:04:3c:36:
                    58:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:1D:67:96:72:D8:80:B1:FA:4B:AA:8B:7A:4E:94:A6:99:41:8F:FA
            X509v3 Authority Key Identifier:
                keyid:CF:7D:C5:A4:F7:02:D3:DC:9D:56:EA:35:B9:EE:20:2E:C5:49:64:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.pudu.be/repo/pudu/1/CF7DC5A4F702D3DC9D56EA35B9EE202EC549647E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z33FpPcC09ydVuo1ue4gLsVJZH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.pudu.be/repo/pudu/1/323030313a3637633a6238383a3a2f34382d3438203d3e20323130373631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:b88::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:85:bc:d8:e5:c3:e4:18:68:2c:27:23:3c:99:61:5b:77:78:
         c3:9f:bf:ab:7c:34:e0:e6:57:cb:8d:9e:d0:a8:53:36:40:3c:
         25:77:c9:be:59:68:13:f3:8c:3c:75:7b:4b:b7:cd:f9:0d:5a:
         2e:f3:cb:d7:51:5e:52:83:26:53:2d:54:42:e9:b5:d2:a0:d5:
         8c:6d:8c:2a:55:bf:af:4a:ad:44:33:6f:ab:2b:de:fa:8a:87:
         3b:ef:26:ed:17:fd:03:3a:4d:54:b8:4a:86:98:d4:d3:2d:0c:
         e9:bc:54:9a:fc:a2:b4:a7:ed:4c:42:1d:77:e3:d7:d7:0d:ef:
         8d:c7:7d:7e:32:f6:bc:25:4e:58:77:c5:bf:91:43:ac:25:47:
         85:09:71:5c:ba:02:3a:c7:fb:70:11:1e:92:4a:56:d8:e1:ef:
         39:45:2e:f7:eb:bd:68:c8:40:00:bc:f3:25:f9:67:c7:d6:af:
         9b:39:dd:3f:a4:00:e0:17:08:0f:a1:18:ef:75:2f:6e:6e:62:
         33:42:35:37:01:95:ca:51:ff:6b:4c:d4:2b:98:35:49:75:3c:
         97:ad:ee:c3:c6:f7:1a:6e:33:a2:e7:6f:db:73:f7:bb:81:94:
         f8:c8:99:a6:31:7a:79:c7:bf:2d:c5:43:5d:91:ce:91:2b:a4:
         56:1f:d2:e6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIUagYjxFQW63/0f3BjpPT/0cJ+wJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2Y3ZGM1YTRmNzAyZDNkYzlkNTZlYTM1YjllZTIwMmVj
NTQ5NjQ3ZTAeFw0yNTEyMTQwNzE5MzJaFw0yNjEyMTMwNzI0MzJaMDMxMTAvBgNV
BAMTKDEwMUQ2Nzk2NzJEODgwQjFGQTRCQUE4QjdBNEU5NEE2OTk0MThGRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq8Oh4dcrF1RBzL+PfsOS18Wmr
K1alBYDaeXcYmPt7S6BdZVx1uCSuhaneYUHl/J11FtpYSuQGWd1du1l5a7WhDG26
wCKwcR2FnF3/F0Ry2832xtNqgDTdf8b0yohJkTDRQYh/V7l+nWZ09Mx75gVmVoZR
pxeMJb3dsqg6nVKV1ZRe2YTLho2IAVv7IptRu795CGGH8TgUWAFzg3FfdJsjIV9O
pMe0Ug8f5Qf2UzE+O0i30xVob0sWLpR6Iru4l/3jrHChNW3yAer3dWQnhRtZpJ17
jR179iPFWn1EU85xx3+JihXo1mRZIMf6ytNpTEXEZTuqm+OuXj3IegQ8Nli9AgMB
AAGjggHXMIIB0zAdBgNVHQ4EFgQUEB1nlnLYgLH6S6qLek6UpplBj/owHwYDVR0j
BBgwFoAUz33FpPcC09ydVuo1ue4gLsVJZH4wDgYDVR0PAQH/BAQDAgeAMF4GA1Ud
HwRXMFUwU6BRoE+GTXJzeW5jOi8vcnBraS5wdWR1LmJlL3JlcG8vcHVkdS8xL0NG
N0RDNUE0RjcwMkQzREM5RDU2RUEzNUI5RUUyMDJFQzU0OTY0N0UuY3JsMGQGCCsG
AQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC96MzNGcFBjQzA5eWRWdW8xdWU0Z0xzVkpaSDQuY2Vy
MH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLnB1ZHUu
YmUvcmVwby9wdWR1LzEvMzIzMDMwMzEzYTM2Mzc2MzNhNjIzODM4M2EzYTJmMzQz
ODJkMzQzODIwM2QzZTIwMzIzMTMwMzczNjMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAuIMA0G
CSqGSIb3DQEBCwUAA4IBAQAVhbzY5cPkGGgsJyM8mWFbd3jDn7+rfDTg5lfLjZ7Q
qFM2QDwld8m+WWgT84w8dXtLt835DVou88vXUV5SgyZTLVRC6bXSoNWMbYwqVb+v
Sq1EM2+rK976ioc77ybtF/0DOk1UuEqGmNTTLQzpvFSa/KK0p+1MQh1349fXDe+N
x31+Mva8JU5Yd8W/kUOsJUeFCXFcugI6x/twER6SSlbY4e85RS73671oyEAAvPMl
+WfH1q+bOd0/pADgFwgPoRjvdS9ubmIzQjU3AZXKUf9rTNQrmDVJdTyXre7Dxvca
bjOi52/bc/e7gZT4yJmmMXp5x78txUNdkc6RK6RWH9Lm
-----END CERTIFICATE-----