This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/1-PU-Hm_SbxZzdKhiYrsJyhJw6oI.roa
File:                     1-PU-Hm_SbxZzdKhiYrsJyhJw6oI.roa (raw, json)
Hash identifier:          F3ey1QrO2lAooe3dk5bBb9+xgHy1sfZAGBgLbjbxbY0=
Subject key identifier:   F8:F5:3E:1E:6F:D2:6F:16:73:74:A8:62:62:BB:09:CA:12:70:EA:82
Certificate issuer:       /CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Certificate serial:       019B79ECD3F90A08661821829DCDE9B846FE
Authority key identifier: 6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/1-PU-Hm_SbxZzdKhiYrsJyhJw6oI.roa
Signing time:             Thu 01 Jan 2026 14:18:42 +0000
ROA not before:           Thu 01 Jan 2026 14:18:42 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     19905
IP address blocks:        194.124.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:d3:f9:0a:08:66:18:21:82:9d:cd:e9:b8:46:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
        Validity
            Not Before: Jan  1 14:18:42 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f8f53e1e6fd26f167374a86262bb09ca1270ea82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:46:3e:c4:80:a7:be:68:4b:6e:d5:bb:08:0f:
                    08:24:0e:5a:9a:a0:de:3c:59:96:0a:fe:a5:b5:2d:
                    a0:8e:f9:31:6e:96:f2:5c:66:0b:a7:80:ca:aa:40:
                    64:d7:a4:b0:de:d0:15:72:68:56:44:1f:e7:30:14:
                    1e:54:be:01:61:b6:e6:50:68:c6:1b:ec:f5:db:a9:
                    4d:7b:a0:87:ef:de:75:61:8c:c4:8e:6f:e8:f5:f4:
                    db:17:9a:7b:99:98:02:dd:59:6e:5b:e5:38:73:60:
                    68:95:c0:53:8a:1e:32:19:c3:d7:6c:40:e0:21:21:
                    12:26:a1:ef:a7:52:10:6c:ad:6a:23:60:ee:31:41:
                    5e:00:8c:bd:03:84:4c:d4:d9:9d:3b:99:93:e8:e2:
                    d6:c5:03:2c:e3:1d:b3:65:4b:27:a1:89:58:18:a7:
                    a0:01:33:c1:4a:f6:b9:56:d9:a9:2e:f1:7f:7a:a9:
                    e4:70:7f:f6:d8:6b:51:69:0f:d8:c8:83:ac:aa:6a:
                    42:48:a7:8b:5f:b7:ff:18:02:16:73:7a:57:d6:66:
                    52:b3:fd:7b:1a:5f:bb:6c:26:93:43:5e:aa:8b:06:
                    06:a0:66:1d:2f:4f:16:08:24:db:d0:d1:6b:9d:b8:
                    8a:64:1b:06:7f:ac:ce:22:04:48:5a:42:24:0b:82:
                    fb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:F5:3E:1E:6F:D2:6F:16:73:74:A8:62:62:BB:09:CA:12:70:EA:82
            X509v3 Authority Key Identifier:
                keyid:6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/1-PU-Hm_SbxZzdKhiYrsJyhJw6oI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.124.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:59:19:6f:bb:3a:3a:94:d9:93:a8:d0:bc:56:a9:44:70:f4:
         67:d3:b3:d7:74:39:9c:5c:39:4a:ce:06:81:a3:7e:a6:dd:83:
         18:28:84:da:67:df:83:aa:b2:f0:26:7f:6b:be:4a:94:d4:6f:
         d9:da:0c:8b:78:fb:e6:9a:f0:b6:ab:4c:81:25:26:34:a2:4d:
         d4:38:87:e3:f6:e8:d4:a4:20:8d:53:3e:94:48:9c:f9:cb:1e:
         e1:cd:73:ff:67:20:82:fc:bd:74:50:98:e5:5f:46:b5:b9:5b:
         d9:16:bb:4d:cc:17:9f:c6:4e:9e:bb:40:9b:c1:a6:57:38:4b:
         8c:5f:14:dc:ff:99:e3:45:31:45:36:4c:a9:49:82:2e:26:04:
         bf:a6:86:63:d7:da:ac:61:6c:c8:de:3f:49:db:34:8b:74:98:
         0c:9b:4f:3e:00:06:10:5f:9c:c0:16:0b:06:4b:7b:bc:01:e8:
         3f:c8:53:e2:53:e4:90:21:2b:4f:50:c0:95:50:97:ee:23:f4:
         4d:1a:5c:a0:ac:a0:23:3c:f3:67:6f:8d:15:6b:a9:b9:f4:c6:
         84:8f:69:30:72:e6:5b:6a:79:88:90:72:95:e7:12:56:d8:62:
         87:07:13:57:c1:b8:63:78:3c:e1:d8:0d:fa:b0:0c:8b:39:9e:
         a3:0a:74:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt57NP5CghmGCGCnc3puEb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGIzZTZhN2M4NzgzZmM4YTU3MTlmYmQ5ZjM3YjMyYzhj
N2M1Y2EwHhcNMjYwMTAxMTQxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGY1M2UxZTZmZDI2ZjE2NzM3NGE4NjI2MmJiMDljYTEyNzBlYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Y+xICnvmhLbtW7CA8IJA5amqDe
PFmWCv6ltS2gjvkxbpbyXGYLp4DKqkBk16Sw3tAVcmhWRB/nMBQeVL4BYbbmUGjG
G+z126lNe6CH7951YYzEjm/o9fTbF5p7mZgC3VluW+U4c2BolcBTih4yGcPXbEDg
ISESJqHvp1IQbK1qI2DuMUFeAIy9A4RM1NmdO5mT6OLWxQMs4x2zZUsnoYlYGKeg
ATPBSva5VtmpLvF/eqnkcH/22GtRaQ/YyIOsqmpCSKeLX7f/GAIWc3pX1mZSs/17
Gl+7bCaTQ16qiwYGoGYdL08WCCTb0NFrnbiKZBsGf6zOIgRIWkIkC4L7RwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPj1Ph5v0m8Wc3SoYmK7CcoScOqCMB8GA1UdIwQY
MBaAFGtLPmp8h4P8ilcZ+9nzezLIx8XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmIt
NDMzMmM5NTdhMjJmLzEvMS1QVS1IbV9TYnhaemRLaGlZcnNKeWhKdzZvSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzkvNDY0MTk0LTUzYWQtNDAzMS04NTZiLTQzMzJjOTU3YTIy
Zi8xL2Ewcy1hbnlIZ195S1Z4bjcyZk43TXNqSHhjby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJ8vDAN
BgkqhkiG9w0BAQsFAAOCAQEAJlkZb7s6OpTZk6jQvFapRHD0Z9Oz13Q5nFw5Ss4G
gaN+pt2DGCiE2mffg6qy8CZ/a75KlNRv2doMi3j75prwtqtMgSUmNKJN1DiH4/bo
1KQgjVM+lEic+cse4c1z/2cggvy9dFCY5V9Gtblb2Ra7TcwXn8ZOnrtAm8GmVzhL
jF8U3P+Z40UxRTZMqUmCLiYEv6aGY9farGFsyN4/Sds0i3SYDJtPPgAGEF+cwBYL
Bkt7vAHoP8hT4lPkkCErT1DAlVCX7iP0TRpcoKygIzzzZ2+NFWupufTGhI9pMHLm
W2p5iJBylecSVthihwcTV8G4Y3g84dgN+rAMizmeowp0tQ==
-----END CERTIFICATE-----