This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa
File:                     AS272605.roa (raw, json)
Hash identifier:          AjDbixspgbc+t0wLubLkAv2TM+6Pe8Pvo7JugJorHeo=
Subject key identifier:   57:B8:F2:EC:58:D5:E7:6C:C5:FD:82:81:0E:75:C2:E4:A0:D4:0F:C1
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       712C8C9308A518BAB104008F9474885C82F1B0EC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa
Signing time:             Thu 01 Jan 2026 14:55:33 +0000
ROA not before:           Thu 01 Jan 2026 14:50:33 +0000
ROA not after:            Thu 31 Dec 2026 14:55:33 +0000
asID:                     272605
IP address blocks:        82.26.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:2c:8c:93:08:a5:18:ba:b1:04:00:8f:94:74:88:5c:82:f1:b0:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan  1 14:50:33 2026 GMT
            Not After : Dec 31 14:55:33 2026 GMT
        Subject: CN=57B8F2EC58D5E76CC5FD82810E75C2E4A0D40FC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7c:96:29:81:e9:80:a6:b6:36:84:93:c0:cb:
                    a7:15:48:6d:78:93:f1:35:92:68:30:88:06:b5:a9:
                    39:35:f1:ca:c6:0b:99:eb:02:96:22:7c:46:b0:1b:
                    83:7d:3a:7a:36:53:cb:0e:74:86:c6:36:6e:96:3c:
                    1e:d7:a0:92:98:d8:d8:c9:c5:c8:9d:db:7e:61:50:
                    de:02:5a:d6:4f:35:c7:93:6b:2a:7c:13:79:bd:3b:
                    6b:b4:f8:b4:7e:4c:2c:32:49:4d:27:11:23:8a:91:
                    94:8e:d5:a3:a0:52:07:e5:a6:1b:f5:9c:ec:89:49:
                    1f:49:78:9f:61:11:c1:54:5b:11:41:77:d8:fd:84:
                    50:14:c4:d8:26:9f:bb:e0:16:ff:99:e9:22:04:e5:
                    c9:71:bd:02:97:63:11:43:2e:11:ce:ea:bb:33:ad:
                    ea:ca:81:b2:03:f8:bf:42:c7:63:b3:23:f2:12:a4:
                    c3:19:d8:04:b5:4b:92:9b:4e:97:61:67:d7:b4:13:
                    0f:88:0f:77:f2:ae:4e:53:85:87:f6:12:4b:e9:df:
                    72:ff:ac:3d:26:58:be:24:1e:0d:f8:63:04:94:cb:
                    7f:fa:a0:9b:b8:3b:16:83:ac:3d:40:e0:98:c6:4d:
                    39:11:3a:21:f4:70:dd:68:57:7d:64:0a:cf:eb:83:
                    c4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:B8:F2:EC:58:D5:E7:6C:C5:FD:82:81:0E:75:C2:E4:A0:D4:0F:C1
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS272605.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.26.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:b0:49:e3:0f:1a:8f:1f:6d:a8:59:c5:fd:4c:bc:4d:80:bf:
         a0:1b:03:db:20:44:cf:51:3c:00:c7:8d:b0:7e:d3:a1:39:14:
         79:3e:ce:9c:f5:94:7a:cd:bf:db:43:fc:16:a3:3c:d5:da:d7:
         da:f6:d1:fa:2e:97:f5:95:3e:f3:4b:ad:a2:4d:bf:34:f2:98:
         6a:5b:27:9f:2f:a6:80:1a:22:af:3f:27:24:1c:97:9d:6e:d0:
         07:09:90:17:6d:83:df:74:f8:2d:0d:aa:82:12:3c:4c:35:f5:
         60:b3:db:39:88:a2:56:4e:b7:b5:38:f0:5e:2a:24:31:c8:16:
         6a:cf:c5:1b:b3:9f:e8:f7:d3:67:6b:8e:5b:d6:fb:59:44:70:
         e6:e3:94:9b:52:97:08:7f:70:db:67:42:f6:eb:b0:13:b0:3f:
         59:3e:ed:7c:80:ed:42:ec:90:d2:2a:57:2c:d4:84:8b:1e:b6:
         2c:d2:3a:83:cc:3c:f6:cb:ae:19:9d:28:ce:29:99:13:c5:aa:
         03:16:42:cc:7c:22:f1:7a:bc:69:e4:59:42:59:a7:db:70:00:
         3f:e6:bb:26:0b:91:40:88:e3:b3:29:18:53:ac:83:ff:9d:ad:
         0d:01:ef:69:34:43:1b:d7:7d:e4:ab:26:fc:d2:e8:17:a3:a0:
         04:ae:39:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcSyMkwilGLqxBACPlHSIXILxsOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMDExNDUwMzNaFw0yNjEyMzExNDU1MzNaMDMxMTAvBgNV
BAMTKDU3QjhGMkVDNThENUU3NkNDNUZEODI4MTBFNzVDMkU0QTBENDBGQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfJYpgemAprY2hJPAy6cVSG14
k/E1kmgwiAa1qTk18crGC5nrApYifEawG4N9Ono2U8sOdIbGNm6WPB7XoJKY2NjJ
xcid235hUN4CWtZPNceTayp8E3m9O2u0+LR+TCwySU0nESOKkZSO1aOgUgflphv1
nOyJSR9JeJ9hEcFUWxFBd9j9hFAUxNgmn7vgFv+Z6SIE5clxvQKXYxFDLhHO6rsz
rerKgbID+L9Cx2OzI/ISpMMZ2AS1S5KbTpdhZ9e0Ew+ID3fyrk5ThYf2Ekvp33L/
rD0mWL4kHg34YwSUy3/6oJu4OxaDrD1A4JjGTTkROiH0cN1oV31kCs/rg8SZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUV7jy7FjV52zF/YKBDnXC5KDUD8EwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjcyNjA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhpM
MA0GCSqGSIb3DQEBCwUAA4IBAQBJsEnjDxqPH22oWcX9TLxNgL+gGwPbIETPUTwA
x42wftOhORR5Ps6c9ZR6zb/bQ/wWozzV2tfa9tH6Lpf1lT7zS62iTb808phqWyef
L6aAGiKvPyckHJedbtAHCZAXbYPfdPgtDaqCEjxMNfVgs9s5iKJWTre1OPBeKiQx
yBZqz8Ubs5/o99Nna45b1vtZRHDm45SbUpcIf3DbZ0L267ATsD9ZPu18gO1C7JDS
Klcs1ISLHrYs0jqDzDz2y64ZnSjOKZkTxaoDFkLMfCLxerxp5FlCWafbcAA/5rsm
C5FAiOOzKRhTrIP/na0NAe9pNEMb133kqyb80ugXo6AErjkp
-----END CERTIFICATE-----