This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9EfSU0fo0gtwKVV-xwFFvMs-rp8.roa
File:                     9EfSU0fo0gtwKVV-xwFFvMs-rp8.roa (raw, json)
Hash identifier:          WolUPHXRybnEmP+dj5D10g9opIduOTfkSVfMBqeuzYo=
Subject key identifier:   F4:47:D2:53:47:E8:D2:0B:70:29:55:7E:C7:01:45:BC:CB:3E:AE:9F
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       019BD78F28258788E4C142A30A76236B6A4B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9EfSU0fo0gtwKVV-xwFFvMs-rp8.roa
Signing time:             Mon 19 Jan 2026 18:40:41 +0000
ROA not before:           Mon 19 Jan 2026 18:40:41 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     35608
IP address blocks:        193.8.74.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:d7:8f:28:25:87:88:e4:c1:42:a3:0a:76:23:6b:6a:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Jan 19 18:40:41 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f447d25347e8d20b7029557ec70145bccb3eae9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:40:a5:e4:c8:05:9b:cb:7b:6f:cd:b7:cc:10:
                    28:4a:82:9a:18:ac:db:08:39:15:4b:46:1a:38:e1:
                    fd:55:f7:10:fd:9c:73:dc:ee:93:db:ff:47:a3:39:
                    b4:3b:86:f1:33:20:d0:c7:40:fb:69:c3:eb:09:65:
                    98:d4:90:b1:31:e0:22:74:29:3b:3a:df:26:08:38:
                    90:9c:96:8a:c2:7a:18:11:5c:73:18:5a:81:95:8a:
                    37:d6:60:bb:d8:3d:9a:d4:00:b6:33:16:e2:0a:10:
                    8a:d8:48:00:02:73:41:87:55:9c:12:23:3f:9b:99:
                    bd:cf:6b:1a:7b:74:90:74:97:fc:31:13:76:d7:3a:
                    2d:07:de:d0:9d:3f:24:2d:30:1e:88:8b:77:40:70:
                    90:59:7e:4f:c2:62:ae:e5:ca:c9:32:25:bb:31:bc:
                    89:89:00:09:f2:8e:45:4b:5d:d3:dd:22:41:3d:f5:
                    a4:8f:18:02:91:09:7b:14:63:56:ae:42:50:af:07:
                    2f:ee:91:b4:d8:13:89:b6:d6:12:4c:e4:fc:7d:34:
                    fa:bf:69:c7:19:b1:7c:ba:f4:d8:5b:bc:81:e7:44:
                    7d:9f:c5:96:15:4e:a1:d7:61:a3:03:0f:ca:28:25:
                    15:8f:0d:96:f6:69:89:dd:f9:58:59:d6:eb:d5:bd:
                    9e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:47:D2:53:47:E8:D2:0B:70:29:55:7E:C7:01:45:BC:CB:3E:AE:9F
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9EfSU0fo0gtwKVV-xwFFvMs-rp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:4f:54:64:82:35:b9:c2:f8:bf:02:e5:43:7b:f9:d6:8a:16:
         e7:ca:aa:b6:b6:bf:91:0d:ba:8f:c6:c7:78:aa:18:c3:7a:c2:
         36:d3:07:5d:fc:2a:32:bf:d1:db:6a:de:41:4e:ac:3f:b9:70:
         6e:18:69:bf:e2:40:0a:03:a2:e0:54:f7:79:1a:5f:28:e5:ac:
         0d:c9:b9:be:16:69:9f:38:77:c9:b9:61:10:7f:3a:43:8d:60:
         01:2d:35:03:9c:7c:31:64:75:02:dd:5e:c8:4e:86:9d:f7:a7:
         db:0f:26:a2:7b:e4:d0:f8:a4:63:b5:7f:f2:06:c3:f5:0c:ba:
         6c:89:f4:a0:52:1f:b3:c0:06:87:f7:ea:d0:38:03:03:e5:fb:
         54:c2:36:bf:57:07:ce:ea:6b:b9:78:6d:0e:24:b8:55:d8:f8:
         08:bb:0f:bd:d0:54:de:35:3c:3d:09:78:76:66:ef:ec:37:5c:
         c1:40:02:10:97:94:32:f0:72:63:1c:03:5f:3f:06:34:c2:9f:
         ca:70:07:ab:1b:4d:2a:c8:5f:dd:ae:0d:ab:7b:e4:76:ff:6f:
         72:3a:2f:fc:64:3b:4a:f0:50:a6:83:6d:df:b3:99:9e:19:a0:
         31:8c:0d:ed:25:50:4a:59:a8:39:bc:03:37:e7:ac:5b:b4:4e:
         2e:a8:e4:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvXjyglh4jkwUKjCnYja2pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMTE5MTg0MDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQ3ZDI1MzQ3ZThkMjBiNzAyOTU1N2VjNzAxNDViY2NiM2VhZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkCl5MgFm8t7b823zBAoSoKaGKzb
CDkVS0YaOOH9VfcQ/Zxz3O6T2/9Hozm0O4bxMyDQx0D7acPrCWWY1JCxMeAidCk7
Ot8mCDiQnJaKwnoYEVxzGFqBlYo31mC72D2a1AC2MxbiChCK2EgAAnNBh1WcEiM/
m5m9z2sae3SQdJf8MRN21zotB97QnT8kLTAeiIt3QHCQWX5PwmKu5crJMiW7MbyJ
iQAJ8o5FS13T3SJBPfWkjxgCkQl7FGNWrkJQrwcv7pG02BOJttYSTOT8fTT6v2nH
GbF8uvTYW7yB50R9n8WWFU6h12GjAw/KKCUVjw2W9mmJ3flYWdbr1b2ecQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRH0lNH6NILcClVfscBRbzLPq6fMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOUVmU1UwZm8wZ3R3S1ZWLXh3RkZ2TXMtcnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQhKMA0G
CSqGSIb3DQEBCwUAA4IBAQAGT1RkgjW5wvi/AuVDe/nWihbnyqq2tr+RDbqPxsd4
qhjDesI20wdd/Coyv9Hbat5BTqw/uXBuGGm/4kAKA6LgVPd5Gl8o5awNybm+Fmmf
OHfJuWEQfzpDjWABLTUDnHwxZHUC3V7IToad96fbDyaie+TQ+KRjtX/yBsP1DLps
ifSgUh+zwAaH9+rQOAMD5ftUwja/VwfO6mu5eG0OJLhV2PgIuw+90FTeNTw9CXh2
Zu/sN1zBQAIQl5Qy8HJjHANfPwY0wp/KcAerG00qyF/drg2re+R2/29yOi/8ZDtK
8FCmg23fs5meGaAxjA3tJVBKWag5vAM356xbtE4uqOTo
-----END CERTIFICATE-----