This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/HcWgx2MiMP_xtGT9IucxolgQeIY.roa
File:                     HcWgx2MiMP_xtGT9IucxolgQeIY.roa (raw, json)
Hash identifier:          rcEUsMaoUm7Xd2I+QLC1mGGbjcwOScogc6eZLbEfymQ=
Subject key identifier:   1D:C5:A0:C7:63:22:30:FF:F1:B4:64:FD:22:E7:31:A2:58:10:78:86
Certificate issuer:       /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Certificate serial:       019B7EA68EA356106E3A5215EA8F6F63D458
Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/HcWgx2MiMP_xtGT9IucxolgQeIY.roa
Signing time:             Fri 02 Jan 2026 12:20:03 +0000
ROA not before:           Fri 02 Jan 2026 12:20:03 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215546
IP address blocks:        193.243.183.0/26 maxlen: 26
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 Jan 2026 20:35:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a6:8e:a3:56:10:6e:3a:52:15:ea:8f:6f:63:d4:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
        Validity
            Not Before: Jan  2 12:20:03 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1dc5a0c7632230fff1b464fd22e731a258107886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c5:58:61:f9:bf:7f:71:60:ed:dd:6e:81:e4:
                    a7:82:9a:27:6b:54:d5:83:d8:aa:97:df:aa:0d:a7:
                    0e:c9:ce:ae:b7:30:fc:42:8f:83:2d:b2:e2:24:f8:
                    d3:f0:22:a6:1b:66:12:87:7e:64:e9:dc:09:af:66:
                    c2:c9:89:df:86:b7:b9:68:60:28:fa:9c:48:a5:d4:
                    e5:3e:53:52:19:de:c9:3f:13:62:4b:44:fb:85:d4:
                    a0:f2:3f:d5:29:db:c9:d4:01:2c:30:ad:bc:04:04:
                    82:2c:51:0a:19:43:0e:c0:a4:ba:e9:d9:e4:8f:bf:
                    49:4d:01:e9:d9:63:99:4d:19:28:fd:8e:2d:e5:ac:
                    b4:18:38:55:f7:d9:0c:de:b9:a3:5e:b9:49:15:1d:
                    22:51:1b:78:d9:ec:15:17:1d:16:e3:fa:e0:8c:32:
                    d1:76:4e:64:ff:b6:7f:de:e8:95:82:ec:9b:73:89:
                    e2:4f:31:84:58:6e:0a:85:47:e6:89:ff:c4:49:bb:
                    1b:1c:d3:15:86:a1:2e:1b:ef:0f:8f:b1:6a:73:23:
                    f0:76:1d:c2:53:ce:62:aa:74:0f:14:ff:f8:3d:f4:
                    b4:37:ea:94:b3:04:28:bc:7a:3b:4f:89:52:1b:6f:
                    8a:1f:77:79:88:1f:47:20:b9:88:b4:48:0d:6a:bf:
                    46:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C5:A0:C7:63:22:30:FF:F1:B4:64:FD:22:E7:31:A2:58:10:78:86
            X509v3 Authority Key Identifier:
                keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/HcWgx2MiMP_xtGT9IucxolgQeIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.243.183.0/26

    Signature Algorithm: sha256WithRSAEncryption
         5c:b1:ed:b3:68:2b:fb:43:2d:87:3a:8c:99:c7:06:8e:78:c5:
         ca:67:35:e3:be:ab:6d:be:e6:6d:7a:32:53:46:f4:1c:cf:84:
         3c:c3:74:3a:86:65:0b:27:d2:d7:51:78:42:41:1c:1a:4e:a3:
         4d:5d:14:25:68:b7:61:7b:54:fd:d4:15:1b:25:a8:bb:4f:12:
         31:d1:65:71:72:e7:a0:ec:79:a7:0b:83:bd:f9:50:42:60:f0:
         f0:5d:53:0c:6e:ba:3a:8c:2e:1e:ec:91:b2:d3:c1:67:11:af:
         ae:1e:ff:b9:be:0e:20:b6:c0:83:01:9b:89:a9:a9:f3:b2:84:
         7f:74:44:5e:d6:88:78:3f:21:c1:54:f2:04:e6:fe:63:fa:27:
         af:1f:f5:23:a3:c8:75:a5:c3:41:6e:d6:a8:8b:ac:c8:1a:c1:
         f0:1e:23:01:94:4d:c0:86:12:02:72:78:64:ef:c2:b5:14:2e:
         63:ae:be:f7:97:fb:e8:1f:95:5c:db:1a:e0:68:75:59:1e:e3:
         eb:20:2b:9e:32:01:bc:d3:a3:dc:cc:51:06:56:d0:bf:78:c4:
         0d:e4:05:7f:95:c2:a1:fe:24:45:d4:af:aa:4f:11:18:22:59:
         ae:21:57:47:f8:c0:dd:b1:9f:ea:f9:a8:fa:62:33:70:2e:11:
         51:ce:15:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt+po6jVhBuOlIV6o9vY9RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj
NzI4YmYwHhcNMjYwMTAyMTIyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM1YTBjNzYzMjIzMGZmZjFiNDY0ZmQyMmU3MzFhMjU4MTA3ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMVYYfm/f3Fg7d1ugeSngpona1TV
g9iql9+qDacOyc6utzD8Qo+DLbLiJPjT8CKmG2YSh35k6dwJr2bCyYnfhre5aGAo
+pxIpdTlPlNSGd7JPxNiS0T7hdSg8j/VKdvJ1AEsMK28BASCLFEKGUMOwKS66dnk
j79JTQHp2WOZTRko/Y4t5ay0GDhV99kM3rmjXrlJFR0iURt42ewVFx0W4/rgjDLR
dk5k/7Z/3uiVguybc4niTzGEWG4KhUfmif/ESbsbHNMVhqEuG+8Pj7FqcyPwdh3C
U85iqnQPFP/4PfS0N+qUswQovHo7T4lSG2+KH3d5iB9HILmItEgNar9GPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB3FoMdjIjD/8bRk/SLnMaJYEHiGMB8GA1UdIwQY
MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt
ODI0ZmZjNjk0MmY0LzEvSGNXZ3gyTWlNUF94dEdUOUl1Y3hvbGdRZUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0
LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUGwfO3ADAN
BgkqhkiG9w0BAQsFAAOCAQEAXLHts2gr+0MthzqMmccGjnjFymc1476rbb7mbXoy
U0b0HM+EPMN0OoZlCyfS11F4QkEcGk6jTV0UJWi3YXtU/dQVGyWou08SMdFlcXLn
oOx5pwuDvflQQmDw8F1TDG66OowuHuyRstPBZxGvrh7/ub4OILbAgwGbiamp87KE
f3REXtaIeD8hwVTyBOb+Y/onrx/1I6PIdaXDQW7WqIusyBrB8B4jAZRNwIYSAnJ4
ZO/CtRQuY66+95f76B+VXNsa4Gh1WR7j6yArnjIBvNOj3MxRBlbQv3jEDeQFf5XC
of4kRdSvqk8RGCJZriFXR/jA3bGf6vmo+mIzcC4RUc4VfQ==
-----END CERTIFICATE-----