This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/AY1iMORDHDgQNC21EbLGg6ZEDpw.roa
File:                     AY1iMORDHDgQNC21EbLGg6ZEDpw.roa (raw, json)
Hash identifier:          3w1FsZAT1JQFqgbVafVkEbPo9zV31vioorRtVf190rE=
Subject key identifier:   01:8D:62:30:E4:43:1C:38:10:34:2D:B5:11:B2:C6:83:A6:44:0E:9C
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019B7B359516ABF1ECF0691617D3EE456C68
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/AY1iMORDHDgQNC21EbLGg6ZEDpw.roa
Signing time:             Thu 01 Jan 2026 20:17:47 +0000
ROA not before:           Thu 01 Jan 2026 20:17:47 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     211294
IP address blocks:        80.96.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 18:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:95:16:ab:f1:ec:f0:69:16:17:d3:ee:45:6c:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:17:47 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=018d6230e4431c3810342db511b2c683a6440e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e0:f7:5e:bf:42:ab:37:3f:66:8c:70:b3:63:
                    c1:31:e9:0a:3b:a5:e7:7d:3c:3b:dc:19:3f:90:7e:
                    3b:9f:63:11:52:75:f7:8f:2d:18:8f:e7:a7:a3:7e:
                    4c:75:88:35:cc:4b:c3:54:e0:b4:e9:87:bb:66:6d:
                    5d:49:cd:15:9c:b3:28:d1:3f:38:1f:25:37:13:b5:
                    b0:8f:5b:b6:de:0e:b8:2a:fb:d2:26:39:e5:89:59:
                    be:c8:6c:5c:f3:62:9b:28:3c:f7:ff:19:9f:51:67:
                    ae:4a:d0:74:45:f3:99:0a:ad:ed:de:95:1d:3c:01:
                    8c:d8:7d:6b:ad:f5:56:3b:23:28:40:33:5f:f6:07:
                    9c:aa:96:af:b0:2b:88:86:b5:46:09:5c:3e:40:83:
                    5d:46:27:b9:28:6a:77:58:a0:1d:29:6e:64:f0:4d:
                    e2:62:04:2f:d7:e5:a0:32:ce:25:61:49:f0:c5:08:
                    8e:af:da:32:e0:d9:8e:1b:c9:29:75:71:1f:59:8c:
                    6c:54:e6:5e:dc:34:ae:e7:c4:97:44:b1:58:e3:a3:
                    bf:a7:8d:f1:49:d8:98:ee:40:9f:58:d8:8b:47:30:
                    87:6e:c3:77:21:d2:28:a4:22:69:ea:b5:96:ec:24:
                    d0:5c:55:6c:3d:bc:f6:2c:9d:87:78:ac:6d:db:c6:
                    bd:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:8D:62:30:E4:43:1C:38:10:34:2D:B5:11:B2:C6:83:A6:44:0E:9C
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/AY1iMORDHDgQNC21EbLGg6ZEDpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:9c:8b:1c:f8:59:76:a2:ea:9b:1c:09:a9:44:3e:e0:e9:ed:
         0a:04:9c:36:d0:61:ed:b1:ca:aa:ea:45:90:db:ee:8d:fb:d9:
         77:fe:5b:03:b2:8f:f2:3a:5a:b6:c1:67:cf:32:47:0a:54:1c:
         62:d6:c8:a3:45:9e:5c:e1:95:eb:9d:3d:98:ae:76:c8:2c:93:
         38:ad:35:0b:85:0b:4f:be:1c:fd:7d:0d:54:76:d4:dd:22:6c:
         22:04:d3:e4:37:9f:9b:59:dd:f8:4a:52:ea:85:b9:57:f6:f5:
         2f:f1:38:d5:6d:3d:a0:cb:42:81:81:2e:96:24:66:f4:ef:ca:
         a0:64:b3:6e:28:96:21:51:de:f0:fa:c2:c3:ae:fd:53:2b:1a:
         31:84:f7:dc:2f:bb:54:e0:4b:d2:8f:c6:69:d0:9b:7a:d1:13:
         97:bc:44:19:61:0d:19:31:3c:ae:d8:36:77:fd:66:c1:fa:13:
         0f:f4:84:6b:6f:51:64:53:da:f6:f2:07:96:6f:fc:bc:48:b2:
         45:c1:31:28:17:50:5e:16:67:4e:5e:99:91:ec:2f:7c:b3:cc:
         14:12:3e:51:72:1b:cd:39:91:b7:fe:54:5d:da:6b:c4:e8:c9:
         72:41:d8:96:93:f2:d9:f6:66:09:9e:67:b6:92:b8:e0:4c:9a:
         61:58:28:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NZUWq/Hs8GkWF9PuRWxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMTAxMjAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThkNjIzMGU0NDMxYzM4MTAzNDJkYjUxMWIyYzY4M2E2NDQwZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+D3Xr9Cqzc/Zoxws2PBMekKO6Xn
fTw73Bk/kH47n2MRUnX3jy0Yj+eno35MdYg1zEvDVOC06Ye7Zm1dSc0VnLMo0T84
HyU3E7Wwj1u23g64KvvSJjnliVm+yGxc82KbKDz3/xmfUWeuStB0RfOZCq3t3pUd
PAGM2H1rrfVWOyMoQDNf9gecqpavsCuIhrVGCVw+QINdRie5KGp3WKAdKW5k8E3i
YgQv1+WgMs4lYUnwxQiOr9oy4NmOG8kpdXEfWYxsVOZe3DSu58SXRLFY46O/p43x
SdiY7kCfWNiLRzCHbsN3IdIopCJp6rWW7CTQXFVsPbz2LJ2HeKxt28a98wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGNYjDkQxw4EDQttRGyxoOmRA6cMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQVkxaU1PUkRIRGdRTkMyMUViTEdnNlpFRHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUGAoMA0G
CSqGSIb3DQEBCwUAA4IBAQCwnIsc+Fl2ouqbHAmpRD7g6e0KBJw20GHtscqq6kWQ
2+6N+9l3/lsDso/yOlq2wWfPMkcKVBxi1sijRZ5c4ZXrnT2YrnbILJM4rTULhQtP
vhz9fQ1UdtTdImwiBNPkN5+bWd34SlLqhblX9vUv8TjVbT2gy0KBgS6WJGb078qg
ZLNuKJYhUd7w+sLDrv1TKxoxhPfcL7tU4EvSj8Zp0Jt60ROXvEQZYQ0ZMTyu2DZ3
/WbB+hMP9IRrb1FkU9r28geWb/y8SLJFwTEoF1BeFmdOXpmR7C98s8wUEj5RchvN
OZG3/lRd2mvE6MlyQdiWk/LZ9mYJnme2krjgTJphWChq
-----END CERTIFICATE-----