This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/HMrWWr_GpU-7TilUWTszNhM4XF4.roa
File:                     HMrWWr_GpU-7TilUWTszNhM4XF4.roa (raw, json)
Hash identifier:          ZxbJ+8rmhmPIZSt+dx++l6IVbkPcuwgYpg8+JSAPwH4=
Subject key identifier:   1C:CA:D6:5A:BF:C6:A5:4F:BB:4E:29:54:59:3B:33:36:13:38:5C:5E
Certificate issuer:       /CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Certificate serial:       019B7AC8FAC90424C339DEB6233E15F2F4E1
Authority key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/HMrWWr_GpU-7TilUWTszNhM4XF4.roa
Signing time:             Thu 01 Jan 2026 18:19:10 +0000
ROA not before:           Thu 01 Jan 2026 18:19:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     20292
IP address blocks:        91.204.73.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Jan 2026 09:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:fa:c9:04:24:c3:39:de:b6:23:3e:15:f2:f4:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
        Validity
            Not Before: Jan  1 18:19:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1ccad65abfc6a54fbb4e2954593b333613385c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f1:c5:54:19:6a:31:b8:db:0c:cb:7b:88:69:
                    ef:0d:03:78:24:16:8d:31:9e:10:99:9c:a0:a9:a8:
                    d7:b8:56:fb:46:0a:35:54:a1:d3:a2:ad:0c:15:b3:
                    04:87:49:99:ee:b3:34:1b:66:15:f3:8a:7b:56:e1:
                    1d:ac:fb:7d:3d:96:11:2c:f0:ad:86:98:8a:fa:12:
                    22:57:8a:70:db:17:54:9c:50:7e:24:27:6f:5c:d0:
                    09:1e:c9:5c:b7:a3:38:15:2c:e7:57:e2:a0:8d:92:
                    39:36:71:31:fc:62:c1:b7:26:1d:7d:c6:c4:8a:fb:
                    00:9f:77:5f:ba:af:fb:72:6f:83:1c:9a:54:6b:d3:
                    ee:e4:2d:7e:e7:38:30:d5:6d:09:f1:06:4f:98:4b:
                    0b:fb:d5:1c:ee:cb:85:61:47:c3:5a:ea:94:4b:c6:
                    0d:57:06:a6:d2:30:56:49:79:18:bc:f8:0d:68:13:
                    97:fe:ab:5f:e7:7f:40:d4:cb:17:43:52:f0:07:ba:
                    65:0b:90:8f:11:89:19:4c:1f:53:f9:fa:ce:be:aa:
                    09:c7:16:47:0a:ed:58:1a:5b:1a:ea:07:50:e1:29:
                    4d:84:4c:c9:21:c1:dc:07:67:9b:d2:80:22:ff:fb:
                    ef:7a:ab:1a:ac:a1:03:7b:a6:2e:3d:7c:15:58:dc:
                    0e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:CA:D6:5A:BF:C6:A5:4F:BB:4E:29:54:59:3B:33:36:13:38:5C:5E
            X509v3 Authority Key Identifier:
                keyid:54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/HMrWWr_GpU-7TilUWTszNhM4XF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:41:9f:43:d6:b5:4f:90:99:ea:a6:c2:54:1c:36:28:c9:10:
         c6:c2:85:33:4d:43:5d:2b:ee:3f:91:60:a5:6f:0d:58:24:61:
         37:6d:aa:16:d3:f0:d8:03:a1:8c:75:c8:81:0b:88:f9:80:60:
         45:99:4f:a6:9e:26:85:e2:05:a8:68:1b:d4:58:5f:36:db:e9:
         7a:23:9a:06:11:e9:55:8a:18:18:5a:29:e2:63:81:d9:db:d8:
         98:b5:c2:c9:ec:dd:36:c3:fd:20:8e:77:90:ee:c1:79:b5:ac:
         42:a4:a8:67:0a:b6:b1:93:dc:67:99:5f:b2:1e:05:26:f5:4b:
         9e:af:d5:af:41:62:a7:de:eb:8e:c4:72:cb:b2:59:94:d7:2c:
         5f:dd:cf:c8:53:ca:5f:7b:93:e2:9c:70:2b:9b:b7:30:33:e0:
         de:76:d6:07:18:92:8d:39:d5:dc:d7:fd:9d:a8:d4:06:cd:5f:
         f7:70:0c:3b:cf:e3:e2:41:18:36:73:a4:da:8f:9f:5b:a8:a3:
         71:d9:c7:8f:c1:98:73:01:fe:33:b7:16:be:df:21:76:02:2e:
         4d:f8:1c:eb:01:0a:c1:65:5b:ae:0d:ed:0b:88:ac:f0:de:03:
         1a:c0:b7:71:25:d3:e1:b1:06:c2:34:ca:84:57:2e:f7:ad:56:
         29:64:6e:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt6yPrJBCTDOd62Iz4V8vThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1YzM0YTYyZmZiZWQ4ZmMwZjBlYzAxYjQyYzBjNTBl
ZTdlZjcwHhcNMjYwMTAxMTgxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NhZDY1YWJmYzZhNTRmYmI0ZTI5NTQ1OTNiMzMzNjEzMzg1YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fHFVBlqMbjbDMt7iGnvDQN4JBaN
MZ4QmZygqajXuFb7Rgo1VKHToq0MFbMEh0mZ7rM0G2YV84p7VuEdrPt9PZYRLPCt
hpiK+hIiV4pw2xdUnFB+JCdvXNAJHslct6M4FSznV+KgjZI5NnEx/GLBtyYdfcbE
ivsAn3dfuq/7cm+DHJpUa9Pu5C1+5zgw1W0J8QZPmEsL+9Uc7suFYUfDWuqUS8YN
Vwam0jBWSXkYvPgNaBOX/qtf539A1MsXQ1LwB7plC5CPEYkZTB9T+frOvqoJxxZH
Cu1YGlsa6gdQ4SlNhEzJIcHcB2eb0oAi//vveqsarKEDe6YuPXwVWNwOHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzK1lq/xqVPu04pVFk7MzYTOFxeMB8GA1UdIwQY
MBaAFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYt
ZjRmMWY5M2UwNDY3LzEvSE1yV1dyX0dwVS03VGlsVVdUc3pOaE00WEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYtZjRmMWY5M2UwNDY3
LzEvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8xJMA0G
CSqGSIb3DQEBCwUAA4IBAQAdQZ9D1rVPkJnqpsJUHDYoyRDGwoUzTUNdK+4/kWCl
bw1YJGE3baoW0/DYA6GMdciBC4j5gGBFmU+mniaF4gWoaBvUWF822+l6I5oGEelV
ihgYWiniY4HZ29iYtcLJ7N02w/0gjneQ7sF5taxCpKhnCraxk9xnmV+yHgUm9Uue
r9WvQWKn3uuOxHLLslmU1yxf3c/IU8pfe5PinHArm7cwM+DedtYHGJKNOdXc1/2d
qNQGzV/3cAw7z+PiQRg2c6Taj59bqKNx2cePwZhzAf4ztxa+3yF2Ai5N+BzrAQrB
ZVuuDe0LiKzw3gMawLdxJdPhsQbCNMqEVy73rVYpZG5D
-----END CERTIFICATE-----