This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS61112.roa
File:                     AS61112.roa (raw, json)
Hash identifier:          b4hsF6vNcE3Xge5O78P/W+AOVL935btqeB8DZlpEr2w=
Subject key identifier:   5B:BF:8D:F4:27:71:46:D3:27:0F:75:03:BC:F9:E4:C4:94:08:1A:78
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       43D8DCB42C167691B5C9CDFD28B3F93BC4D0E4BA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS61112.roa
Signing time:             Tue 02 Dec 2025 00:17:32 +0000
ROA not before:           Tue 02 Dec 2025 00:12:32 +0000
ROA not after:            Tue 01 Dec 2026 00:17:32 +0000
asID:                     61112
IP address blocks:        181.214.136.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Dec 2025 21:09:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:d8:dc:b4:2c:16:76:91:b5:c9:cd:fd:28:b3:f9:3b:c4:d0:e4:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Dec  2 00:12:32 2025 GMT
            Not After : Dec  1 00:17:32 2026 GMT
        Subject: CN=5BBF8DF4277146D3270F7503BCF9E4C494081A78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ba:8c:07:90:de:38:ba:8f:6b:c2:5c:2c:b1:
                    ea:42:36:13:91:7e:1f:cf:f1:5b:e3:28:ee:c9:61:
                    c2:6e:52:68:6f:ad:33:25:16:80:47:00:3e:7c:c9:
                    52:0e:2b:55:bb:ec:6e:bf:97:f6:8b:3e:8a:ab:e2:
                    39:6c:a5:95:7e:24:77:59:58:f0:0f:38:e3:21:86:
                    95:1f:10:8f:61:cc:6b:23:bd:ed:13:9e:f3:4d:b8:
                    e3:c2:22:0d:5f:f4:96:77:5d:ed:e9:c5:7b:ef:c7:
                    10:b0:d7:8c:e0:a0:85:96:20:9f:8d:96:5d:e2:75:
                    39:ca:a8:c2:ef:28:53:03:08:60:35:36:0c:89:7f:
                    9b:3d:ae:11:7d:75:ab:cc:b7:e9:ea:2a:ea:1a:24:
                    d4:02:23:bc:cb:e0:81:e4:87:2d:ee:8b:45:4e:77:
                    2d:53:32:ff:86:ce:1b:89:da:28:10:79:42:4f:7c:
                    bf:75:b0:b4:e5:a9:81:6a:72:27:40:73:14:50:15:
                    0f:5d:19:ed:2f:a6:d1:6e:87:91:07:59:5d:07:ec:
                    7a:b0:e4:c8:24:35:5a:15:0b:79:52:07:75:d1:ff:
                    80:17:53:29:0d:1f:ff:66:81:01:86:cf:d5:76:bb:
                    b2:43:87:1b:56:fd:21:c0:e3:6f:ee:c9:81:27:c3:
                    9d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:BF:8D:F4:27:71:46:D3:27:0F:75:03:BC:F9:E4:C4:94:08:1A:78
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS61112.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:c5:92:3a:47:9e:8d:cf:08:27:d5:63:78:dc:c1:6e:21:cc:
         bc:2a:60:70:95:57:3a:c3:22:29:0b:f0:05:4d:2a:0b:b2:d3:
         d9:32:f1:45:1f:e8:2b:d0:fa:2e:5d:b7:e7:98:34:72:97:cb:
         a5:08:05:49:35:2c:b3:69:f2:bf:04:f9:f6:77:e2:60:72:ad:
         a9:08:14:ce:ad:67:a1:6b:cc:c0:3b:aa:5f:b1:e6:6d:7e:5d:
         36:d7:8a:14:16:72:20:a9:e7:78:6a:c5:69:ad:bd:ca:93:f4:
         e2:4d:97:ba:3d:8d:0c:29:64:a4:98:75:88:f2:ad:a1:f9:d9:
         07:02:51:57:00:d2:b1:79:89:36:67:b3:cc:76:46:89:04:ea:
         a9:2f:16:19:58:c6:05:fa:14:40:5b:25:f8:10:18:a5:71:a7:
         f0:d6:68:a9:2e:cb:e3:8d:bf:bb:c0:84:1c:b2:17:f0:88:18:
         f5:2a:29:a9:01:27:fc:32:a4:d5:3f:3b:be:d8:51:c2:17:20:
         27:b1:54:f1:ad:dd:15:ba:bf:3b:b6:e9:dc:c1:c3:cf:4c:f7:
         42:b7:46:bf:93:60:79:27:0f:b8:25:ab:79:26:fd:ff:df:96:
         7b:37:d9:f8:76:bf:1e:47:e7:ff:f7:59:07:2d:31:5e:6a:68:
         ca:49:f5:a8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUQ9jctCwWdpG1yc39KLP5O8TQ5LowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEyMDIwMDEyMzJaFw0yNjEyMDEwMDE3MzJaMDMxMTAvBgNV
BAMTKDVCQkY4REY0Mjc3MTQ2RDMyNzBGNzUwM0JDRjlFNEM0OTQwODFBNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUuowHkN44uo9rwlwssepCNhOR
fh/P8VvjKO7JYcJuUmhvrTMlFoBHAD58yVIOK1W77G6/l/aLPoqr4jlspZV+JHdZ
WPAPOOMhhpUfEI9hzGsjve0TnvNNuOPCIg1f9JZ3Xe3pxXvvxxCw14zgoIWWIJ+N
ll3idTnKqMLvKFMDCGA1NgyJf5s9rhF9davMt+nqKuoaJNQCI7zL4IHkhy3ui0VO
dy1TMv+GzhuJ2igQeUJPfL91sLTlqYFqcidAcxRQFQ9dGe0vptFuh5EHWV0H7Hqw
5MgkNVoVC3lSB3XR/4AXUykNH/9mgQGGz9V2u7JDhxtW/SHA42/uyYEnw53nAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUW7+N9CdxRtMnD3UDvPnkxJQIGngwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjExMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC11ogw
DQYJKoZIhvcNAQELBQADggEBADPFkjpHno3PCCfVY3jcwW4hzLwqYHCVVzrDIikL
8AVNKguy09ky8UUf6CvQ+i5dt+eYNHKXy6UIBUk1LLNp8r8E+fZ34mByrakIFM6t
Z6FrzMA7ql+x5m1+XTbXihQWciCp53hqxWmtvcqT9OJNl7o9jQwpZKSYdYjyraH5
2QcCUVcA0rF5iTZns8x2RokE6qkvFhlYxgX6FEBbJfgQGKVxp/DWaKkuy+ONv7vA
hByyF/CIGPUqKakBJ/wypNU/O77YUcIXICexVPGt3RW6vzu26dzBw89M90K3Rr+T
YHknD7glq3km/f/flns32fh2vx5H5//3WQctMV5qaMpJ9ag=
-----END CERTIFICATE-----