This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/hVY_dYxYhKuO3qtI4MOUcvIONF4.roa
File:                     hVY_dYxYhKuO3qtI4MOUcvIONF4.roa (raw, json)
Hash identifier:          yGx/OoacbBBGFHUNn7h+o/bue//pA9bBusA+ebRU/Us=
Subject key identifier:   85:56:3F:75:8C:58:84:AB:8E:DE:AB:48:E0:C3:94:72:F2:0E:34:5E
Certificate issuer:       /CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Certificate serial:       019B79ECDF6FA25F13256BC16DC88200821C
Authority key identifier: 44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/hVY_dYxYhKuO3qtI4MOUcvIONF4.roa
Signing time:             Thu 01 Jan 2026 14:18:45 +0000
ROA not before:           Thu 01 Jan 2026 14:18:45 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     51222
IP address blocks:        195.54.36.0/24 maxlen: 24
                          195.54.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 Jan 2026 11:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ec:df:6f:a2:5f:13:25:6b:c1:6d:c8:82:00:82:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
        Validity
            Not Before: Jan  1 14:18:45 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=85563f758c5884ab8edeab48e0c39472f20e345e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:79:1d:3d:67:9a:e4:fc:2e:93:ff:a1:9c:74:
                    09:60:fe:44:83:29:44:75:c2:01:41:af:2e:6e:01:
                    6e:c0:91:5b:d5:b6:57:db:88:59:21:b9:f4:2c:28:
                    87:69:9e:8b:08:99:96:4e:5a:3b:10:e1:ae:a6:00:
                    35:2b:a0:60:f9:76:a0:04:14:44:ee:5b:e9:c9:eb:
                    81:38:c1:bb:f0:83:a3:da:13:b1:81:2e:f0:46:6e:
                    63:01:ea:31:3b:99:d6:ed:51:13:7b:b3:e5:57:b0:
                    c5:c4:eb:fb:2f:9b:c7:a1:bd:d6:5e:5b:20:5a:19:
                    c9:f7:44:cc:d8:c8:40:f6:d3:43:b9:be:c9:12:a2:
                    81:fc:95:82:a6:99:2a:c6:f2:74:47:2b:90:98:a1:
                    5c:30:b0:3a:89:68:c7:30:37:5d:b4:62:29:7e:25:
                    5b:29:d9:32:26:e0:3d:68:17:17:bf:b9:7e:dd:6d:
                    4e:fa:ff:33:59:7e:2e:c9:4f:c7:ed:1b:e4:49:9c:
                    a5:d0:0b:fb:29:75:ae:7c:df:1d:b7:b3:16:6f:f5:
                    a2:45:a5:0f:e4:80:0b:5a:a9:01:4a:0c:36:46:ad:
                    45:99:db:95:2c:9a:46:f8:6c:c8:d8:44:aa:cf:ac:
                    6a:33:12:94:a6:6a:15:84:9e:be:35:56:08:03:eb:
                    f5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:56:3F:75:8C:58:84:AB:8E:DE:AB:48:E0:C3:94:72:F2:0E:34:5E
            X509v3 Authority Key Identifier:
                keyid:44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/hVY_dYxYhKuO3qtI4MOUcvIONF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.54.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:92:04:d1:60:98:d5:3f:ba:63:00:9c:3b:fc:cb:cb:4e:3b:
         7b:2e:bf:6d:aa:0b:79:9e:49:d3:f2:79:5f:5d:61:ae:04:ab:
         48:d6:1a:b0:e6:b5:20:35:15:71:e7:23:fd:8f:b8:1a:39:e2:
         a6:f1:e3:b3:3f:c1:af:ac:c0:32:96:c6:25:d6:bf:b1:5a:fb:
         df:d4:d9:49:27:1c:57:79:3b:09:40:57:89:8a:3c:93:1a:b6:
         6a:7c:0a:bd:6b:e0:90:9c:3b:8f:49:65:6e:05:96:fc:9a:56:
         b5:73:13:b9:d8:76:10:71:34:44:78:52:33:37:44:3f:96:c7:
         9f:c2:ad:82:f8:17:ac:f6:f2:54:b2:c2:b9:8d:fe:ee:31:78:
         5d:19:a5:d6:df:e5:ac:97:31:34:61:f7:c9:79:62:1f:e8:c5:
         99:18:8b:d8:07:4b:7d:d1:ad:7a:e8:31:ad:16:b4:87:8e:e7:
         28:2e:1d:1f:89:8c:37:7a:37:27:cf:28:de:a0:41:e5:5b:73:
         9c:f8:3b:48:82:7a:16:be:ab:16:91:b7:c8:df:13:6e:eb:46:
         79:cc:be:b9:e9:2f:bb:3c:69:7b:89:6c:e9:17:b6:75:a2:2f:
         d6:75:a0:1b:39:79:98:75:91:31:c4:9b:8c:89:9c:4c:e0:1b:
         b9:00:54:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt57N9vol8TJWvBbciCAIIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Zjg4NTIyMGYxNzE5ZjU4MzdjYjVhMzZmYTYyZjNmNTM3
ZThlM2YwHhcNMjYwMTAxMTQxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU2M2Y3NThjNTg4NGFiOGVkZWFiNDhlMGMzOTQ3MmYyMGUzNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3kdPWea5Pwuk/+hnHQJYP5EgylE
dcIBQa8ubgFuwJFb1bZX24hZIbn0LCiHaZ6LCJmWTlo7EOGupgA1K6Bg+XagBBRE
7lvpyeuBOMG78IOj2hOxgS7wRm5jAeoxO5nW7VETe7PlV7DFxOv7L5vHob3WXlsg
WhnJ90TM2MhA9tNDub7JEqKB/JWCppkqxvJ0RyuQmKFcMLA6iWjHMDddtGIpfiVb
KdkyJuA9aBcXv7l+3W1O+v8zWX4uyU/H7RvkSZyl0Av7KXWufN8dt7MWb/WiRaUP
5IALWqkBSgw2Rq1FmduVLJpG+GzI2ESqz6xqMxKUpmoVhJ6+NVYIA+v1mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVWP3WMWISrjt6rSODDlHLyDjReMB8GA1UdIwQY
MBaAFET4hSIPFxn1g3y1o2+mLz9Tfo4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDkt
MzdlZDk5MTQzYWFlLzEvaFZZX2RZeFloS3VPM3F0STRNT1VjdklPTkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDktMzdlZDk5MTQzYWFl
LzEvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAWkgTRYJjVP7pjAJw7/MvLTjt7Lr9tqgt5nknT8nlf
XWGuBKtI1hqw5rUgNRVx5yP9j7gaOeKm8eOzP8GvrMAylsYl1r+xWvvf1NlJJxxX
eTsJQFeJijyTGrZqfAq9a+CQnDuPSWVuBZb8mla1cxO52HYQcTREeFIzN0Q/lsef
wq2C+Bes9vJUssK5jf7uMXhdGaXW3+WslzE0YffJeWIf6MWZGIvYB0t90a166DGt
FrSHjucoLh0fiYw3ejcnzyjeoEHlW3Oc+DtIgnoWvqsWkbfI3xNu60Z5zL656S+7
PGl7iWzpF7Z1oi/WdaAbOXmYdZExxJuMiZxM4Bu5AFT2
-----END CERTIFICATE-----