This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1F9WIaTWCuPhT1fj3f_sEFEp_g8.roa
File:                     1F9WIaTWCuPhT1fj3f_sEFEp_g8.roa (raw, json)
Hash identifier:          TNYhPcHp1Cn0a4fwg5zefI73qcgF+qlhC3CnY4Ewyb4=
Subject key identifier:   D4:5F:56:21:A4:D6:0A:E3:E1:4F:57:E3:DD:FF:EC:10:51:29:FE:0F
Certificate issuer:       /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial:       019B78A2975DA0AA6734A0AA89B034A178E3
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1F9WIaTWCuPhT1fj3f_sEFEp_g8.roa
Signing time:             Thu 01 Jan 2026 08:17:59 +0000
ROA not before:           Thu 01 Jan 2026 08:17:59 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     199633
IP address blocks:        37.32.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Jan 2026 00:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:97:5d:a0:aa:67:34:a0:aa:89:b0:34:a1:78:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
        Validity
            Not Before: Jan  1 08:17:59 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d45f5621a4d60ae3e14f57e3ddffec105129fe0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:87:b9:b7:57:5e:e3:d2:d0:18:b4:98:65:3f:
                    49:8f:75:05:26:91:84:63:8a:b3:51:9a:0e:8a:cc:
                    9a:37:b3:c7:ff:5f:16:ca:8d:45:c3:28:20:31:19:
                    9b:56:b0:6f:c9:09:16:35:7a:13:98:eb:dc:be:2e:
                    3a:d9:63:8f:3b:4e:a6:70:4c:3b:01:9a:bb:8a:bb:
                    1c:c8:a0:f6:1d:ee:5b:25:98:7a:49:a3:ef:5b:9d:
                    c5:ca:5d:8a:51:b3:13:ca:0c:dc:65:fc:21:0e:41:
                    39:2c:68:e4:7c:a2:62:4d:44:46:5b:de:d9:b2:d4:
                    63:05:df:55:18:93:0d:c5:1f:70:c1:c9:9a:71:b6:
                    68:c4:2a:57:31:c0:22:ca:48:75:9d:01:df:2a:72:
                    bf:0f:f7:23:92:3c:c8:56:98:b5:bb:9e:54:26:17:
                    88:e3:b7:4f:e0:46:7f:86:e8:8f:bc:cc:12:d2:a8:
                    3f:a5:b2:0b:3b:55:5e:30:dc:f9:e9:37:97:f1:24:
                    22:46:4f:c9:3e:92:e5:0d:b1:a3:00:51:3d:de:a9:
                    0f:e8:21:8e:4a:14:02:71:bf:ff:1b:3f:be:6e:62:
                    c6:36:d1:55:61:c5:97:55:7d:1a:25:a7:9f:af:7d:
                    90:6f:c0:54:b1:57:a0:2a:40:ba:3c:83:ad:a6:c1:
                    d1:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:5F:56:21:A4:D6:0A:E3:E1:4F:57:E3:DD:FF:EC:10:51:29:FE:0F
            X509v3 Authority Key Identifier:
                keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1F9WIaTWCuPhT1fj3f_sEFEp_g8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:67:1b:ac:fa:64:09:45:fe:83:10:c2:87:53:8a:4d:1e:76:
         49:1f:2c:ba:16:a0:5a:30:07:84:54:a6:c8:50:6e:0c:38:65:
         43:5e:35:a3:d1:ed:35:cf:56:27:65:06:c4:8c:f3:ad:ae:ec:
         16:2b:ed:e3:19:ec:4a:d7:a4:a1:03:49:b6:d8:8d:e4:dd:53:
         4f:ea:f1:88:a3:1d:59:57:90:8e:16:05:47:d0:da:8a:62:72:
         46:97:dc:db:75:46:8d:af:b8:d5:db:c8:83:2f:98:8e:91:15:
         57:37:d8:b6:a1:3e:7e:ce:02:36:f4:a5:fd:a2:22:91:ad:6c:
         ff:f2:36:5a:fe:5c:50:65:b1:2a:70:8f:ec:00:43:47:b3:47:
         ed:a4:72:29:d8:7a:6b:fb:8b:31:1a:a7:bd:9a:64:ae:be:65:
         25:6c:8f:a2:cf:52:be:a8:49:e9:06:36:8a:f6:30:88:ff:a5:
         2c:48:8a:43:25:3d:ee:85:39:1f:74:ad:85:62:b9:44:c2:9c:
         21:4e:6d:5e:a0:4e:f8:76:40:50:36:ec:89:3c:a2:8a:09:6c:
         58:56:50:48:62:31:00:f9:c4:62:73:69:58:f7:86:1e:5f:bc:
         13:d2:ce:1e:4a:ba:bc:34:d2:60:f2:92:91:1c:25:f7:78:a4:
         3c:97:b6:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4opddoKpnNKCqibA0oXjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjYwMTAxMDgxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDVmNTYyMWE0ZDYwYWUzZTE0ZjU3ZTNkZGZmZWMxMDUxMjlmZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ye5t1de49LQGLSYZT9Jj3UFJpGE
Y4qzUZoOisyaN7PH/18Wyo1FwyggMRmbVrBvyQkWNXoTmOvcvi462WOPO06mcEw7
AZq7irscyKD2He5bJZh6SaPvW53Fyl2KUbMTygzcZfwhDkE5LGjkfKJiTURGW97Z
stRjBd9VGJMNxR9wwcmacbZoxCpXMcAiykh1nQHfKnK/D/cjkjzIVpi1u55UJheI
47dP4EZ/huiPvMwS0qg/pbILO1VeMNz56TeX8SQiRk/JPpLlDbGjAFE93qkP6CGO
ShQCcb//Gz++bmLGNtFVYcWXVX0aJaefr32Qb8BUsVegKkC6PIOtpsHRtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRfViGk1grj4U9X493/7BBRKf4PMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvMUY5V0lhVFdDdVBoVDFmajNmX3NFRkVwX2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSB1MA0G
CSqGSIb3DQEBCwUAA4IBAQAxZxus+mQJRf6DEMKHU4pNHnZJHyy6FqBaMAeEVKbI
UG4MOGVDXjWj0e01z1YnZQbEjPOtruwWK+3jGexK16ShA0m22I3k3VNP6vGIox1Z
V5COFgVH0NqKYnJGl9zbdUaNr7jV28iDL5iOkRVXN9i2oT5+zgI29KX9oiKRrWz/
8jZa/lxQZbEqcI/sAENHs0ftpHIp2Hpr+4sxGqe9mmSuvmUlbI+iz1K+qEnpBjaK
9jCI/6UsSIpDJT3uhTkfdK2FYrlEwpwhTm1eoE74dkBQNuyJPKKKCWxYVlBIYjEA
+cRic2lY94YeX7wT0s4eSrq8NNJg8pKRHCX3eKQ8l7Z2
-----END CERTIFICATE-----