This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa
File:                     AS207459.roa (raw, json)
Hash identifier:          xYMe28W7HL/uAYopJW8ek4u3gW/Doaf1sTbN7EtpMk4=
Subject key identifier:   62:58:59:1F:F1:FD:C4:9F:20:31:65:EB:0E:41:49:9B:9F:16:C8:E1
Certificate issuer:       /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial:       380455CAE9D8A56FCAC8BA6A1BB1DFD4029EF1D0
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa
Signing time:             Wed 04 Feb 2026 12:57:47 +0000
ROA not before:           Wed 04 Feb 2026 12:52:47 +0000
ROA not after:            Wed 03 Feb 2027 12:57:47 +0000
asID:                     207459
IP address blocks:        92.249.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 06 Feb 2026 12:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:04:55:ca:e9:d8:a5:6f:ca:c8:ba:6a:1b:b1:df:d4:02:9e:f1:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
        Validity
            Not Before: Feb  4 12:52:47 2026 GMT
            Not After : Feb  3 12:57:47 2027 GMT
        Subject: CN=6258591FF1FDC49F203165EB0E41499B9F16C8E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:99:1e:a5:06:59:8b:62:88:5c:99:17:5d:d2:
                    11:15:71:31:0e:42:68:a1:87:46:61:a5:e9:f3:8d:
                    e4:a0:0b:91:22:0e:d9:22:f5:47:2a:8e:b9:a9:a8:
                    5c:a4:71:c3:1d:a5:cc:93:48:f6:fa:49:59:48:1a:
                    cf:87:51:fc:16:a8:0a:fe:2d:8e:60:64:23:00:d0:
                    5d:63:c7:19:0c:dc:10:87:01:a6:1e:14:c8:f4:a9:
                    c6:c9:1f:32:34:b6:6d:3d:a5:95:89:89:fb:7e:93:
                    e0:12:ac:5d:cc:91:4c:89:14:62:4f:f5:16:39:05:
                    9e:3a:87:a9:64:05:da:b5:31:d2:06:0e:0b:8d:75:
                    26:2d:02:47:d3:e8:b4:46:9f:4a:68:72:97:6c:58:
                    be:d6:e9:61:f8:1d:d8:38:b4:ed:49:85:e2:5a:6c:
                    0b:28:f7:d9:8c:23:82:df:f1:a4:c5:e6:d6:95:29:
                    9e:d2:8a:35:9f:76:0c:f7:7a:91:56:aa:b2:9a:91:
                    b7:51:4f:ce:c6:2c:ab:5a:d6:a2:fb:c5:e1:24:0a:
                    a1:bc:3b:ac:31:80:73:e0:5c:61:09:34:a9:d9:46:
                    16:7b:51:c5:fb:7d:bd:78:3c:c4:a0:e3:f2:a1:55:
                    6a:13:b5:a9:cc:ad:0d:50:23:75:d5:2e:78:ec:30:
                    42:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:58:59:1F:F1:FD:C4:9F:20:31:65:EB:0E:41:49:9B:9F:16:C8:E1
            X509v3 Authority Key Identifier:
                keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.249.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:6f:11:d2:55:63:e8:5a:20:11:a0:e4:e7:c4:ec:83:50:b8:
         2f:c4:0b:6f:6a:b3:59:68:e9:ea:15:e4:e2:b6:01:97:88:1f:
         f6:5a:9e:bd:0d:63:cb:6c:a1:0b:22:52:dd:92:23:14:a1:3a:
         63:9a:c0:87:6a:3b:f1:bf:d3:15:cf:26:c2:3a:c9:2c:91:c1:
         c9:df:df:87:31:07:74:47:ba:11:d0:25:26:53:81:3f:20:25:
         37:8d:95:82:18:ab:b7:b2:ef:ef:c4:fa:a5:f7:3d:db:38:c7:
         50:f2:28:81:68:f6:6c:93:58:79:86:24:3b:ee:2f:18:fe:3e:
         7d:e7:2c:4f:95:c8:c1:78:cb:57:c7:01:3e:fe:7b:da:bb:73:
         cb:54:93:8e:0f:39:df:86:7a:ab:10:f9:f9:7d:18:ab:0c:66:
         70:03:4a:06:07:f1:cb:3d:98:34:b2:60:69:ec:d2:14:64:0f:
         43:04:de:2a:66:6f:46:91:c2:b2:3d:92:6e:2e:4c:40:72:5e:
         bf:26:3b:f0:0c:5e:8c:cb:da:14:c9:26:54:86:4c:59:05:0a:
         22:93:34:a1:e0:3d:e8:09:b2:52:9c:86:8d:56:25:af:67:d7:
         5a:a0:de:57:96:97:e2:db:2a:97:9f:80:4e:c6:43:84:c5:41:
         61:a2:24:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOARVyunYpW/KyLpqG7Hf1AKe8dAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAyMDQxMjUyNDdaFw0yNzAyMDMxMjU3NDdaMDMxMTAvBgNV
BAMTKDYyNTg1OTFGRjFGREM0OUYyMDMxNjVFQjBFNDE0OTlCOUYxNkM4RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvmR6lBlmLYohcmRdd0hEVcTEO
Qmihh0ZhpenzjeSgC5EiDtki9UcqjrmpqFykccMdpcyTSPb6SVlIGs+HUfwWqAr+
LY5gZCMA0F1jxxkM3BCHAaYeFMj0qcbJHzI0tm09pZWJift+k+ASrF3MkUyJFGJP
9RY5BZ46h6lkBdq1MdIGDguNdSYtAkfT6LRGn0pocpdsWL7W6WH4Hdg4tO1JheJa
bAso99mMI4Lf8aTF5taVKZ7SijWfdgz3epFWqrKakbdRT87GLKta1qL7xeEkCqG8
O6wxgHPgXGEJNKnZRhZ7UcX7fb14PMSg4/KhVWoTtanMrQ1QI3XVLnjsMELVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUYlhZH/H9xJ8gMWXrDkFJm58WyOEwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA3NDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPk/
MA0GCSqGSIb3DQEBCwUAA4IBAQBWbxHSVWPoWiARoOTnxOyDULgvxAtvarNZaOnq
FeTitgGXiB/2Wp69DWPLbKELIlLdkiMUoTpjmsCHajvxv9MVzybCOskskcHJ39+H
MQd0R7oR0CUmU4E/ICU3jZWCGKu3su/vxPql9z3bOMdQ8iiBaPZsk1h5hiQ77i8Y
/j595yxPlcjBeMtXxwE+/nvau3PLVJOODznfhnqrEPn5fRirDGZwA0oGB/HLPZg0
smBp7NIUZA9DBN4qZm9GkcKyPZJuLkxAcl6/JjvwDF6My9oUySZUhkxZBQoikzSh
4D3oCbJSnIaNViWvZ9daoN5Xlpfi2yqXn4BOxkOExUFhoiSU
-----END CERTIFICATE-----