This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HBGLJhBsyXuuqq1G2WRr7w9GmzA.roa
File:                     HBGLJhBsyXuuqq1G2WRr7w9GmzA.roa (raw, json)
Hash identifier:          Xrp4GvKqpuyXoOP+vPhalYrazHW2Uf34ic2KIJ7gEtM=
Subject key identifier:   1C:11:8B:26:10:6C:C9:7B:AE:AA:AD:46:D9:64:6B:EF:0F:46:9B:30
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       019BAC1AC5C9B587DF18A99BA8C2C2714B2D
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HBGLJhBsyXuuqq1G2WRr7w9GmzA.roa
Signing time:             Sun 11 Jan 2026 08:09:54 +0000
ROA not before:           Sun 11 Jan 2026 08:09:54 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     51852
IP address blocks:        45.81.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 22 Jan 2026 11:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:ac:1a:c5:c9:b5:87:df:18:a9:9b:a8:c2:c2:71:4b:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Jan 11 08:09:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1c118b26106cc97baeaaad46d9646bef0f469b30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:33:e1:d8:7a:f1:55:32:0d:40:15:dc:38:48:
                    a3:d4:e2:05:08:2d:6d:f9:54:c0:37:a2:b2:4d:d1:
                    44:f4:b7:d9:ac:a6:fa:e1:e2:89:72:e4:cf:f5:a5:
                    1b:97:34:49:f9:ad:e9:ca:01:d7:42:7b:1f:61:64:
                    02:1f:8d:7d:e7:77:f7:9f:3f:e2:ea:e1:fa:d1:d2:
                    89:bc:66:b2:70:3b:10:3c:08:41:78:5f:46:60:17:
                    04:fb:6e:dd:6d:2c:1e:fe:40:a5:e0:f2:99:d0:c1:
                    d9:11:e2:14:ec:df:46:3c:f3:68:95:55:e5:d6:2f:
                    5d:17:61:75:a4:a8:33:86:40:fd:29:21:d4:34:eb:
                    ee:36:f5:7e:37:53:72:25:1a:29:f3:e7:11:23:3f:
                    12:8b:40:ae:5a:aa:42:2c:13:1e:4c:b2:5d:ec:02:
                    4f:c9:bd:99:21:68:6a:cc:73:fe:6b:43:77:e6:36:
                    1e:23:0f:80:14:e5:f1:11:1a:1b:e3:af:73:fb:d2:
                    70:bd:99:8f:6f:ee:1e:f9:b8:7e:b4:56:ad:bd:08:
                    7c:15:80:36:65:7c:d9:86:b0:57:59:ee:2d:f9:f7:
                    0b:a6:8e:6e:f8:f0:3c:24:cd:64:23:68:70:1a:a5:
                    5b:00:ff:5f:42:95:bc:81:e5:f7:15:a7:96:25:ce:
                    5f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:11:8B:26:10:6C:C9:7B:AE:AA:AD:46:D9:64:6B:EF:0F:46:9B:30
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HBGLJhBsyXuuqq1G2WRr7w9GmzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:48:c2:f0:69:85:ab:f4:49:92:2c:b8:cd:25:b4:d4:e7:6e:
         ce:7e:25:b0:35:d9:9c:97:b2:1e:9b:75:07:89:28:fb:93:5c:
         b4:53:a0:64:92:9d:40:d8:74:76:0e:41:71:b3:28:23:aa:33:
         89:71:64:cc:71:46:64:c0:77:d8:b4:6e:7c:dc:5c:f1:7a:d6:
         45:43:4d:1f:0e:55:d5:3e:27:71:91:00:a4:7b:c5:b2:85:80:
         a5:df:01:b1:a2:dd:ac:f2:21:f4:25:10:3f:57:59:9d:47:36:
         ae:ee:63:ef:8b:fe:d3:6c:f7:cf:a0:70:79:b2:0b:c1:dc:e6:
         23:60:b1:e7:7e:ae:fa:25:d9:d0:68:8c:9e:4d:cc:94:e2:ae:
         76:5c:e1:22:67:93:9c:83:40:18:63:86:69:aa:dd:90:54:e6:
         e5:46:4d:40:30:0a:fc:df:eb:3c:53:b4:cd:3d:1e:96:b7:5d:
         5d:85:f5:2f:02:33:eb:c2:24:4a:fb:6a:d9:6d:8e:ed:a9:cd:
         9d:a9:2c:a6:57:cb:14:16:14:77:e9:72:fc:84:b7:4e:b9:ad:
         13:07:4e:e7:4b:32:ef:ba:ed:bd:55:c7:b9:a5:e0:e5:43:5d:
         b4:8e:7d:51:9f:65:15:56:02:db:5c:e3:f4:a3:0f:ae:b7:7d:
         8b:2d:35:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZusGsXJtYffGKmbqMLCcUstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjYwMTExMDgwOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzExOGIyNjEwNmNjOTdiYWVhYWFkNDZkOTY0NmJlZjBmNDY5YjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzPh2HrxVTINQBXcOEij1OIFCC1t
+VTAN6KyTdFE9LfZrKb64eKJcuTP9aUblzRJ+a3pygHXQnsfYWQCH41953f3nz/i
6uH60dKJvGaycDsQPAhBeF9GYBcE+27dbSwe/kCl4PKZ0MHZEeIU7N9GPPNolVXl
1i9dF2F1pKgzhkD9KSHUNOvuNvV+N1NyJRop8+cRIz8Si0CuWqpCLBMeTLJd7AJP
yb2ZIWhqzHP+a0N35jYeIw+AFOXxERob469z+9JwvZmPb+4e+bh+tFatvQh8FYA2
ZXzZhrBXWe4t+fcLpo5u+PA8JM1kI2hwGqVbAP9fQpW8geX3FaeWJc5fAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwRiyYQbMl7rqqtRtlka+8PRpswMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvSEJHTEpoQnN5WHV1cXExRzJXUnI3dzlHbXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQA1SMLwaYWr9EmSLLjNJbTU527OfiWwNdmcl7Iem3UH
iSj7k1y0U6Bkkp1A2HR2DkFxsygjqjOJcWTMcUZkwHfYtG583FzxetZFQ00fDlXV
PidxkQCke8WyhYCl3wGxot2s8iH0JRA/V1mdRzau7mPvi/7TbPfPoHB5sgvB3OYj
YLHnfq76JdnQaIyeTcyU4q52XOEiZ5Ocg0AYY4Zpqt2QVOblRk1AMAr83+s8U7TN
PR6Wt11dhfUvAjPrwiRK+2rZbY7tqc2dqSymV8sUFhR36XL8hLdOua0TB07nSzLv
uu29Vce5peDlQ120jn1Rn2UVVgLbXOP0ow+ut32LLTVr
-----END CERTIFICATE-----