This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/hElyins30a6CcTsBId_5i9QZESM.roa
File:                     hElyins30a6CcTsBId_5i9QZESM.roa (raw, json)
Hash identifier:          XTxIIPJV+tyv9VF/zIfOPYzhtJazNs7LRzbWZlggukw=
Subject key identifier:   84:49:72:8A:7B:37:D1:AE:82:71:3B:01:21:DF:F9:8B:D4:19:11:23
Certificate issuer:       /CN=e85b21afe1b0916f55eea6d5bdc1dbf2e73a3c68
Certificate serial:       019B783434B92A5540249B5E96C15EDD389B
Authority key identifier: E8:5B:21:AF:E1:B0:91:6F:55:EE:A6:D5:BD:C1:DB:F2:E7:3A:3C:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Fshr-GwkW9V7qbVvcHb8uc6PGg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/hElyins30a6CcTsBId_5i9QZESM.roa
Signing time:             Thu 01 Jan 2026 06:17:25 +0000
ROA not before:           Thu 01 Jan 2026 06:17:25 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     50102
IP address blocks:        195.225.58.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/6Fshr-GwkW9V7qbVvcHb8uc6PGg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/6Fshr-GwkW9V7qbVvcHb8uc6PGg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Fshr-GwkW9V7qbVvcHb8uc6PGg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:34:b9:2a:55:40:24:9b:5e:96:c1:5e:dd:38:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e85b21afe1b0916f55eea6d5bdc1dbf2e73a3c68
        Validity
            Not Before: Jan  1 06:17:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8449728a7b37d1ae82713b0121dff98bd4191123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8d:ed:b2:bc:6c:18:fd:f9:66:0f:85:14:5e:
                    40:ca:91:49:2f:a5:9a:74:50:cf:14:fb:fe:6d:48:
                    d8:d0:41:04:5b:95:cd:6b:d1:4f:40:20:a5:dd:a0:
                    88:77:7a:c3:ae:e9:73:cd:e0:a7:b3:ca:d6:79:b4:
                    b8:f1:e1:01:b7:1d:bb:f9:ae:b5:e0:1f:ab:bf:43:
                    94:37:aa:f8:04:be:df:45:b5:ff:f1:4f:c6:bd:6d:
                    07:a1:35:ba:77:e0:e8:8d:2d:eb:a1:95:32:2f:2d:
                    a0:82:8e:97:42:12:f5:8c:81:8d:cf:d9:c3:c3:a8:
                    02:c9:7a:37:68:d4:55:bb:fa:d0:4b:56:d9:3a:57:
                    a5:25:10:87:18:0c:94:34:49:1a:fe:d1:35:75:67:
                    d2:58:b8:7a:ac:24:e7:cb:5f:37:d1:82:cf:a3:0e:
                    c6:9b:7b:12:a9:70:41:67:ed:e8:4b:6d:25:bf:93:
                    57:32:67:60:58:90:8e:82:86:e8:84:14:7f:24:c0:
                    0e:80:f4:8d:80:8a:53:cf:85:7a:61:6e:5d:52:ac:
                    95:50:2b:34:5c:ff:71:4c:0e:1e:40:cc:ea:37:6b:
                    ec:01:61:a0:76:20:c9:06:a2:fa:84:a1:5f:37:da:
                    9a:05:33:71:34:7d:39:52:85:eb:0f:02:ea:93:0f:
                    c2:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:49:72:8A:7B:37:D1:AE:82:71:3B:01:21:DF:F9:8B:D4:19:11:23
            X509v3 Authority Key Identifier:
                keyid:E8:5B:21:AF:E1:B0:91:6F:55:EE:A6:D5:BD:C1:DB:F2:E7:3A:3C:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Fshr-GwkW9V7qbVvcHb8uc6PGg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/hElyins30a6CcTsBId_5i9QZESM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4b4748-5af0-4513-aca9-0b41234cb0ce/1/6Fshr-GwkW9V7qbVvcHb8uc6PGg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:f6:88:69:57:9f:9d:3e:4d:c6:fc:82:2d:e6:6c:2a:17:f4:
         0c:6a:40:4d:2b:0d:66:ec:26:03:dc:ea:c1:30:26:d7:0b:0d:
         5b:01:d5:a8:a8:b6:77:b8:50:04:94:65:72:25:71:2c:5e:15:
         32:54:5d:ce:c8:89:10:74:fb:64:b1:19:aa:2f:ab:02:68:de:
         5a:55:e1:1c:cc:24:ce:ad:aa:89:9e:49:e7:47:68:dc:75:02:
         fa:24:32:19:c0:c7:4f:a8:b4:fb:ef:3b:b8:fc:49:96:d7:14:
         3d:7a:89:4e:88:f9:3a:46:e6:ea:d1:7a:ef:5a:42:39:a8:e8:
         82:af:d2:9b:5c:49:f4:9e:fa:85:21:48:89:87:a1:4f:a3:b9:
         33:71:31:f8:cc:75:be:ff:1c:d8:8a:a7:3e:6f:69:3e:c6:09:
         a4:9b:56:a7:09:80:4e:26:40:af:45:3d:46:77:55:02:5b:0b:
         7a:0a:5c:3f:41:f4:0d:07:b0:4c:8d:6c:4d:6f:ce:02:99:0f:
         f4:e5:fc:eb:e8:66:af:21:b0:07:35:ba:11:36:cb:7c:41:1f:
         db:39:e0:ae:35:9f:12:e1:e2:9c:ac:f5:8b:54:cd:39:7d:67:
         b5:15:58:ab:f9:c8:f0:9d:33:d9:a4:00:25:10:07:75:1f:6a:
         3a:a0:f7:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NDS5KlVAJJtelsFe3TibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWIyMWFmZTFiMDkxNmY1NWVlYTZkNWJkYzFkYmYyZTcz
YTNjNjgwHhcNMjYwMTAxMDYxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ5NzI4YTdiMzdkMWFlODI3MTNiMDEyMWRmZjk4YmQ0MTkxMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI3tsrxsGP35Zg+FFF5AypFJL6Wa
dFDPFPv+bUjY0EEEW5XNa9FPQCCl3aCId3rDrulzzeCns8rWebS48eEBtx27+a61
4B+rv0OUN6r4BL7fRbX/8U/GvW0HoTW6d+DojS3roZUyLy2ggo6XQhL1jIGNz9nD
w6gCyXo3aNRVu/rQS1bZOlelJRCHGAyUNEka/tE1dWfSWLh6rCTny1830YLPow7G
m3sSqXBBZ+3oS20lv5NXMmdgWJCOgobohBR/JMAOgPSNgIpTz4V6YW5dUqyVUCs0
XP9xTA4eQMzqN2vsAWGgdiDJBqL6hKFfN9qaBTNxNH05UoXrDwLqkw/CTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRJcop7N9GugnE7ASHf+YvUGREjMB8GA1UdIwQY
MBaAFOhbIa/hsJFvVe6m1b3B2/LnOjxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZzaHItR3drVzlWN3FiVnZjSGI4dWM2UEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80YjQ3NDgtNWFmMC00NTEzLWFjYTkt
MGI0MTIzNGNiMGNlLzEvaEVseWluczMwYTZDY1RzQklkXzVpOVFaRVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80YjQ3NDgtNWFmMC00NTEzLWFjYTktMGI0MTIzNGNiMGNl
LzEvNkZzaHItR3drVzlWN3FiVnZjSGI4dWM2UEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+E6MA0G
CSqGSIb3DQEBCwUAA4IBAQAJ9ohpV5+dPk3G/IIt5mwqF/QMakBNKw1m7CYD3OrB
MCbXCw1bAdWoqLZ3uFAElGVyJXEsXhUyVF3OyIkQdPtksRmqL6sCaN5aVeEczCTO
raqJnknnR2jcdQL6JDIZwMdPqLT77zu4/EmW1xQ9eolOiPk6Rubq0XrvWkI5qOiC
r9KbXEn0nvqFIUiJh6FPo7kzcTH4zHW+/xzYiqc+b2k+xgmkm1anCYBOJkCvRT1G
d1UCWwt6Clw/QfQNB7BMjWxNb84CmQ/05fzr6GavIbAHNboRNst8QR/bOeCuNZ8S
4eKcrPWLVM05fWe1FVir+cjwnTPZpAAlEAd1H2o6oPfS
-----END CERTIFICATE-----