This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/1-DvsSSfIpJZDV3xPHOJo0DctRuY.roa
File:                     1-DvsSSfIpJZDV3xPHOJo0DctRuY.roa (raw, json)
Hash identifier:          NZc7Jrn95ssvSPyZ3Ab2YcErt8Xet8QyonFr2zEF4Wc=
Subject key identifier:   F8:3B:EC:49:27:C8:A4:96:43:57:7C:4F:1C:E2:68:D0:37:2D:46:E6
Certificate issuer:       /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial:       019B7BA4F889358D779529B93D01169C288E
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/1-DvsSSfIpJZDV3xPHOJo0DctRuY.roa
Signing time:             Thu 01 Jan 2026 22:19:27 +0000
ROA not before:           Thu 01 Jan 2026 22:19:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     834
IP address blocks:        194.165.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:f8:89:35:8d:77:95:29:b9:3d:01:16:9c:28:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
        Validity
            Not Before: Jan  1 22:19:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f83bec4927c8a49643577c4f1ce268d0372d46e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b6:66:22:65:0d:f1:59:8a:6a:1a:7b:4e:19:
                    a5:7e:4f:7c:e0:3a:f9:5d:ef:7f:c2:cc:a2:bc:17:
                    8f:1d:32:1f:32:01:55:4d:ac:27:cf:22:e9:51:18:
                    f8:c5:a5:78:8d:7d:23:29:85:06:c2:3c:d4:fc:70:
                    33:0c:fb:10:c6:88:82:c5:85:88:1f:64:7a:e5:1e:
                    47:ac:f4:af:04:51:10:2b:54:df:fa:72:96:c4:38:
                    3b:6c:99:94:74:60:a5:1b:7e:fb:30:e7:d7:ba:4f:
                    0e:e1:fd:bd:e5:16:fe:85:f9:24:cd:8b:2f:7e:e7:
                    51:d8:ac:cf:c0:3b:7e:44:5a:a2:79:a9:14:a2:ec:
                    71:b7:f4:6b:2a:fa:00:2e:a2:0c:7b:00:78:78:59:
                    a2:52:5c:72:15:3b:eb:05:9c:0e:6b:45:ae:6c:ac:
                    a3:fd:a8:d0:18:ad:73:5a:11:ed:b5:8a:18:4e:88:
                    fa:8b:f7:9c:04:59:b8:82:00:50:82:0b:d4:bd:6f:
                    2e:b6:e4:8a:19:03:6f:7e:af:d3:20:83:ef:96:c9:
                    1c:a4:91:49:c4:4d:ee:92:c8:75:ca:d1:76:ea:32:
                    7d:d3:6e:04:03:9e:eb:8f:d9:87:fb:59:be:31:cd:
                    ca:bd:df:38:f5:c8:28:49:0d:2a:e7:8c:d7:a1:db:
                    18:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:3B:EC:49:27:C8:A4:96:43:57:7C:4F:1C:E2:68:D0:37:2D:46:E6
            X509v3 Authority Key Identifier:
                keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/1-DvsSSfIpJZDV3xPHOJo0DctRuY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.165.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:53:ec:13:5f:47:44:54:ea:ae:86:74:9c:34:15:5f:fc:4b:
         56:13:6e:1a:79:33:17:b3:1e:db:93:6f:ba:34:a9:03:50:e7:
         72:32:d9:59:68:dc:da:8f:34:0d:2c:b9:d3:ce:55:f8:c5:bf:
         61:29:f1:de:4f:5e:92:e3:ed:fb:52:bd:95:59:0b:49:0e:87:
         69:c8:c1:09:39:07:4c:9e:29:f1:1b:22:16:cd:3a:04:76:1f:
         b4:96:3c:60:4d:ba:1b:51:48:b2:b5:98:e5:16:2f:16:64:81:
         aa:8a:c2:90:2d:cd:b6:18:1a:0a:c8:cd:3d:be:8c:a6:8c:57:
         9b:fd:dc:e4:24:69:0c:43:be:5b:b0:34:cc:01:66:15:35:c3:
         fe:be:7a:bd:43:2d:06:ce:37:97:fe:e4:5f:ab:65:10:5f:49:
         d8:5a:64:3a:9f:0a:da:f5:0c:f7:99:62:bd:9c:10:7e:22:42:
         4a:f7:ad:80:e3:ea:6d:dd:5a:ca:1b:d7:84:d2:f1:e9:8d:dc:
         e6:59:0e:16:58:ff:66:e3:33:a6:8e:b8:0b:a6:1c:39:f2:b2:
         dc:23:8d:9e:01:0b:17:5f:e6:2e:a8:dc:ff:df:f4:df:a5:d4:
         0a:97:e7:fe:87:9c:20:85:16:93:b8:f0:94:93:54:01:2a:fd:
         3f:70:e1:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt7pPiJNY13lSm5PQEWnCiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjYwMTAxMjIxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNiZWM0OTI3YzhhNDk2NDM1NzdjNGYxY2UyNjhkMDM3MmQ0NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbZmImUN8VmKahp7Thmlfk984Dr5
Xe9/wsyivBePHTIfMgFVTawnzyLpURj4xaV4jX0jKYUGwjzU/HAzDPsQxoiCxYWI
H2R65R5HrPSvBFEQK1Tf+nKWxDg7bJmUdGClG377MOfXuk8O4f295Rb+hfkkzYsv
fudR2KzPwDt+RFqieakUouxxt/RrKvoALqIMewB4eFmiUlxyFTvrBZwOa0WubKyj
/ajQGK1zWhHttYoYToj6i/ecBFm4ggBQggvUvW8utuSKGQNvfq/TIIPvlskcpJFJ
xE3uksh1ytF26jJ9024EA57rj9mH+1m+Mc3Kvd849cgoSQ0q54zXodsYOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPg77EknyKSWQ1d8TxziaNA3LUbmMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvMS1EdnNTU2ZJcEpaRFYzeFBIT0pvMERjdFJ1WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYw
Yy8xLzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKlGzAN
BgkqhkiG9w0BAQsFAAOCAQEAJFPsE19HRFTqroZ0nDQVX/xLVhNuGnkzF7Me25Nv
ujSpA1DncjLZWWjc2o80DSy5085V+MW/YSnx3k9ekuPt+1K9lVkLSQ6HacjBCTkH
TJ4p8RsiFs06BHYftJY8YE26G1FIsrWY5RYvFmSBqorCkC3NthgaCsjNPb6MpoxX
m/3c5CRpDEO+W7A0zAFmFTXD/r56vUMtBs43l/7kX6tlEF9J2FpkOp8K2vUM95li
vZwQfiJCSvetgOPqbd1ayhvXhNLx6Y3c5lkOFlj/ZuMzpo64C6YcOfKy3CONngEL
F1/mLqjc/9/036XUCpfn/oecIIUWk7jwlJNUASr9P3Dh1w==
-----END CERTIFICATE-----