This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/h00EwWS0nwQcNex-PoN4bBKe784.roa
File:                     h00EwWS0nwQcNex-PoN4bBKe784.roa (raw, json)
Hash identifier:          KPJZ49G0RdOibbutyTd80kdxdj+ZbMSn0AFJ4T8Y7D8=
Subject key identifier:   87:4D:04:C1:64:B4:9F:04:1C:35:EC:7E:3E:83:78:6C:12:9E:EF:CE
Certificate issuer:       /CN=153d072ccef00bf464d660dbd05dada1da33d2c8
Certificate serial:       019B7F80816DE4B6F97267AA623DADF2F558
Authority key identifier: 15:3D:07:2C:CE:F0:0B:F4:64:D6:60:DB:D0:5D:AD:A1:DA:33:D2:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/h00EwWS0nwQcNex-PoN4bBKe784.roa
Signing time:             Fri 02 Jan 2026 16:18:06 +0000
ROA not before:           Fri 02 Jan 2026 16:18:06 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     42716
IP address blocks:        77.73.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:80:81:6d:e4:b6:f9:72:67:aa:62:3d:ad:f2:f5:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=153d072ccef00bf464d660dbd05dada1da33d2c8
        Validity
            Not Before: Jan  2 16:18:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=874d04c164b49f041c35ec7e3e83786c129eefce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c9:01:b3:13:63:5a:5f:18:81:55:3c:53:1b:
                    e5:d9:c1:dd:d8:a6:80:f7:1e:b3:71:ef:7a:97:50:
                    ac:b8:38:88:56:79:87:0f:e5:b9:16:65:90:2a:3c:
                    98:84:3b:37:c4:24:0e:53:02:63:af:50:c6:c8:d1:
                    ff:3c:3e:7c:b2:f8:fc:1b:a9:3a:6b:36:ee:84:26:
                    2b:14:9d:73:64:84:63:05:71:f1:d4:80:57:b9:dd:
                    4f:9e:5e:74:44:ec:95:70:78:3b:ad:75:2d:db:cd:
                    b7:77:d8:52:15:70:46:a7:c6:41:9f:79:85:ad:05:
                    81:90:a0:6c:09:82:a8:98:c1:37:fa:d4:60:d7:88:
                    5c:63:20:b7:a5:7a:7a:d9:5e:4c:81:e2:7b:29:b7:
                    0d:64:6b:e3:32:30:a8:0a:21:42:1e:e4:ed:4d:51:
                    ab:99:7e:18:5b:b5:fd:8b:14:1d:c0:9d:02:ef:38:
                    5b:2d:50:d7:0e:f8:0f:0b:4b:e1:e9:0e:24:a3:4e:
                    7c:ee:f5:dc:b9:41:f6:4e:2c:6c:f1:63:e4:80:cb:
                    e1:6f:d8:bd:25:fa:ec:91:73:d5:95:e4:64:cd:88:
                    98:93:30:4d:5e:fb:99:e2:d8:30:cb:86:8c:13:c0:
                    5c:93:ae:49:1a:10:43:f8:3b:37:67:6d:d0:dc:e0:
                    bb:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:4D:04:C1:64:B4:9F:04:1C:35:EC:7E:3E:83:78:6C:12:9E:EF:CE
            X509v3 Authority Key Identifier:
                keyid:15:3D:07:2C:CE:F0:0B:F4:64:D6:60:DB:D0:5D:AD:A1:DA:33:D2:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT0HLM7wC_Rk1mDb0F2todoz0sg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/h00EwWS0nwQcNex-PoN4bBKe784.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/64b1e6-0a1f-40ec-9437-04a4c2c41c34/1/FT0HLM7wC_Rk1mDb0F2todoz0sg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:cb:c0:22:c0:ca:db:7f:aa:7e:10:4e:b2:14:e9:ba:89:9a:
         7a:37:6a:73:13:6a:34:2b:78:ad:35:b7:cc:f5:64:74:e7:1c:
         34:82:cd:16:c0:b4:ce:a0:d3:d0:ab:5b:47:29:fb:ef:a8:a8:
         f4:59:aa:35:18:60:52:5c:37:7c:46:5b:f3:6a:09:cb:d6:b2:
         32:9c:8b:84:38:48:51:d1:84:7f:fc:e7:9b:8e:8f:20:97:49:
         00:c4:ec:4c:34:02:32:b9:a1:4f:9b:cc:2b:33:1f:d4:04:1e:
         eb:59:14:c2:a9:45:5c:dc:4c:08:b9:72:4a:d9:e4:46:4d:5c:
         fd:35:17:51:96:45:c2:23:78:19:48:33:30:07:cf:46:64:59:
         58:6d:32:8f:ac:02:e1:e7:3f:6a:e0:44:15:20:f8:3f:da:61:
         8c:50:b3:3c:a8:61:a9:db:06:8f:1e:f8:27:c4:a4:0c:21:84:
         2f:05:1d:e0:de:e8:f3:2e:03:fe:cd:f5:8e:2d:c4:71:53:fe:
         19:7f:94:d7:2c:46:fa:0d:8d:86:f1:af:30:0c:b2:73:8a:dd:
         84:f3:30:55:11:2a:41:3a:02:57:0a:07:96:07:33:02:4c:6d:
         05:79:a9:ff:a9:4a:63:b3:a3:42:d8:8a:f4:40:59:7c:d4:f4:
         2e:24:b5:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gIFt5Lb5cmeqYj2t8vVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2QwNzJjY2VmMDBiZjQ2NGQ2NjBkYmQwNWRhZGExZGEz
M2QyYzgwHhcNMjYwMTAyMTYxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRkMDRjMTY0YjQ5ZjA0MWMzNWVjN2UzZTgzNzg2YzEyOWVlZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnskBsxNjWl8YgVU8Uxvl2cHd2KaA
9x6zce96l1CsuDiIVnmHD+W5FmWQKjyYhDs3xCQOUwJjr1DGyNH/PD58svj8G6k6
azbuhCYrFJ1zZIRjBXHx1IBXud1Pnl50ROyVcHg7rXUt2823d9hSFXBGp8ZBn3mF
rQWBkKBsCYKomME3+tRg14hcYyC3pXp62V5MgeJ7KbcNZGvjMjCoCiFCHuTtTVGr
mX4YW7X9ixQdwJ0C7zhbLVDXDvgPC0vh6Q4ko0587vXcuUH2Tixs8WPkgMvhb9i9
JfrskXPVleRkzYiYkzBNXvuZ4tgwy4aME8Bck65JGhBD+Ds3Z23Q3OC7xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdNBMFktJ8EHDXsfj6DeGwSnu/OMB8GA1UdIwQY
MBaAFBU9ByzO8Av0ZNZg29BdraHaM9LIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQwSExNN3dDX1JrMW1EYjBGMnRvZG96MHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82NGIxZTYtMGExZi00MGVjLTk0Mzct
MDRhNGMyYzQxYzM0LzEvaDAwRXdXUzBud1FjTmV4LVBvTjRiQktlNzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82NGIxZTYtMGExZi00MGVjLTk0MzctMDRhNGMyYzQxYzM0
LzEvRlQwSExNN3dDX1JrMW1EYjBGMnRvZG96MHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUnYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2y8AiwMrbf6p+EE6yFOm6iZp6N2pzE2o0K3itNbfM
9WR05xw0gs0WwLTOoNPQq1tHKfvvqKj0Wao1GGBSXDd8RlvzagnL1rIynIuEOEhR
0YR//Oebjo8gl0kAxOxMNAIyuaFPm8wrMx/UBB7rWRTCqUVc3EwIuXJK2eRGTVz9
NRdRlkXCI3gZSDMwB89GZFlYbTKPrALh5z9q4EQVIPg/2mGMULM8qGGp2waPHvgn
xKQMIYQvBR3g3ujzLgP+zfWOLcRxU/4Zf5TXLEb6DY2G8a8wDLJzit2E8zBVESpB
OgJXCgeWBzMCTG0Fean/qUpjs6NC2Ir0QFl81PQuJLWT
-----END CERTIFICATE-----