This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/HnCge9v0VMFv4p4n7gbHmPrHGJY.roa
File:                     HnCge9v0VMFv4p4n7gbHmPrHGJY.roa (raw, json)
Hash identifier:          d62k4x4IFTUWXOO9eicQRIOUN/u5FXiup6Gnw1Q4kpc=
Subject key identifier:   1E:70:A0:7B:DB:F4:54:C1:6F:E2:9E:27:EE:06:C7:98:FA:C7:18:96
Certificate issuer:       /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Certificate serial:       019B7E38938AC6F548566CA8FBF28CF40F10
Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/HnCge9v0VMFv4p4n7gbHmPrHGJY.roa
Signing time:             Fri 02 Jan 2026 10:19:55 +0000
ROA not before:           Fri 02 Jan 2026 10:19:55 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     19905
IP address blocks:        62.216.159.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 16:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:93:8a:c6:f5:48:56:6c:a8:fb:f2:8c:f4:0f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
        Validity
            Not Before: Jan  2 10:19:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1e70a07bdbf454c16fe29e27ee06c798fac71896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:da:57:a4:f2:33:77:52:49:09:23:f0:d8:3d:
                    de:e1:84:57:2b:f1:8a:98:17:73:47:6d:bc:9c:04:
                    54:0b:43:d7:b8:72:72:fc:46:43:69:f8:7c:73:cd:
                    66:52:d8:b4:48:7e:69:a8:da:24:4b:3a:fa:de:5f:
                    26:e2:c6:56:a1:0b:9c:4c:9d:22:ac:88:84:77:ae:
                    0f:d8:1c:14:2a:6f:a2:2f:2d:c9:95:dd:6e:04:51:
                    a6:f2:a8:ba:15:0c:e5:b8:0f:c6:59:4e:2e:3b:25:
                    c9:04:4b:b7:cd:e4:df:be:8f:a8:85:4d:93:bb:fd:
                    98:6a:e0:6b:87:2d:7c:c1:5d:eb:6e:20:e8:83:2a:
                    5d:e9:50:f8:aa:aa:df:c9:0c:9a:8f:ab:5f:9c:74:
                    79:de:43:13:cd:b8:9a:f4:33:73:30:e0:17:17:9e:
                    14:5a:72:eb:d9:e7:80:72:c4:12:78:1e:13:1f:f6:
                    ad:52:65:90:55:bc:49:34:4d:23:2f:f1:39:31:88:
                    e3:fe:3d:9e:ab:6e:d0:cc:56:69:e0:4f:3a:72:eb:
                    d8:37:02:32:b1:f0:a2:96:7b:55:b8:6c:24:b6:f4:
                    0b:1f:3d:ae:7b:25:fe:d7:48:98:bc:ae:2e:23:b8:
                    60:a3:54:1d:b8:4a:4e:eb:9d:15:39:d0:2e:a9:f3:
                    f2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:70:A0:7B:DB:F4:54:C1:6F:E2:9E:27:EE:06:C7:98:FA:C7:18:96
            X509v3 Authority Key Identifier:
                keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/HnCge9v0VMFv4p4n7gbHmPrHGJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.216.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:1b:dc:b8:46:99:cc:2c:ba:d7:ad:1a:a9:6a:a1:0b:64:c1:
         5d:04:5f:80:2f:02:a8:2a:2f:3b:79:11:80:d9:ef:6a:90:af:
         75:c4:ab:c5:83:ca:e6:25:a7:31:b5:15:39:fb:10:65:8a:fd:
         85:c3:ad:1b:5d:4b:33:27:90:43:e7:e8:b8:91:78:b7:36:75:
         9a:be:47:a1:62:a0:31:db:14:2e:71:f5:c3:23:1f:29:49:8d:
         b5:55:ec:d5:8a:5d:58:40:a9:69:73:e4:8d:0f:bd:c8:2c:0b:
         d5:d7:f1:0b:47:6d:cc:78:b0:f5:d5:2c:22:fd:b3:41:d8:52:
         43:3a:16:48:60:91:45:df:16:84:21:bd:2e:78:8b:b7:50:06:
         06:ce:80:3c:a2:d5:1f:63:f0:19:9c:bb:7e:d6:35:d4:70:05:
         88:c1:42:e6:c8:5f:c4:93:b0:11:0b:8a:c5:26:32:72:a2:cd:
         f2:ff:57:a5:80:29:7c:7e:0a:32:de:fe:ee:ab:65:a2:df:b5:
         4e:34:b4:8f:56:6f:e5:de:73:b1:43:db:eb:24:58:06:af:cd:
         5b:a1:1a:bc:5a:e6:76:a1:44:df:48:f4:32:31:89:a6:2b:58:
         87:06:46:71:aa:8e:fe:b2:a1:1b:5b:c6:9a:7b:42:85:2a:78:
         79:20:f7:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OJOKxvVIVmyo+/KM9A8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk
OWI1YjMwHhcNMjYwMTAyMTAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTcwYTA3YmRiZjQ1NGMxNmZlMjllMjdlZTA2Yzc5OGZhYzcxODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndpXpPIzd1JJCSPw2D3e4YRXK/GK
mBdzR228nARUC0PXuHJy/EZDafh8c81mUti0SH5pqNokSzr63l8m4sZWoQucTJ0i
rIiEd64P2BwUKm+iLy3Jld1uBFGm8qi6FQzluA/GWU4uOyXJBEu3zeTfvo+ohU2T
u/2YauBrhy18wV3rbiDogypd6VD4qqrfyQyaj6tfnHR53kMTzbia9DNzMOAXF54U
WnLr2eeAcsQSeB4TH/atUmWQVbxJNE0jL/E5MYjj/j2eq27QzFZp4E86cuvYNwIy
sfCilntVuGwktvQLHz2ueyX+10iYvK4uI7hgo1QduEpO650VOdAuqfPyfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5woHvb9FTBb+KeJ+4Gx5j6xxiWMB8GA1UdIwQY
MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt
MDRlMWViMmE5MzI4LzEvSG5DZ2U5djBWTUZ2NHA0bjdnYkhtUHJIR0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYtMDRlMWViMmE5MzI4
LzEvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPtifMA0G
CSqGSIb3DQEBCwUAA4IBAQBGG9y4RpnMLLrXrRqpaqELZMFdBF+ALwKoKi87eRGA
2e9qkK91xKvFg8rmJacxtRU5+xBliv2Fw60bXUszJ5BD5+i4kXi3NnWavkehYqAx
2xQucfXDIx8pSY21VezVil1YQKlpc+SND73ILAvV1/ELR23MeLD11Swi/bNB2FJD
OhZIYJFF3xaEIb0ueIu3UAYGzoA8otUfY/AZnLt+1jXUcAWIwULmyF/Ek7ARC4rF
JjJyos3y/1elgCl8fgoy3v7uq2Wi37VONLSPVm/l3nOxQ9vrJFgGr81boRq8WuZ2
oUTfSPQyMYmmK1iHBkZxqo7+sqEbW8aae0KFKnh5IPdy
-----END CERTIFICATE-----