This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26548.roa
File:                     AS26548.roa (raw, json)
Hash identifier:          lBThusYF3X3FkbG/QQwp5iJ4g3ojlA/a/EibiGKBw2I=
Subject key identifier:   F6:78:91:AD:75:86:7E:6D:6C:0C:E8:FE:F7:2C:8F:41:67:BE:41:37
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       0F55E25CB29FFFB324A2B479ED2A2EE1746F26D1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26548.roa
Signing time:             Wed 03 Dec 2025 08:55:13 +0000
ROA not before:           Wed 03 Dec 2025 08:50:13 +0000
ROA not after:            Wed 02 Dec 2026 08:55:13 +0000
asID:                     26548
IP address blocks:        191.96.196.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Dec 2025 10:42:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:55:e2:5c:b2:9f:ff:b3:24:a2:b4:79:ed:2a:2e:e1:74:6f:26:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Dec  3 08:50:13 2025 GMT
            Not After : Dec  2 08:55:13 2026 GMT
        Subject: CN=F67891AD75867E6D6C0CE8FEF72C8F4167BE4137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:55:17:2c:8f:c4:3c:9d:72:fb:ff:b0:d3:f4:
                    12:cc:49:ec:08:02:00:bc:c4:61:0d:6a:e5:31:9b:
                    3c:fe:3b:51:99:fe:2d:e3:c6:e6:2f:6e:3e:50:4a:
                    e0:e3:8c:c3:e0:78:f0:64:74:70:8a:4d:b6:04:b1:
                    94:ed:ac:e8:fc:88:07:9d:45:c7:9a:05:6b:91:b7:
                    66:0a:d4:90:b8:ef:26:00:7a:d2:67:da:45:83:a6:
                    21:fc:e4:d6:46:db:44:d6:3c:fe:0b:fa:55:6d:c2:
                    ff:5f:15:e7:7e:e6:5c:be:14:38:fe:ea:f2:7a:97:
                    5a:df:8c:81:db:2b:bf:0a:23:1f:91:00:35:24:c8:
                    e5:10:99:76:8d:e1:02:4e:73:a0:2a:f1:59:0d:4f:
                    41:31:06:3d:0e:0c:e8:d8:bb:b6:0b:be:8c:06:35:
                    47:af:73:a6:f1:86:c3:6a:2c:71:fd:dc:00:b6:21:
                    33:34:07:62:88:66:d0:b6:85:91:6a:b3:23:f7:cd:
                    fc:1d:6e:ad:a2:ff:f0:00:33:1f:a5:2b:fd:ac:f9:
                    dc:f8:b0:46:77:ef:54:5f:ff:4e:16:8d:12:fb:e9:
                    04:c9:2a:c6:11:8a:b3:30:5c:10:74:89:66:50:d5:
                    e0:ab:70:a3:05:72:30:50:e8:1c:d0:49:32:4d:9a:
                    6f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:78:91:AD:75:86:7E:6D:6C:0C:E8:FE:F7:2C:8F:41:67:BE:41:37
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26548.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.96.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:a2:3f:b0:e8:1d:90:b3:57:94:8e:59:af:d3:4d:d6:32:66:
         2f:ee:a0:c8:57:13:af:a5:ea:49:a2:31:2f:bb:ac:82:f8:02:
         31:12:26:45:33:bd:1e:9b:e2:40:65:c0:2c:0d:86:96:35:67:
         cc:cd:dc:6b:58:57:5c:f4:23:6a:22:71:4a:81:18:a4:4c:d9:
         2c:2c:72:22:e4:15:de:fe:82:6b:02:33:86:9f:27:ab:58:72:
         df:42:6c:cb:7f:18:8b:12:13:46:c7:25:08:95:4b:e3:4d:19:
         40:ae:22:05:66:93:1e:db:5e:8f:39:75:50:98:ba:7f:7c:59:
         52:65:7a:36:04:44:d3:6e:07:20:95:4e:7c:3f:6f:05:71:7f:
         31:fe:ad:fa:0f:ec:1b:30:4f:a9:60:fe:03:ec:6d:02:50:3d:
         84:3b:e4:ed:66:a8:47:02:e4:a1:a3:52:ad:33:ca:b6:d7:5c:
         44:57:2c:bb:f6:6e:da:14:84:d9:13:ea:f4:49:b9:8c:2d:9f:
         09:48:00:6f:ba:ae:93:d4:73:50:cc:96:20:ee:9c:fb:c5:74:
         87:a3:2c:47:29:8c:fa:0f:6e:0d:7f:d3:2e:0c:dc:74:85:fe:
         dd:a4:3c:a0:86:77:51:30:6d:bd:c3:30:88:bb:97:b4:7a:2e:
         6c:05:7f:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUD1XiXLKf/7MkorR57Sou4XRvJtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEyMDMwODUwMTNaFw0yNjEyMDIwODU1MTNaMDMxMTAvBgNV
BAMTKEY2Nzg5MUFENzU4NjdFNkQ2QzBDRThGRUY3MkM4RjQxNjdCRTQxMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRVRcsj8Q8nXL7/7DT9BLMSewI
AgC8xGENauUxmzz+O1GZ/i3jxuYvbj5QSuDjjMPgePBkdHCKTbYEsZTtrOj8iAed
RceaBWuRt2YK1JC47yYAetJn2kWDpiH85NZG20TWPP4L+lVtwv9fFed+5ly+FDj+
6vJ6l1rfjIHbK78KIx+RADUkyOUQmXaN4QJOc6Aq8VkNT0ExBj0ODOjYu7YLvowG
NUevc6bxhsNqLHH93AC2ITM0B2KIZtC2hZFqsyP3zfwdbq2i//AAMx+lK/2s+dz4
sEZ371Rf/04WjRL76QTJKsYRirMwXBB0iWZQ1eCrcKMFcjBQ6BzQSTJNmm/BAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU9niRrXWGfm1sDOj+9yyPQWe+QTcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjY1NDgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YMQw
DQYJKoZIhvcNAQELBQADggEBADyiP7DoHZCzV5SOWa/TTdYyZi/uoMhXE6+l6kmi
MS+7rIL4AjESJkUzvR6b4kBlwCwNhpY1Z8zN3GtYV1z0I2oicUqBGKRM2SwsciLk
Fd7+gmsCM4afJ6tYct9CbMt/GIsSE0bHJQiVS+NNGUCuIgVmkx7bXo85dVCYun98
WVJlejYERNNuByCVTnw/bwVxfzH+rfoP7BswT6lg/gPsbQJQPYQ75O1mqEcC5KGj
Uq0zyrbXXERXLLv2btoUhNkT6vRJuYwtnwlIAG+6rpPUc1DMliDunPvFdIejLEcp
jPoPbg1/0y4M3HSF/t2kPKCGd1Ewbb3DMIi7l7R6LmwFf0k=
-----END CERTIFICATE-----