This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/hVCMHbhbfZIv6_XEgHNxBb1iBTg.roa
File:                     hVCMHbhbfZIv6_XEgHNxBb1iBTg.roa (raw, json)
Hash identifier:          +BlQApbHjZb7f8RHAby22GvRQWprbhCIUcnRWldtZiw=
Subject key identifier:   85:50:8C:1D:B8:5B:7D:92:2F:EB:F5:C4:80:73:71:05:BD:62:05:38
Certificate issuer:       /CN=1c0a6f6f3a9ae1da5e5be8752fab18deb28ba614
Certificate serial:       019B7E37878E490372C51F164F4991272F04
Authority key identifier: 1C:0A:6F:6F:3A:9A:E1:DA:5E:5B:E8:75:2F:AB:18:DE:B2:8B:A6:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HApvbzqa4dpeW-h1L6sY3rKLphQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/hVCMHbhbfZIv6_XEgHNxBb1iBTg.roa
Signing time:             Fri 02 Jan 2026 10:18:46 +0000
ROA not before:           Fri 02 Jan 2026 10:18:46 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     50673
IP address blocks:        91.205.192.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/HApvbzqa4dpeW-h1L6sY3rKLphQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/HApvbzqa4dpeW-h1L6sY3rKLphQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HApvbzqa4dpeW-h1L6sY3rKLphQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:37:87:8e:49:03:72:c5:1f:16:4f:49:91:27:2f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a6f6f3a9ae1da5e5be8752fab18deb28ba614
        Validity
            Not Before: Jan  2 10:18:46 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=85508c1db85b7d922febf5c480737105bd620538
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:af:b6:ec:6d:8c:ac:94:32:8b:46:86:2a:03:
                    08:b8:7a:e5:9d:ae:0d:48:6d:7d:99:b9:e1:01:13:
                    e0:c2:b7:fe:2a:1a:f8:d8:0f:bb:3b:d7:b3:7e:ad:
                    15:f7:72:6f:24:f8:b4:9a:79:27:5d:5b:b2:b9:ed:
                    70:a9:03:25:5a:9e:17:1b:a9:78:a1:67:5a:ca:9b:
                    a0:8a:03:ca:b3:0d:b9:dd:39:ab:22:5b:d2:5c:c5:
                    5e:78:84:81:9c:0a:57:4e:01:12:20:64:8f:7f:54:
                    67:a1:90:59:e0:d3:2f:a5:cf:01:08:48:87:11:9c:
                    e8:a2:70:e5:78:48:df:30:1b:12:72:34:0e:3b:99:
                    39:41:a7:d1:74:6c:4e:ab:ba:d1:f4:97:f4:45:7f:
                    7d:36:7d:cc:85:3e:3b:cd:7f:40:86:bd:be:1e:5e:
                    dd:51:78:ba:af:c9:7f:31:50:b1:63:5b:21:13:7b:
                    04:76:19:56:1c:9e:93:bc:ce:2c:ce:21:f8:9a:91:
                    f9:99:90:b1:7b:ba:c1:a6:23:4c:5f:46:c3:39:8e:
                    bc:44:e8:cb:54:67:19:42:4e:d0:3e:43:38:cf:73:
                    46:fa:69:a8:4c:d4:02:ec:02:ca:70:1a:ef:f7:c1:
                    1e:c2:b8:3a:6b:e5:44:c5:a8:92:1a:48:03:9e:17:
                    d7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:50:8C:1D:B8:5B:7D:92:2F:EB:F5:C4:80:73:71:05:BD:62:05:38
            X509v3 Authority Key Identifier:
                keyid:1C:0A:6F:6F:3A:9A:E1:DA:5E:5B:E8:75:2F:AB:18:DE:B2:8B:A6:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HApvbzqa4dpeW-h1L6sY3rKLphQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/hVCMHbhbfZIv6_XEgHNxBb1iBTg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2a9dd4-17b8-473c-83bf-9af1074c227f/1/HApvbzqa4dpeW-h1L6sY3rKLphQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:3d:97:36:c6:b2:99:de:8d:fa:55:b1:26:92:fb:73:77:aa:
         47:03:76:b3:19:05:67:d1:56:92:fb:a5:8d:bc:d2:ba:8b:0c:
         5c:fa:12:69:d1:1a:6d:98:a4:c6:72:f5:71:1c:dc:91:a8:86:
         4f:57:94:49:70:4a:e7:40:ce:25:5f:cb:0d:5c:58:7a:6c:04:
         ec:10:e3:9f:6b:09:f6:4e:81:72:91:9c:b4:1a:b6:f3:84:7d:
         b8:6c:a1:0c:98:1b:93:68:8f:c3:62:e2:a8:64:69:9a:0d:76:
         29:5e:72:91:7f:f6:fd:51:3b:8b:17:03:5f:5a:2c:41:b3:40:
         fd:b6:d8:0a:ee:eb:50:14:df:ac:36:8a:c4:bd:fb:51:3c:f9:
         65:98:dd:37:a1:20:f2:92:71:60:f7:7c:8e:b2:1c:c7:0e:22:
         ad:df:8a:17:c0:3a:61:36:67:6e:22:2e:8c:d6:3a:57:9a:83:
         fd:09:26:da:f5:7f:c4:1e:77:9e:4a:2b:3f:b8:55:c4:6f:90:
         35:4d:a7:12:49:aa:90:7e:06:f4:36:19:5e:2b:98:25:e6:df:
         65:e2:45:77:f6:ca:27:60:e1:63:7f:6f:72:fe:bc:c2:da:2f:
         98:47:5a:e8:27:ac:5a:2e:7b:e0:61:aa:7e:d9:47:7d:a7:5b:
         75:7e:00:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+N4eOSQNyxR8WT0mRJy8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE2ZjZmM2E5YWUxZGE1ZTViZTg3NTJmYWIxOGRlYjI4
YmE2MTQwHhcNMjYwMTAyMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTUwOGMxZGI4NWI3ZDkyMmZlYmY1YzQ4MDczNzEwNWJkNjIwNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla+27G2MrJQyi0aGKgMIuHrlna4N
SG19mbnhARPgwrf+Khr42A+7O9ezfq0V93JvJPi0mnknXVuyue1wqQMlWp4XG6l4
oWdaypugigPKsw253TmrIlvSXMVeeISBnApXTgESIGSPf1RnoZBZ4NMvpc8BCEiH
EZzoonDleEjfMBsScjQOO5k5QafRdGxOq7rR9Jf0RX99Nn3MhT47zX9Ahr2+Hl7d
UXi6r8l/MVCxY1shE3sEdhlWHJ6TvM4sziH4mpH5mZCxe7rBpiNMX0bDOY68ROjL
VGcZQk7QPkM4z3NG+mmoTNQC7ALKcBrv98Eewrg6a+VExaiSGkgDnhfXXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVQjB24W32SL+v1xIBzcQW9YgU4MB8GA1UdIwQY
MBaAFBwKb286muHaXlvodS+rGN6yi6YUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFwdmJ6cWE0ZHBlVy1oMUw2c1kzcktMcGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yYTlkZDQtMTdiOC00NzNjLTgzYmYt
OWFmMTA3NGMyMjdmLzEvaFZDTUhiaGJmWkl2Nl9YRWdITnhCYjFpQlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yYTlkZDQtMTdiOC00NzNjLTgzYmYtOWFmMTA3NGMyMjdm
LzEvSEFwdmJ6cWE0ZHBlVy1oMUw2c1kzcktMcGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW83AMA0G
CSqGSIb3DQEBCwUAA4IBAQAxPZc2xrKZ3o36VbEmkvtzd6pHA3azGQVn0VaS+6WN
vNK6iwxc+hJp0RptmKTGcvVxHNyRqIZPV5RJcErnQM4lX8sNXFh6bATsEOOfawn2
ToFykZy0GrbzhH24bKEMmBuTaI/DYuKoZGmaDXYpXnKRf/b9UTuLFwNfWixBs0D9
ttgK7utQFN+sNorEvftRPPllmN03oSDyknFg93yOshzHDiKt34oXwDphNmduIi6M
1jpXmoP9CSba9X/EHneeSis/uFXEb5A1TacSSaqQfgb0NhleK5gl5t9l4kV39son
YOFjf29y/rzC2i+YR1roJ6xaLnvgYap+2Ud9p1t1fgBH
-----END CERTIFICATE-----