This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/7gj1lNZovqJow7Mfj0-ft5xz3g4.roa
File:                     7gj1lNZovqJow7Mfj0-ft5xz3g4.roa (raw, json)
Hash identifier:          tZZfaBnRIQqUzcHZFu5jTvSH8y6OR0zvElHJVd8TRxk=
Subject key identifier:   EE:08:F5:94:D6:68:BE:A2:68:C3:B3:1F:8F:4F:9F:B7:9C:73:DE:0E
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       019B7BA41B95B38B9821B2F3E65FA16C2069
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/7gj1lNZovqJow7Mfj0-ft5xz3g4.roa
Signing time:             Thu 01 Jan 2026 22:18:31 +0000
ROA not before:           Thu 01 Jan 2026 22:18:31 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211072
IP address blocks:        194.67.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:1b:95:b3:8b:98:21:b2:f3:e6:5f:a1:6c:20:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jan  1 22:18:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ee08f594d668bea268c3b31f8f4f9fb79c73de0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:07:f6:8a:a0:b5:5e:a5:f7:79:9d:c0:77:9b:
                    b5:1f:38:99:70:f3:a9:ac:0f:84:2a:d2:f6:61:80:
                    75:b1:a4:7f:78:56:c6:3a:d4:3d:fd:2f:92:4c:96:
                    18:ee:dc:40:2b:0a:d7:8e:12:f2:61:a1:56:e7:de:
                    1f:01:5b:8c:0c:36:a9:fa:7f:58:3f:04:a5:f2:12:
                    71:a3:fe:3b:62:47:2b:2a:e1:2f:42:64:80:26:0a:
                    fa:c8:2c:5f:96:95:29:c9:8e:ce:26:37:a1:0e:18:
                    44:80:fa:49:1e:d8:5b:63:68:4f:5e:f3:25:31:07:
                    b1:c6:85:c3:70:29:4f:4b:bd:b4:86:80:7e:1d:70:
                    4a:b4:f3:03:45:5f:7c:bf:e3:ee:98:cb:00:1f:ea:
                    92:cb:93:01:d5:e0:15:e1:03:b8:b7:9b:d4:a8:84:
                    e5:a5:0a:08:0a:7f:61:15:97:48:8c:e2:20:71:d8:
                    f2:52:fe:f5:bc:e5:e1:31:5e:f5:f5:2b:26:d3:54:
                    e2:2c:01:91:53:29:66:cc:8c:64:58:da:ec:88:23:
                    94:e6:07:c3:43:83:b3:ca:d3:50:f6:22:10:1d:9d:
                    18:51:56:cd:27:b2:cd:29:3d:7d:60:c7:6c:b7:b4:
                    43:1a:c4:ad:7b:32:e3:32:c9:5e:4a:e0:6a:20:6d:
                    cf:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:08:F5:94:D6:68:BE:A2:68:C3:B3:1F:8F:4F:9F:B7:9C:73:DE:0E
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/7gj1lNZovqJow7Mfj0-ft5xz3g4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.67.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:35:c5:59:c6:1d:5c:18:86:d0:de:14:e0:f1:bd:47:35:c5:
         20:03:29:df:d3:1f:74:30:f3:86:d9:d3:47:fb:bf:53:8f:6f:
         e5:dc:d5:88:96:45:06:64:f9:d1:72:7e:46:15:bc:9e:f1:27:
         22:db:6e:0e:7f:b9:ed:d4:47:09:8d:d0:7c:30:98:67:9e:34:
         a2:b9:db:07:03:bf:9e:9f:a6:36:cb:ec:5f:ef:da:94:be:2f:
         2b:39:14:57:97:f6:a2:77:1f:91:e2:14:4a:c6:6b:4b:45:fa:
         0f:5f:64:6f:93:5d:89:9d:89:ef:7e:0c:36:92:82:42:ff:c3:
         ba:42:23:3d:cb:26:14:58:81:e0:9e:c3:4a:14:66:16:b0:fb:
         9d:3e:c7:2d:48:84:d2:59:ac:3d:cd:08:33:ba:4c:b2:9f:e3:
         2d:e3:47:f1:5c:6d:96:69:61:5f:9d:f6:78:92:49:88:c3:8a:
         68:5a:76:b1:c9:0d:7d:e3:32:b4:90:ab:60:f3:83:7d:c3:a8:
         0b:3d:c5:96:22:7c:7d:b1:b9:27:91:c2:fc:e5:fe:2d:ab:41:
         c5:32:d6:31:2f:93:3c:87:3a:92:95:69:39:26:6b:29:d3:42:
         66:46:84:9d:8c:15:c0:77:d9:92:a3:0e:a5:f3:b2:a3:10:a8:
         f3:20:1c:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pBuVs4uYIbLz5l+hbCBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMTAxMjIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTA4ZjU5NGQ2NjhiZWEyNjhjM2IzMWY4ZjRmOWZiNzljNzNkZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Qf2iqC1XqX3eZ3Ad5u1HziZcPOp
rA+EKtL2YYB1saR/eFbGOtQ9/S+STJYY7txAKwrXjhLyYaFW594fAVuMDDap+n9Y
PwSl8hJxo/47YkcrKuEvQmSAJgr6yCxflpUpyY7OJjehDhhEgPpJHthbY2hPXvMl
MQexxoXDcClPS720hoB+HXBKtPMDRV98v+PumMsAH+qSy5MB1eAV4QO4t5vUqITl
pQoICn9hFZdIjOIgcdjyUv71vOXhMV719Ssm01TiLAGRUylmzIxkWNrsiCOU5gfD
Q4OzytNQ9iIQHZ0YUVbNJ7LNKT19YMdst7RDGsStezLjMsleSuBqIG3PywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4I9ZTWaL6iaMOzH49Pn7ecc94OMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvN2dqMWxOWm92cUpvdzdNZmowLWZ0NXh6M2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkPBMA0G
CSqGSIb3DQEBCwUAA4IBAQCjNcVZxh1cGIbQ3hTg8b1HNcUgAynf0x90MPOG2dNH
+79Tj2/l3NWIlkUGZPnRcn5GFbye8Sci224Of7nt1EcJjdB8MJhnnjSiudsHA7+e
n6Y2y+xf79qUvi8rORRXl/aidx+R4hRKxmtLRfoPX2Rvk12JnYnvfgw2koJC/8O6
QiM9yyYUWIHgnsNKFGYWsPudPsctSITSWaw9zQgzukyyn+Mt40fxXG2WaWFfnfZ4
kkmIw4poWnaxyQ194zK0kKtg84N9w6gLPcWWInx9sbknkcL85f4tq0HFMtYxL5M8
hzqSlWk5Jmsp00JmRoSdjBXAd9mSow6l87KjEKjzIByH
-----END CERTIFICATE-----