This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/1D80X6-qVIYAnOAvvrQS3ByRSj8.roa
File:                     1D80X6-qVIYAnOAvvrQS3ByRSj8.roa (raw, json)
Hash identifier:          4tsrZkox1d3v6AYzNSSWp1UU44lmigpWQW+WOHH2fOE=
Subject key identifier:   D4:3F:34:5F:AF:AA:54:86:00:9C:E0:2F:BE:B4:12:DC:1C:91:4A:3F
Certificate issuer:       /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial:       019B7E389AD363E5AFB5D93032642079F1C6
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/1D80X6-qVIYAnOAvvrQS3ByRSj8.roa
Signing time:             Fri 02 Jan 2026 10:19:57 +0000
ROA not before:           Fri 02 Jan 2026 10:19:57 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216159
IP address blocks:        188.66.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:38:9a:d3:63:e5:af:b5:d9:30:32:64:20:79:f1:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
        Validity
            Not Before: Jan  2 10:19:57 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d43f345fafaa5486009ce02fbeb412dc1c914a3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2f:e1:07:d3:5d:48:66:62:5b:f8:ae:11:47:
                    fd:f8:71:48:fd:33:fd:36:38:86:79:40:19:8d:ce:
                    46:66:ac:e6:14:0e:7d:8d:37:86:84:18:b7:71:a6:
                    98:d1:9d:3c:9a:a7:d1:aa:bf:fe:69:54:25:07:8d:
                    fa:4b:74:e9:60:59:ae:59:30:8e:e9:b3:86:00:04:
                    bd:90:0b:8e:20:95:ae:19:9a:58:c4:40:d6:b1:01:
                    e1:bf:e2:f6:af:f9:ed:28:31:50:d9:81:f6:bb:c3:
                    ec:96:08:b8:f2:01:25:c8:70:69:b6:ab:47:20:97:
                    7e:f9:67:4f:17:7f:61:dd:00:8e:79:f8:d7:f7:64:
                    c7:3e:2a:4c:8e:19:d6:de:b0:42:4c:2a:f5:c5:ae:
                    55:32:fc:38:a9:87:99:02:de:a1:1f:5b:2f:81:fc:
                    04:50:12:7c:e6:4f:97:1d:d5:47:9e:cd:d8:23:c2:
                    a4:5c:f0:8f:1d:56:0e:8b:d7:be:c8:19:fb:d0:a7:
                    e4:e7:77:b5:06:b6:71:84:d3:b6:7f:f8:ea:c7:c8:
                    30:a0:66:5a:f2:c9:74:da:51:e1:6b:34:f1:93:47:
                    6f:c3:4a:20:38:89:e4:e9:b3:59:99:bc:be:f4:8a:
                    d9:6e:40:cf:ed:69:5e:85:df:00:ad:09:b4:70:eb:
                    40:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:3F:34:5F:AF:AA:54:86:00:9C:E0:2F:BE:B4:12:DC:1C:91:4A:3F
            X509v3 Authority Key Identifier:
                keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/1D80X6-qVIYAnOAvvrQS3ByRSj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.66.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:60:fd:29:c8:6d:1f:35:ae:80:c8:08:87:1f:5b:41:61:f6:
         30:11:99:1e:3b:cb:ab:4e:ab:f4:44:8b:62:cd:57:3d:2b:33:
         4f:c1:0c:09:ad:ea:94:b6:e1:fe:44:ae:39:84:1a:65:3a:54:
         7d:41:dd:15:cb:98:dc:50:67:c2:86:37:c2:46:c3:2d:b1:7d:
         23:e4:70:9c:02:2f:79:2c:5c:e4:50:09:bc:a3:ba:da:bc:cb:
         7d:6d:20:66:2c:7b:13:b1:e2:d5:70:2a:d4:9b:cd:fb:db:26:
         a9:4e:17:e4:82:89:60:d0:51:34:35:6a:89:9b:15:d9:51:00:
         9c:1d:c4:07:ec:75:4b:ea:93:97:a2:a7:67:9b:3c:02:98:5b:
         7c:5c:39:57:7b:1c:42:e5:7c:98:01:c8:c8:60:25:8b:44:ae:
         d5:12:09:ee:bf:7f:56:43:71:eb:18:e8:17:c8:97:82:06:a4:
         51:03:db:f6:3c:2a:9c:10:ed:47:d3:84:3c:b7:6b:79:0e:09:
         18:0c:ba:9f:42:f3:90:06:d1:f0:13:22:b7:86:49:cd:d1:d1:
         a3:49:22:d0:2c:4f:43:7f:69:1c:15:58:9b:c3:b2:68:61:f1:
         46:16:a1:9a:e0:82:2d:6d:47:3e:3b:c7:60:06:25:64:44:59:
         9b:5c:a6:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+OJrTY+WvtdkwMmQgefHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjYwMTAyMTAxOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNmMzQ1ZmFmYWE1NDg2MDA5Y2UwMmZiZWI0MTJkYzFjOTE0YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC/hB9NdSGZiW/iuEUf9+HFI/TP9
NjiGeUAZjc5GZqzmFA59jTeGhBi3caaY0Z08mqfRqr/+aVQlB436S3TpYFmuWTCO
6bOGAAS9kAuOIJWuGZpYxEDWsQHhv+L2r/ntKDFQ2YH2u8Pslgi48gElyHBptqtH
IJd++WdPF39h3QCOefjX92THPipMjhnW3rBCTCr1xa5VMvw4qYeZAt6hH1svgfwE
UBJ85k+XHdVHns3YI8KkXPCPHVYOi9e+yBn70Kfk53e1BrZxhNO2f/jqx8gwoGZa
8sl02lHhazTxk0dvw0ogOInk6bNZmby+9IrZbkDP7Wlehd8ArQm0cOtA2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQ/NF+vqlSGAJzgL760EtwckUo/MB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvMUQ4MFg2LXFWSVlBbk9BdnZyUVMzQnlSU2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEIbMA0G
CSqGSIb3DQEBCwUAA4IBAQA/YP0pyG0fNa6AyAiHH1tBYfYwEZkeO8urTqv0RIti
zVc9KzNPwQwJreqUtuH+RK45hBplOlR9Qd0Vy5jcUGfChjfCRsMtsX0j5HCcAi95
LFzkUAm8o7ravMt9bSBmLHsTseLVcCrUm8372yapThfkgolg0FE0NWqJmxXZUQCc
HcQH7HVL6pOXoqdnmzwCmFt8XDlXexxC5XyYAcjIYCWLRK7VEgnuv39WQ3HrGOgX
yJeCBqRRA9v2PCqcEO1H04Q8t2t5DgkYDLqfQvOQBtHwEyK3hknN0dGjSSLQLE9D
f2kcFVibw7JoYfFGFqGa4IItbUc+O8dgBiVkRFmbXKZG
-----END CERTIFICATE-----