This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa
File:                     AS215607.roa (raw, json)
Hash identifier:          JdnPEPLSvA96CXeufHyV3w7kdFqS9H2btrZJSnLBsuM=
Subject key identifier:   A8:4B:26:81:E8:8E:80:BF:68:8F:68:6A:C2:1F:8B:23:8C:C5:19:44
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       2679E2D93EF12E6D9EAB7958C5F195B3093B1C7B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa
Signing time:             Wed 12 Nov 2025 16:45:58 +0000
ROA not before:           Wed 12 Nov 2025 16:40:58 +0000
ROA not after:            Wed 11 Nov 2026 16:45:58 +0000
asID:                     215607
IP address blocks:        96.62.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Dec 2025 21:22:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:79:e2:d9:3e:f1:2e:6d:9e:ab:79:58:c5:f1:95:b3:09:3b:1c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Nov 12 16:40:58 2025 GMT
            Not After : Nov 11 16:45:58 2026 GMT
        Subject: CN=A84B2681E88E80BF688F686AC21F8B238CC51944
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c7:27:1d:1f:ce:7f:2f:a6:13:3c:87:6f:de:
                    a8:1c:50:99:1c:1e:a9:34:3f:0c:2d:61:16:1a:d6:
                    22:ae:08:28:48:a8:79:43:6c:0c:53:dd:a7:f7:3d:
                    77:6e:84:a5:df:c0:3c:46:fa:a3:dd:a8:f6:b2:16:
                    ee:30:3d:79:0e:32:32:2c:87:c0:71:bc:99:fb:55:
                    95:7e:af:cb:71:54:51:c4:10:fc:2d:ee:84:08:41:
                    61:27:aa:9b:74:9d:8b:78:35:20:0a:b0:56:43:89:
                    fc:9d:9c:d0:6d:e7:f3:82:82:a5:ce:63:6a:3f:d4:
                    32:dc:34:eb:46:99:c1:32:e7:5a:32:43:49:31:3f:
                    29:37:84:7a:35:70:44:71:24:ef:37:4f:84:3b:50:
                    e6:f1:a8:c4:33:12:3e:04:00:d7:76:26:7a:e3:c0:
                    98:fe:b8:d3:6a:7c:50:57:87:39:c6:99:5f:de:b3:
                    d8:be:47:f0:98:11:c5:8f:ff:1b:40:7e:86:34:12:
                    5d:d3:63:98:f4:4a:fe:6e:e4:31:e8:53:6a:d0:78:
                    b1:0d:c2:f3:53:d4:60:38:10:06:e1:70:0e:7e:29:
                    5b:d2:9d:bb:5f:53:58:84:40:e2:f1:94:f4:cf:64:
                    77:57:10:9b:fa:17:b8:46:b3:76:38:9d:70:e9:0b:
                    4e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:4B:26:81:E8:8E:80:BF:68:8F:68:6A:C2:1F:8B:23:8C:C5:19:44
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215607.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.62.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:fe:2d:21:93:1d:21:0e:3a:4d:ae:30:5f:08:95:ae:67:79:
         3d:3d:2a:28:fc:f3:ef:70:51:82:76:d0:dd:30:fa:47:41:ac:
         c2:98:18:73:38:07:e4:49:8a:91:34:95:4b:dc:b3:d8:b9:d1:
         6c:7b:0b:44:ab:87:fc:43:34:ca:eb:c6:35:9c:27:d6:55:4f:
         e1:45:cd:75:e8:ae:8f:ee:f1:91:b0:f1:e8:9f:f8:4c:e1:24:
         5d:2d:29:cc:c6:70:11:c5:cc:75:b2:34:cb:ed:13:f2:83:1a:
         98:f7:e7:8c:ff:ac:6d:94:78:51:11:bb:9e:19:fc:29:0f:0e:
         34:80:b7:92:5d:eb:80:68:cc:55:c5:ee:da:ad:c8:0a:9d:c5:
         00:1b:84:6e:97:95:be:1a:7c:f1:c3:50:be:c7:51:1b:5e:8e:
         dc:66:87:9e:15:8c:f5:36:b0:f0:6e:8b:07:ed:bd:80:1a:0e:
         78:bb:ae:4d:01:af:2a:52:93:40:f6:3c:91:d0:1e:14:a3:b2:
         06:69:d8:92:3d:79:58:e5:fe:d7:0a:90:be:ea:79:58:5c:2a:
         f3:00:f8:80:8f:59:49:0b:b5:6a:31:90:44:9c:a1:34:b4:b8:
         61:6d:9e:9e:8e:76:c8:7c:94:d7:61:b6:05:97:27:dd:92:85:
         8a:db:fc:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJnni2T7xLm2eq3lYxfGVswk7HHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMTIxNjQwNThaFw0yNjExMTExNjQ1NThaMDMxMTAvBgNV
BAMTKEE4NEIyNjgxRTg4RTgwQkY2ODhGNjg2QUMyMUY4QjIzOENDNTE5NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxycdH85/L6YTPIdv3qgcUJkc
Hqk0PwwtYRYa1iKuCChIqHlDbAxT3af3PXduhKXfwDxG+qPdqPayFu4wPXkOMjIs
h8BxvJn7VZV+r8txVFHEEPwt7oQIQWEnqpt0nYt4NSAKsFZDifydnNBt5/OCgqXO
Y2o/1DLcNOtGmcEy51oyQ0kxPyk3hHo1cERxJO83T4Q7UObxqMQzEj4EANd2Jnrj
wJj+uNNqfFBXhznGmV/es9i+R/CYEcWP/xtAfoY0El3TY5j0Sv5u5DHoU2rQeLEN
wvNT1GA4EAbhcA5+KVvSnbtfU1iEQOLxlPTPZHdXEJv6F7hGs3Y4nXDpC07BAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUqEsmgeiOgL9oj2hqwh+LI4zFGUQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1NjA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYD75
MA0GCSqGSIb3DQEBCwUAA4IBAQAp/i0hkx0hDjpNrjBfCJWuZ3k9PSoo/PPvcFGC
dtDdMPpHQazCmBhzOAfkSYqRNJVL3LPYudFsewtEq4f8QzTK68Y1nCfWVU/hRc11
6K6P7vGRsPHon/hM4SRdLSnMxnARxcx1sjTL7RPygxqY9+eM/6xtlHhREbueGfwp
Dw40gLeSXeuAaMxVxe7arcgKncUAG4Rul5W+Gnzxw1C+x1EbXo7cZoeeFYz1NrDw
bosH7b2AGg54u65NAa8qUpNA9jyR0B4Uo7IGadiSPXlY5f7XCpC+6nlYXCrzAPiA
j1lJC7VqMZBEnKE0tLhhbZ6ejnbIfJTXYbYFlyfdkoWK2/x1
-----END CERTIFICATE-----