This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa
File:                     AS214062.roa (raw, json)
Hash identifier:          XIjDLKKpGOvTp8cgJcHpiyNqyjrt02otvTmEuRAAmLo=
Subject key identifier:   F0:DA:0A:63:59:A1:E0:13:7F:C6:C8:81:0C:2D:61:F1:84:7E:D3:9B
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       455170150B3C1996C28341A870F49AEEB804EFD5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa
Signing time:             Wed 31 Dec 2025 17:55:33 +0000
ROA not before:           Wed 31 Dec 2025 17:50:33 +0000
ROA not after:            Wed 30 Dec 2026 17:55:33 +0000
asID:                     214062
IP address blocks:        82.23.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:51:70:15:0b:3c:19:96:c2:83:41:a8:70:f4:9a:ee:b8:04:ef:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 31 17:50:33 2025 GMT
            Not After : Dec 30 17:55:33 2026 GMT
        Subject: CN=F0DA0A6359A1E0137FC6C8810C2D61F1847ED39B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1b:c2:02:75:40:23:05:e0:98:94:9b:d0:25:
                    46:89:08:66:e0:1d:27:73:10:96:8f:93:9b:96:7b:
                    5f:17:ee:27:53:61:38:eb:e0:12:c8:36:da:51:fc:
                    60:37:de:21:74:f8:41:ff:92:b0:84:6e:da:ea:3a:
                    b7:66:fa:3f:f1:64:4e:4f:2b:e5:cc:a8:36:6a:36:
                    c2:ce:83:68:e6:96:a1:30:96:d7:09:fe:02:c5:64:
                    95:49:43:a6:d4:39:6e:f6:b4:9e:93:f2:45:07:16:
                    00:eb:2d:9f:48:d4:af:3b:a9:c5:5c:76:7e:56:5a:
                    77:f1:42:68:55:04:ae:aa:b9:24:5b:b2:0a:d6:1f:
                    f1:b7:b3:16:43:2e:18:3e:d8:82:08:b4:54:3a:eb:
                    c0:4c:66:d4:bf:31:8a:25:29:b5:1a:40:8a:5e:3f:
                    2e:43:ea:6b:f4:0e:08:9b:b6:db:50:64:81:ae:4a:
                    d7:84:19:a3:2f:1c:c0:b6:b4:30:2d:e7:c1:36:6e:
                    a3:24:bd:99:06:9e:3a:73:b3:c4:f3:63:99:80:7a:
                    6a:c9:6f:32:c7:47:29:bb:df:a4:1e:72:72:87:fb:
                    28:7c:23:ad:9e:07:ab:31:18:40:91:23:e3:64:92:
                    83:c1:b8:c4:b9:57:4c:0d:08:66:1c:b5:f7:a2:ad:
                    1a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:DA:0A:63:59:A1:E0:13:7F:C6:C8:81:0C:2D:61:F1:84:7E:D3:9B
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214062.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.23.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:21:b5:04:90:dc:10:51:dc:f8:90:12:c3:5e:d1:ca:a1:10:
         f5:01:e2:df:3b:8b:3b:a4:ce:6b:46:37:e5:0f:79:1c:6d:87:
         e7:b8:ca:3c:9f:5b:43:ff:f6:03:7a:9f:c3:58:a4:dd:e9:98:
         58:3f:5a:e5:b1:70:1e:0a:f9:80:2b:c9:47:58:17:93:70:f9:
         56:27:21:b3:4c:b3:fb:9f:23:94:42:2e:ed:11:82:bc:99:a0:
         14:a5:44:5a:a6:53:ab:49:f6:1d:4e:e0:6f:55:7c:27:0a:2d:
         03:a3:78:90:f9:c7:fa:8f:21:bc:83:da:4a:b2:14:cb:4e:b7:
         71:5a:2d:69:5a:29:be:6e:cc:b1:c6:01:0d:86:a5:49:e3:c9:
         0f:68:c1:eb:e0:93:c8:33:f9:0c:93:54:99:4d:22:a2:9e:42:
         94:42:14:60:0d:69:2b:37:26:38:c5:31:e7:a5:c1:8f:4c:d0:
         94:3d:e1:38:c3:2f:4a:68:32:7a:5b:5a:55:c4:71:ff:5e:53:
         8c:db:54:c6:95:62:40:16:1e:32:3a:18:49:b0:38:68:dc:a7:
         65:2e:b1:6e:2c:8a:c5:25:99:6d:e4:36:43:a1:db:15:13:ba:
         50:4e:0c:c2:fa:c8:1f:e0:f9:17:8f:2e:8c:36:b0:8e:bb:d2:
         f4:75:00:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURVFwFQs8GZbCg0GocPSa7rgE79UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMzExNzUwMzNaFw0yNjEyMzAxNzU1MzNaMDMxMTAvBgNV
BAMTKEYwREEwQTYzNTlBMUUwMTM3RkM2Qzg4MTBDMkQ2MUYxODQ3RUQzOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsG8ICdUAjBeCYlJvQJUaJCGbg
HSdzEJaPk5uWe18X7idTYTjr4BLINtpR/GA33iF0+EH/krCEbtrqOrdm+j/xZE5P
K+XMqDZqNsLOg2jmlqEwltcJ/gLFZJVJQ6bUOW72tJ6T8kUHFgDrLZ9I1K87qcVc
dn5WWnfxQmhVBK6quSRbsgrWH/G3sxZDLhg+2IIItFQ668BMZtS/MYolKbUaQIpe
Py5D6mv0DgibtttQZIGuSteEGaMvHMC2tDAt58E2bqMkvZkGnjpzs8TzY5mAemrJ
bzLHRym736QecnKH+yh8I62eB6sxGECRI+NkkoPBuMS5V0wNCGYctfeirRpjAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU8NoKY1mh4BN/xsiBDC1h8YR+05swHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0MDYyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhe3
MA0GCSqGSIb3DQEBCwUAA4IBAQBFIbUEkNwQUdz4kBLDXtHKoRD1AeLfO4s7pM5r
RjflD3kcbYfnuMo8n1tD//YDep/DWKTd6ZhYP1rlsXAeCvmAK8lHWBeTcPlWJyGz
TLP7nyOUQi7tEYK8maAUpURaplOrSfYdTuBvVXwnCi0Do3iQ+cf6jyG8g9pKshTL
TrdxWi1pWim+bsyxxgENhqVJ48kPaMHr4JPIM/kMk1SZTSKinkKUQhRgDWkrNyY4
xTHnpcGPTNCUPeE4wy9KaDJ6W1pVxHH/XlOM21TGlWJAFh4yOhhJsDho3KdlLrFu
LIrFJZlt5DZDodsVE7pQTgzC+sgf4PkXjy6MNrCOu9L0dQDC
-----END CERTIFICATE-----