This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/eHp3RyfgNuQHsHsh65tMdSg96kw.roa
File:                     eHp3RyfgNuQHsHsh65tMdSg96kw.roa (raw, json)
Hash identifier:          Iz+ORoiDtNl1WNlxhQ85YUq+HSrXSAnu/AXImybgG6s=
Subject key identifier:   78:7A:77:47:27:E0:36:E4:07:B0:7B:21:EB:9B:4C:75:28:3D:EA:4C
Certificate issuer:       /CN=6ddb4723b33b4f72d20a8c6a8bcc646a47801705
Certificate serial:       019BFA447CE41E9D37FE59CDA238CF80DD7B
Authority key identifier: 6D:DB:47:23:B3:3B:4F:72:D2:0A:8C:6A:8B:CC:64:6A:47:80:17:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdtHI7M7T3LSCoxqi8xkakeAFwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/eHp3RyfgNuQHsHsh65tMdSg96kw.roa
Signing time:             Mon 26 Jan 2026 12:25:50 +0000
ROA not before:           Mon 26 Jan 2026 12:25:50 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     3320
IP address blocks:        195.66.83.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/bdtHI7M7T3LSCoxqi8xkakeAFwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/bdtHI7M7T3LSCoxqi8xkakeAFwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdtHI7M7T3LSCoxqi8xkakeAFwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:fa:44:7c:e4:1e:9d:37:fe:59:cd:a2:38:cf:80:dd:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb4723b33b4f72d20a8c6a8bcc646a47801705
        Validity
            Not Before: Jan 26 12:25:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=787a774727e036e407b07b21eb9b4c75283dea4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:80:4d:7b:72:b3:a9:0f:c9:3b:50:77:90:95:
                    1e:26:38:6a:2b:53:cd:c5:6c:ff:2a:43:4a:02:49:
                    fa:d8:14:32:8a:c2:bc:0a:98:67:4f:77:73:bd:6f:
                    01:1c:c3:d7:15:b3:cb:eb:8e:25:38:54:c1:07:ec:
                    e2:7c:a5:a3:6f:01:bc:5d:6f:52:41:c8:1f:df:3c:
                    aa:af:f2:24:06:2c:72:ab:e2:3e:bd:5b:15:50:5f:
                    95:95:c0:8a:bc:ce:50:cb:74:dc:19:44:fb:e7:33:
                    4c:c6:b3:45:8b:0d:cd:7a:8c:0c:a9:d7:77:81:f6:
                    cc:6c:05:1b:9e:a5:68:56:cd:88:ce:01:03:ff:90:
                    3a:4e:e8:b4:ff:bf:6b:ea:ce:9d:9b:bf:c4:1c:f0:
                    50:5e:ef:d0:e6:76:23:ab:0f:9c:2c:b3:2b:5f:92:
                    55:30:96:14:0f:6c:59:81:cd:ff:bf:0a:25:be:8d:
                    9a:6a:d1:fb:12:c5:f7:2f:b4:75:96:8a:2c:34:c5:
                    87:32:2c:e7:d8:e7:18:94:b9:99:dd:a3:68:ef:9d:
                    68:a2:60:44:46:15:fb:28:53:3b:53:29:c0:af:ab:
                    0e:d4:1a:ac:2f:ee:c1:4e:cb:80:1d:dc:5e:cf:19:
                    d5:40:2e:ec:32:90:08:72:57:e4:57:60:ce:06:5d:
                    8a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:7A:77:47:27:E0:36:E4:07:B0:7B:21:EB:9B:4C:75:28:3D:EA:4C
            X509v3 Authority Key Identifier:
                keyid:6D:DB:47:23:B3:3B:4F:72:D2:0A:8C:6A:8B:CC:64:6A:47:80:17:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdtHI7M7T3LSCoxqi8xkakeAFwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/eHp3RyfgNuQHsHsh65tMdSg96kw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/64d52e-9bc3-4819-9c39-779d53c0d1fd/1/bdtHI7M7T3LSCoxqi8xkakeAFwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.66.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:a7:a1:eb:82:53:67:b4:33:ff:bf:32:ff:19:6d:88:67:f5:
         de:9a:8f:72:87:3e:2c:27:a0:c7:ee:63:60:1c:eb:4d:a5:b0:
         80:57:1a:95:da:c4:b9:22:5c:af:59:ac:70:6b:66:85:3d:28:
         15:3e:d8:e4:4b:9c:a7:ab:99:47:b8:21:46:47:a3:19:3a:c3:
         b4:e8:dc:6b:ca:7b:e7:de:aa:d1:8d:c8:9f:5d:94:80:c4:ba:
         b6:bd:29:bf:cc:e8:9b:56:42:e7:12:5d:ea:73:cf:0c:84:dc:
         26:0d:c0:be:9d:04:83:af:61:da:49:95:71:48:7d:f8:87:7e:
         0a:35:64:ff:16:61:3c:16:3b:cc:35:fb:48:55:16:da:14:50:
         13:1e:1f:44:aa:3a:5c:e2:1f:e9:d5:7e:14:3c:cd:3a:a4:55:
         a9:b3:d8:8e:01:24:7f:73:88:39:70:43:98:ba:7e:56:01:4d:
         8d:11:8f:fa:29:f5:13:2f:83:68:51:78:53:43:c6:13:2d:f8:
         0a:0d:3a:56:97:cf:14:45:2a:c7:52:bd:0e:9c:15:32:1e:cc:
         d9:15:f3:50:7f:56:52:d5:c4:1a:21:10:48:df:cb:1a:73:9e:
         92:70:01:be:48:db:53:dd:73:9d:2e:92:b4:d8:38:69:98:8f:
         79:5f:12:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZv6RHzkHp03/lnNojjPgN17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGI0NzIzYjMzYjRmNzJkMjBhOGM2YThiY2M2NDZhNDc4
MDE3MDUwHhcNMjYwMTI2MTIyNTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODdhNzc0NzI3ZTAzNmU0MDdiMDdiMjFlYjliNGM3NTI4M2RlYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoBNe3KzqQ/JO1B3kJUeJjhqK1PN
xWz/KkNKAkn62BQyisK8CphnT3dzvW8BHMPXFbPL644lOFTBB+zifKWjbwG8XW9S
Qcgf3zyqr/IkBixyq+I+vVsVUF+VlcCKvM5Qy3TcGUT75zNMxrNFiw3NeowMqdd3
gfbMbAUbnqVoVs2IzgED/5A6Tui0/79r6s6dm7/EHPBQXu/Q5nYjqw+cLLMrX5JV
MJYUD2xZgc3/vwolvo2aatH7EsX3L7R1loosNMWHMizn2OcYlLmZ3aNo751oomBE
RhX7KFM7UynAr6sO1BqsL+7BTsuAHdxezxnVQC7sMpAIclfkV2DOBl2KpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHh6d0cn4DbkB7B7IeubTHUoPepMMB8GA1UdIwQY
MBaAFG3bRyOzO09y0gqMaovMZGpHgBcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmR0SEk3TTdUM0xTQ294cWk4eGtha2VBRndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82NGQ1MmUtOWJjMy00ODE5LTljMzkt
Nzc5ZDUzYzBkMWZkLzEvZUhwM1J5ZmdOdVFIc0hzaDY1dE1kU2c5Nmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82NGQ1MmUtOWJjMy00ODE5LTljMzktNzc5ZDUzYzBkMWZk
LzEvYmR0SEk3TTdUM0xTQ294cWk4eGtha2VBRndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JTMA0G
CSqGSIb3DQEBCwUAA4IBAQAGp6HrglNntDP/vzL/GW2IZ/Xemo9yhz4sJ6DH7mNg
HOtNpbCAVxqV2sS5IlyvWaxwa2aFPSgVPtjkS5ynq5lHuCFGR6MZOsO06Nxrynvn
3qrRjcifXZSAxLq2vSm/zOibVkLnEl3qc88MhNwmDcC+nQSDr2HaSZVxSH34h34K
NWT/FmE8FjvMNftIVRbaFFATHh9Eqjpc4h/p1X4UPM06pFWps9iOASR/c4g5cEOY
un5WAU2NEY/6KfUTL4NoUXhTQ8YTLfgKDTpWl88URSrHUr0OnBUyHszZFfNQf1ZS
1cQaIRBI38sac56ScAG+SNtT3XOdLpK02DhpmI95XxJ/
-----END CERTIFICATE-----