This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-8Nhle8FzC2WNyc1KcG0LZu70OA.roa
File:                     1-8Nhle8FzC2WNyc1KcG0LZu70OA.roa (raw, json)
Hash identifier:          n/y3QN0RFwa5trmAnCaPevYzm7Iohf8BTnFyEeQbekQ=
Subject key identifier:   FB:C3:61:95:EF:05:CC:2D:96:37:27:35:29:C1:B4:2D:9B:BB:D0:E0
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       019B77C74F2508B90E35C9FF36D57715211C
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-8Nhle8FzC2WNyc1KcG0LZu70OA.roa
Signing time:             Thu 01 Jan 2026 04:18:29 +0000
ROA not before:           Thu 01 Jan 2026 04:18:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211078
IP address blocks:        62.76.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c7:4f:25:08:b9:0e:35:c9:ff:36:d5:77:15:21:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jan  1 04:18:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fbc36195ef05cc2d9637273529c1b42d9bbbd0e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:b7:e3:0a:ae:d9:f2:42:26:05:c4:43:f9:
                    f1:e3:49:9a:14:d7:3e:41:30:07:de:72:84:98:9b:
                    b7:0d:67:37:06:fa:16:76:45:29:b3:5a:0a:68:88:
                    66:1e:08:e2:93:07:2a:5b:da:c9:94:86:03:23:ab:
                    9a:3d:a3:87:41:b4:08:b2:c2:44:de:c6:7f:69:b2:
                    19:86:4f:b7:f4:1d:5e:f5:76:95:2a:3e:cb:19:93:
                    af:ed:a9:44:f7:c9:1a:50:d6:f9:e6:bf:3d:e0:6e:
                    80:6f:73:8a:5a:f9:aa:9b:6d:c1:75:9a:04:1a:35:
                    d1:10:68:84:14:14:72:2e:61:54:8e:86:58:e6:e4:
                    48:d3:e4:1d:fb:a5:8e:09:0c:d0:a9:03:27:6d:b1:
                    5e:c5:10:68:4f:4f:05:64:e7:25:cf:80:85:a3:4f:
                    df:29:f9:c0:92:06:18:dd:53:cd:3e:4a:5c:0d:de:
                    c5:ae:dc:c0:28:be:cd:f3:6d:9f:f1:06:28:3d:75:
                    3e:06:e6:e5:2d:89:ac:1e:b0:36:44:ed:45:8d:7d:
                    92:a8:67:65:35:d1:94:73:0f:c8:39:f9:2d:ad:34:
                    32:5e:bc:07:3a:ca:04:a6:dd:bc:a3:2e:92:1d:87:
                    a1:ef:39:f0:fb:e9:e4:0e:e2:17:d1:96:25:f0:96:
                    b9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:C3:61:95:EF:05:CC:2D:96:37:27:35:29:C1:B4:2D:9B:BB:D0:E0
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-8Nhle8FzC2WNyc1KcG0LZu70OA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:31:04:dc:9f:e3:1b:c3:a0:f7:14:dd:ff:48:b6:00:30:86:
         08:6a:88:dd:21:56:15:94:54:b5:53:c1:c3:83:84:42:98:6d:
         7f:9b:26:05:12:91:6e:55:e9:0b:5d:40:58:84:73:83:18:bc:
         4e:ba:94:95:a6:93:9f:ce:2d:89:59:a3:bb:d9:f2:ce:ee:33:
         b6:3d:0e:60:44:f7:0f:3f:e3:c6:41:73:37:cf:a3:48:30:50:
         f8:87:3e:f7:9f:6c:fa:3b:45:74:a7:51:8e:16:a8:5c:cd:94:
         da:fd:14:8e:73:8d:1a:22:ef:af:23:ae:44:b2:21:02:5d:a9:
         f1:b8:66:67:09:02:52:46:27:b8:64:96:36:e1:cd:57:42:43:
         55:cc:50:de:42:78:e3:b1:8e:b1:6b:db:98:69:38:69:f9:9f:
         ef:79:ff:c7:b4:b1:8e:86:c1:aa:44:47:2d:ca:44:0e:23:62:
         43:cc:4f:1c:ea:7a:89:a2:8c:b4:75:30:34:c4:03:a2:2f:57:
         da:f2:90:0f:56:ac:05:f3:26:07:4f:d3:35:23:b3:74:d0:bc:
         77:9c:fa:04:86:98:36:8d:0c:7a:cc:3b:39:9c:5c:2e:46:7a:
         d3:3a:e3:0b:36:2c:55:13:a2:ff:c5:3b:a6:1c:5e:45:84:89:
         bd:74:d1:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt3x08lCLkONcn/NtV3FSEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjYwMTAxMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmMzNjE5NWVmMDVjYzJkOTYzNzI3MzUyOWMxYjQyZDliYmJkMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEu34wqu2fJCJgXEQ/nx40maFNc+
QTAH3nKEmJu3DWc3BvoWdkUps1oKaIhmHgjikwcqW9rJlIYDI6uaPaOHQbQIssJE
3sZ/abIZhk+39B1e9XaVKj7LGZOv7alE98kaUNb55r894G6Ab3OKWvmqm23BdZoE
GjXREGiEFBRyLmFUjoZY5uRI0+Qd+6WOCQzQqQMnbbFexRBoT08FZOclz4CFo0/f
KfnAkgYY3VPNPkpcDd7FrtzAKL7N822f8QYoPXU+BublLYmsHrA2RO1FjX2SqGdl
NdGUcw/IOfktrTQyXrwHOsoEpt28oy6SHYeh7znw++nkDuIX0ZYl8Ja5pwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvDYZXvBcwtljcnNSnBtC2bu9DgMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMS04TmhsZThGekMyV055YzFLY0cwTFp1NzBPQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvOTc0NzRjLTFkYzItNDYyYy1hYWRkLTllOWExZTAzNzM4
ZS8xL0pUbzdYMUdBZ1dqQ0VzQ1VvcnF2ODQ0V1Jrby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5MDjAN
BgkqhkiG9w0BAQsFAAOCAQEAKDEE3J/jG8Og9xTd/0i2ADCGCGqI3SFWFZRUtVPB
w4OEQphtf5smBRKRblXpC11AWIRzgxi8TrqUlaaTn84tiVmju9nyzu4ztj0OYET3
Dz/jxkFzN8+jSDBQ+Ic+959s+jtFdKdRjhaoXM2U2v0UjnONGiLvryOuRLIhAl2p
8bhmZwkCUkYnuGSWNuHNV0JDVcxQ3kJ447GOsWvbmGk4afmf73n/x7SxjobBqkRH
LcpEDiNiQ8xPHOp6iaKMtHUwNMQDoi9X2vKQD1asBfMmB0/TNSOzdNC8d5z6BIaY
No0Mesw7OZxcLkZ60zrjCzYsVROi/8U7phxeRYSJvXTRCQ==
-----END CERTIFICATE-----