This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212477.roa
File:                     AS212477.roa (raw, json)
Hash identifier:          PFuCsXpshxCMDjzaQXeMQ4bFEwqnmDL0EnnDB6zzYYA=
Subject key identifier:   D4:9A:EB:42:4A:65:24:51:C1:61:66:20:3F:DE:53:67:A5:D2:92:30
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       2055CB09F28FBEC7C96048FB21EC44552E988B8C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212477.roa
Signing time:             Wed 14 Jan 2026 08:10:25 +0000
ROA not before:           Wed 14 Jan 2026 08:05:25 +0000
ROA not after:            Wed 13 Jan 2027 08:10:25 +0000
asID:                     212477
IP address blocks:        82.22.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:55:cb:09:f2:8f:be:c7:c9:60:48:fb:21:ec:44:55:2e:98:8b:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan 14 08:05:25 2026 GMT
            Not After : Jan 13 08:10:25 2027 GMT
        Subject: CN=D49AEB424A652451C16166203FDE5367A5D29230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:fd:cd:1d:78:7b:a1:f2:2b:a1:7b:64:7f:8b:
                    66:4e:3c:02:e3:9b:33:47:e5:42:12:ff:d3:d7:1f:
                    0b:08:60:9f:15:cb:90:3d:68:fb:ec:3f:09:b7:0f:
                    8a:73:8d:4d:c8:26:0c:f0:84:7a:67:1f:bc:4f:23:
                    22:0a:eb:09:3a:09:bf:ad:1f:ec:12:d1:34:6e:a1:
                    de:a2:9c:c1:18:b9:7b:4c:75:b7:75:6a:bf:74:28:
                    17:6b:b1:d6:6c:66:94:01:c2:cc:3f:4d:5c:05:1e:
                    60:1d:37:92:b9:6d:c9:54:84:c2:c8:53:e8:d5:e3:
                    38:24:5a:0f:e9:0d:5e:0f:10:1b:81:98:cd:6a:ec:
                    ef:44:c9:61:6e:94:6c:79:7f:b2:17:92:6e:ec:77:
                    79:b3:40:c1:9d:69:54:f0:fb:bd:0a:cf:48:5d:67:
                    33:c8:f1:e7:28:d3:85:02:c3:12:06:c9:10:c1:d0:
                    79:d4:f5:2b:e9:02:35:fe:0e:1d:0e:a0:06:76:28:
                    a5:20:c8:10:db:2f:a7:ab:83:ca:8b:5e:a3:f5:7b:
                    87:d6:42:80:db:d4:1c:c3:68:42:e1:d5:2e:c1:7f:
                    44:7f:73:85:d2:e4:62:5c:0c:04:7c:32:b6:73:63:
                    1d:60:fb:33:fc:5d:cb:05:88:35:97:66:78:d7:4c:
                    79:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:9A:EB:42:4A:65:24:51:C1:61:66:20:3F:DE:53:67:A5:D2:92:30
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS212477.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:76:e0:78:eb:60:a8:6f:72:92:80:0c:a2:ec:61:02:bc:ea:
         af:18:0a:30:c8:0e:e5:63:16:aa:f4:19:62:f7:fb:e5:63:62:
         9b:1e:53:6d:15:d9:27:ce:7e:20:55:74:da:d6:e3:40:13:cd:
         51:ab:56:41:8d:f4:6a:ad:53:77:53:01:ff:d0:c0:b6:22:3f:
         cc:6a:ae:20:e1:1d:3e:73:ea:59:20:78:be:6b:c5:c9:b0:81:
         93:81:93:36:af:4b:eb:7d:41:95:77:1c:06:1b:80:d1:33:07:
         51:ae:72:b7:60:0b:62:28:a5:33:39:6d:8c:8c:d3:db:13:e7:
         12:03:8d:0f:09:5a:9c:55:a4:66:34:a8:f4:d0:13:48:22:e9:
         d7:81:8f:8a:7d:c1:c8:7b:bb:17:56:90:af:4c:11:ba:61:54:
         6d:84:3b:a5:80:06:a0:84:e9:1b:e2:ce:ec:98:32:16:05:8c:
         68:7e:af:f9:7c:70:6c:85:e7:c9:11:15:73:b4:3e:82:f7:d9:
         29:8e:ad:52:45:9f:f6:bf:9a:d4:81:ff:d7:15:9d:78:2c:a8:
         c9:2d:2c:d7:51:a6:e9:f1:1a:c3:ca:93:ef:74:4d:17:a6:0b:
         06:f2:08:b1:c1:97:e7:1d:1f:46:d2:21:67:59:02:63:fc:8f:
         9c:c4:10:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUIFXLCfKPvsfJYEj7IexEVS6Yi4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMTQwODA1MjVaFw0yNzAxMTMwODEwMjVaMDMxMTAvBgNV
BAMTKEQ0OUFFQjQyNEE2NTI0NTFDMTYxNjYyMDNGREU1MzY3QTVEMjkyMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW/c0deHuh8iuhe2R/i2ZOPALj
mzNH5UIS/9PXHwsIYJ8Vy5A9aPvsPwm3D4pzjU3IJgzwhHpnH7xPIyIK6wk6Cb+t
H+wS0TRuod6inMEYuXtMdbd1ar90KBdrsdZsZpQBwsw/TVwFHmAdN5K5bclUhMLI
U+jV4zgkWg/pDV4PEBuBmM1q7O9EyWFulGx5f7IXkm7sd3mzQMGdaVTw+70Kz0hd
ZzPI8eco04UCwxIGyRDB0HnU9SvpAjX+Dh0OoAZ2KKUgyBDbL6erg8qLXqP1e4fW
QoDb1BzDaELh1S7Bf0R/c4XS5GJcDAR8MrZzYx1g+zP8XcsFiDWXZnjXTHllAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU1JrrQkplJFHBYWYgP95TZ6XSkjAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEyNDc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhZS
MA0GCSqGSIb3DQEBCwUAA4IBAQCKduB462Cob3KSgAyi7GECvOqvGAowyA7lYxaq
9Bli9/vlY2KbHlNtFdknzn4gVXTa1uNAE81Rq1ZBjfRqrVN3UwH/0MC2Ij/Maq4g
4R0+c+pZIHi+a8XJsIGTgZM2r0vrfUGVdxwGG4DRMwdRrnK3YAtiKKUzOW2MjNPb
E+cSA40PCVqcVaRmNKj00BNIIunXgY+KfcHIe7sXVpCvTBG6YVRthDulgAaghOkb
4s7smDIWBYxofq/5fHBshefJERVztD6C99kpjq1SRZ/2v5rUgf/XFZ14LKjJLSzX
Uabp8RrDypPvdE0XpgsG8gixwZfnHR9G0iFnWQJj/I+cxBDy
-----END CERTIFICATE-----
Generated at Sun Jan 18 08:53:15 2026 by rpki-client