This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199124.roa
File:                     AS199124.roa (raw, json)
Hash identifier:          +8o/54if4p+JhtZSki3Z2Ugbm2l+Rv1CqU/CPMwzrM0=
Subject key identifier:   A1:E3:12:F4:1C:38:81:F2:FD:92:7F:A5:0D:65:93:5C:9E:89:0C:51
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       172AECD98495AA8AC4B4F6094A1CC9061768D01D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199124.roa
Signing time:             Tue 16 Dec 2025 21:55:32 +0000
ROA not before:           Tue 16 Dec 2025 21:50:32 +0000
ROA not after:            Tue 15 Dec 2026 21:55:32 +0000
asID:                     199124
IP address blocks:        82.29.200.0/24 maxlen: 24
                          82.29.201.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:2a:ec:d9:84:95:aa:8a:c4:b4:f6:09:4a:1c:c9:06:17:68:d0:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 16 21:50:32 2025 GMT
            Not After : Dec 15 21:55:32 2026 GMT
        Subject: CN=A1E312F41C3881F2FD927FA50D65935C9E890C51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d2:c2:63:92:b9:49:b9:c1:ca:f7:c3:68:6a:
                    18:38:e2:a6:68:56:93:03:78:69:40:12:cc:16:9a:
                    7a:5d:12:19:ff:cd:13:73:5b:5d:52:b9:1f:a3:2d:
                    d9:76:f1:35:c8:4c:34:8d:27:ae:d3:49:2e:c8:16:
                    e3:6d:c0:21:6b:3a:0c:6e:60:af:3c:d9:2a:c1:7b:
                    45:88:0d:9a:49:89:72:b6:40:2f:1e:72:17:3e:08:
                    f4:6d:53:8f:c6:15:72:bf:5d:41:e8:6a:e6:b6:2e:
                    cf:77:53:a8:30:2f:ef:c2:1c:9d:f0:65:37:31:47:
                    e7:26:b2:4e:1d:d2:7d:0c:2a:ea:40:f2:1c:1f:df:
                    6d:b4:4f:49:0d:dc:f0:6c:98:95:2e:d6:65:f9:2d:
                    47:d8:af:53:ba:f7:67:1f:ac:92:fb:bb:3b:b9:88:
                    5e:f9:2d:0f:8a:84:8d:a5:56:68:13:ab:cc:45:86:
                    dd:86:e4:9e:5b:da:4f:b6:d9:6e:7f:12:3d:19:ff:
                    e9:bd:75:8b:72:ca:c0:73:0b:13:a7:c5:4a:6b:0a:
                    11:40:c9:83:9f:9f:04:f2:12:c4:74:b2:40:ac:a0:
                    6b:fc:86:62:63:ef:a2:09:06:c6:bc:d2:ae:89:f7:
                    15:fb:a1:44:dc:70:c7:66:37:61:df:2d:b4:0b:30:
                    b5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:E3:12:F4:1C:38:81:F2:FD:92:7F:A5:0D:65:93:5C:9E:89:0C:51
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199124.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.29.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:3a:43:65:30:20:1a:4f:b9:2f:f4:d5:2d:96:4f:f6:16:cf:
         91:68:de:a8:8a:58:53:0d:3b:bf:4b:3a:0a:79:df:6c:18:a7:
         e1:98:ba:72:32:cb:81:d8:28:5a:84:bc:47:2f:fc:24:eb:ce:
         12:5c:ca:fd:b8:fa:c0:3e:d1:a9:da:a3:08:28:43:8a:d2:b4:
         a9:cd:60:2a:cb:7f:e9:01:df:21:6f:19:23:69:b4:0d:b2:d9:
         e7:ca:9f:67:ab:28:fb:a9:d4:18:5a:59:dc:04:d7:c9:6b:03:
         95:86:5d:4f:f9:a7:b1:f1:40:0f:e8:92:4c:55:69:76:cf:45:
         09:1b:46:ae:03:c5:6e:ae:76:e5:64:b6:3c:4e:39:01:ef:6a:
         70:2b:6b:49:75:da:bc:41:f4:8a:69:7f:1c:e9:d8:fc:d6:5e:
         2f:8b:f7:e5:19:8d:c0:bb:92:4e:d1:f4:68:30:b4:dc:41:6a:
         28:29:fa:31:a8:74:06:50:a0:ce:69:2b:13:6c:ae:ed:7f:4d:
         39:d4:eb:73:01:e7:16:98:14:10:6f:14:d2:4f:70:96:61:11:
         40:3d:43:c1:65:b3:de:6c:f4:ca:5d:38:18:c9:4a:68:63:46:
         14:7f:3b:7e:93:48:9f:36:7e:e5:00:ae:33:1f:d9:75:21:58:
         94:d1:a5:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFyrs2YSVqorEtPYJShzJBhdo0B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMTYyMTUwMzJaFw0yNjEyMTUyMTU1MzJaMDMxMTAvBgNV
BAMTKEExRTMxMkY0MUMzODgxRjJGRDkyN0ZBNTBENjU5MzVDOUU4OTBDNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd0sJjkrlJucHK98Noahg44qZo
VpMDeGlAEswWmnpdEhn/zRNzW11SuR+jLdl28TXITDSNJ67TSS7IFuNtwCFrOgxu
YK882SrBe0WIDZpJiXK2QC8echc+CPRtU4/GFXK/XUHoaua2Ls93U6gwL+/CHJ3w
ZTcxR+cmsk4d0n0MKupA8hwf3220T0kN3PBsmJUu1mX5LUfYr1O692cfrJL7uzu5
iF75LQ+KhI2lVmgTq8xFht2G5J5b2k+22W5/Ej0Z/+m9dYtyysBzCxOnxUprChFA
yYOfnwTyEsR0skCsoGv8hmJj76IJBsa80q6J9xX7oUTccMdmN2HfLbQLMLUJAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUoeMS9Bw4gfL9kn+lDWWTXJ6JDFEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk5MTI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUh3I
MA0GCSqGSIb3DQEBCwUAA4IBAQBhOkNlMCAaT7kv9NUtlk/2Fs+RaN6oilhTDTu/
SzoKed9sGKfhmLpyMsuB2ChahLxHL/wk684SXMr9uPrAPtGp2qMIKEOK0rSpzWAq
y3/pAd8hbxkjabQNstnnyp9nqyj7qdQYWlncBNfJawOVhl1P+aex8UAP6JJMVWl2
z0UJG0auA8VurnblZLY8TjkB72pwK2tJddq8QfSKaX8c6dj81l4vi/flGY3Au5JO
0fRoMLTcQWooKfoxqHQGUKDOaSsTbK7tf0051OtzAecWmBQQbxTST3CWYRFAPUPB
ZbPebPTKXTgYyUpoY0YUfzt+k0ifNn7lAK4zH9l1IViU0aXe
-----END CERTIFICATE-----