This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/hOzUFEchirVSZu4kGiThKl20Lag.roa
File:                     hOzUFEchirVSZu4kGiThKl20Lag.roa (raw, json)
Hash identifier:          H5zzg9d1gpHKYOjHoQCkEIEH4mlnH12RrDwh03hHnuI=
Subject key identifier:   84:EC:D4:14:47:21:8A:B5:52:66:EE:24:1A:24:E1:2A:5D:B4:2D:A8
Certificate issuer:       /CN=01fe8825ce29115ec71cdccfc355d81a35fd7e8c
Certificate serial:       019B7F1397F6BAEC066A4BC013BDF5DA4703
Authority key identifier: 01:FE:88:25:CE:29:11:5E:C7:1C:DC:CF:C3:55:D8:1A:35:FD:7E:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Af6IJc4pEV7HHNzPw1XYGjX9fow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/hOzUFEchirVSZu4kGiThKl20Lag.roa
Signing time:             Fri 02 Jan 2026 14:19:09 +0000
ROA not before:           Fri 02 Jan 2026 14:19:09 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     34834
IP address blocks:        193.58.244.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/Af6IJc4pEV7HHNzPw1XYGjX9fow.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/Af6IJc4pEV7HHNzPw1XYGjX9fow.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Af6IJc4pEV7HHNzPw1XYGjX9fow.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 20:39:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:13:97:f6:ba:ec:06:6a:4b:c0:13:bd:f5:da:47:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fe8825ce29115ec71cdccfc355d81a35fd7e8c
        Validity
            Not Before: Jan  2 14:19:09 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=84ecd41447218ab55266ee241a24e12a5db42da8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:14:d6:41:e7:3c:b5:51:0d:df:20:09:6b:47:
                    9a:c9:c3:ae:c2:3e:10:be:3b:4c:92:0a:f8:73:57:
                    8c:3f:1e:1e:55:4d:a6:18:a3:04:66:46:fe:b6:ab:
                    ea:58:10:fd:af:e6:63:f7:57:e9:a4:79:4a:d3:4c:
                    33:1a:c7:fa:72:80:3f:28:b3:27:35:b5:d0:99:8f:
                    27:35:02:a5:70:db:32:5a:c0:e1:4d:ca:b1:fa:09:
                    ee:14:a6:11:65:36:33:89:7a:6d:83:c5:80:68:a5:
                    5b:dc:75:d9:3a:0f:ee:ed:0d:ca:85:8b:68:bd:db:
                    12:15:cc:d6:22:11:82:99:61:5d:88:66:1d:24:8b:
                    5d:0b:37:df:00:72:d3:cc:4b:85:4c:3b:ae:6d:34:
                    d3:ac:b3:47:b7:76:9f:c6:a9:44:2e:46:ce:ff:32:
                    e4:48:89:c1:06:63:4c:69:21:82:de:65:7d:47:f0:
                    78:a3:4c:72:fc:ca:6f:8e:86:bc:0f:0c:20:ee:44:
                    2e:cb:29:c6:ad:bf:72:12:65:cd:0b:3f:01:49:14:
                    1d:75:0c:90:57:a2:98:6b:3b:50:57:2c:f4:84:fb:
                    f4:16:c9:15:bb:19:c7:17:3f:52:1b:1a:31:d3:6b:
                    a0:da:99:36:fa:8b:45:c3:7d:c4:5a:cb:f3:ba:2f:
                    68:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:EC:D4:14:47:21:8A:B5:52:66:EE:24:1A:24:E1:2A:5D:B4:2D:A8
            X509v3 Authority Key Identifier:
                keyid:01:FE:88:25:CE:29:11:5E:C7:1C:DC:CF:C3:55:D8:1A:35:FD:7E:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Af6IJc4pEV7HHNzPw1XYGjX9fow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/hOzUFEchirVSZu4kGiThKl20Lag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0ee558-f08c-42ca-a953-53828f43fea0/1/Af6IJc4pEV7HHNzPw1XYGjX9fow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:58:f6:1a:59:28:f5:6f:fc:f0:86:f9:fe:ab:a0:48:b0:59:
         73:c7:11:16:e4:ac:7e:ab:0b:0b:a9:2c:2f:5f:8f:a2:5a:4d:
         74:89:e3:a2:93:a5:55:86:09:43:4c:a2:f3:a5:a7:7c:1d:4a:
         4c:8f:33:9c:9b:72:fb:75:62:a0:60:ee:f0:84:ca:81:8b:79:
         fb:67:5b:db:1e:d6:40:e3:df:1d:48:11:66:4b:55:3d:f7:d2:
         8f:22:b6:ce:06:ad:cc:8c:72:53:42:2b:5d:e8:2d:22:c2:70:
         72:e9:dc:18:4e:b0:ae:5e:75:70:15:07:9d:bd:f8:33:11:a2:
         91:cd:19:f2:48:b8:24:a4:c3:ba:df:c0:8d:6e:af:73:cf:8e:
         81:c0:a2:2b:5f:20:92:55:74:a0:f2:ba:1c:4d:f2:da:8e:cd:
         f2:bc:9d:c6:c7:c6:e4:18:04:23:80:48:53:60:20:19:c3:c8:
         22:40:38:0f:42:f8:95:98:bc:01:ca:e2:f9:44:68:1c:0d:7f:
         c4:eb:57:6a:3d:81:ec:12:68:67:d2:5a:ae:61:2f:19:d3:c6:
         e1:7d:a0:bf:e6:6e:26:25:cb:9b:ee:af:ad:d4:f2:40:82:e7:
         5b:3a:b2:47:98:84:1d:c3:a6:24:51:53:47:78:65:4e:fb:c7:
         b0:33:4d:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/E5f2uuwGakvAE7312kcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmU4ODI1Y2UyOTExNWVjNzFjZGNjZmMzNTVkODFhMzVm
ZDdlOGMwHhcNMjYwMTAyMTQxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGVjZDQxNDQ3MjE4YWI1NTI2NmVlMjQxYTI0ZTEyYTVkYjQyZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxTWQec8tVEN3yAJa0eaycOuwj4Q
vjtMkgr4c1eMPx4eVU2mGKMEZkb+tqvqWBD9r+Zj91fppHlK00wzGsf6coA/KLMn
NbXQmY8nNQKlcNsyWsDhTcqx+gnuFKYRZTYziXptg8WAaKVb3HXZOg/u7Q3KhYto
vdsSFczWIhGCmWFdiGYdJItdCzffAHLTzEuFTDuubTTTrLNHt3afxqlELkbO/zLk
SInBBmNMaSGC3mV9R/B4o0xy/Mpvjoa8Dwwg7kQuyynGrb9yEmXNCz8BSRQddQyQ
V6KYaztQVyz0hPv0FskVuxnHFz9SGxox02ug2pk2+otFw33EWsvzui9oNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITs1BRHIYq1UmbuJBok4SpdtC2oMB8GA1UdIwQY
MBaAFAH+iCXOKRFexxzcz8NV2Bo1/X6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWY2SUpjNHBFVjdISE56UHcxWFlHalg5Zm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wZWU1NTgtZjA4Yy00MmNhLWE5NTMt
NTM4MjhmNDNmZWEwLzEvaE96VUZFY2hpclZTWnU0a0dpVGhLbDIwTGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wZWU1NTgtZjA4Yy00MmNhLWE5NTMtNTM4MjhmNDNmZWEw
LzEvQWY2SUpjNHBFVjdISE56UHcxWFlHalg5Zm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTr0MA0G
CSqGSIb3DQEBCwUAA4IBAQAFWPYaWSj1b/zwhvn+q6BIsFlzxxEW5Kx+qwsLqSwv
X4+iWk10ieOik6VVhglDTKLzpad8HUpMjzOcm3L7dWKgYO7whMqBi3n7Z1vbHtZA
498dSBFmS1U999KPIrbOBq3MjHJTQitd6C0iwnBy6dwYTrCuXnVwFQedvfgzEaKR
zRnySLgkpMO638CNbq9zz46BwKIrXyCSVXSg8rocTfLajs3yvJ3Gx8bkGAQjgEhT
YCAZw8giQDgPQviVmLwByuL5RGgcDX/E61dqPYHsEmhn0lquYS8Z08bhfaC/5m4m
Jcub7q+t1PJAgudbOrJHmIQdw6YkUVNHeGVO+8ewM01A
-----END CERTIFICATE-----
Generated at Tue Jan 27 05:43:43 2026 by rpki-client