This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
File:                     AS214432.roa (raw, json)
Hash identifier:          JijQXZxbJjeNdDSm6M5VpReLLaGnfsGnw963qNrD9Dg=
Subject key identifier:   C5:79:BC:C4:FF:41:89:5E:38:92:39:8B:CC:8F:18:82:3A:B2:63:A2
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       04C426EA4148948601293E3304CEA1ACE0DBFA66
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa
Signing time:             Thu 04 Dec 2025 03:08:22 +0000
ROA not before:           Thu 04 Dec 2025 03:03:22 +0000
ROA not after:            Thu 03 Dec 2026 03:08:22 +0000
asID:                     214432
IP address blocks:        82.25.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Dec 2025 00:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c4:26:ea:41:48:94:86:01:29:3e:33:04:ce:a1:ac:e0:db:fa:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec  4 03:03:22 2025 GMT
            Not After : Dec  3 03:08:22 2026 GMT
        Subject: CN=C579BCC4FF41895E3892398BCC8F18823AB263A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a5:37:12:71:5f:99:ce:db:81:36:06:93:67:
                    1d:d2:8e:c5:e4:12:a3:2c:76:36:f1:72:6a:f8:12:
                    fa:72:0f:ff:39:b7:f3:fe:4a:42:94:e5:05:58:96:
                    cf:d9:df:30:51:e2:54:34:1a:ef:7d:26:c0:96:5f:
                    a0:4b:3c:e2:21:1f:c9:f4:ab:9d:b4:e0:f9:f0:4b:
                    e6:d1:0c:40:29:1c:fc:14:d7:a9:fb:1f:8e:14:ce:
                    48:73:d3:04:ea:37:55:b7:89:6d:bb:b5:a2:c6:67:
                    d7:db:11:66:e5:bd:94:04:45:a1:25:b3:3e:a3:ff:
                    d6:89:52:d4:91:9e:07:1c:58:64:56:09:17:2e:bc:
                    55:01:72:99:e5:91:e3:09:52:3f:15:cd:0e:24:4e:
                    35:56:35:b2:57:f7:d4:10:b0:e5:d8:55:75:1e:fa:
                    71:5a:e8:00:ab:fc:8e:14:1b:f7:cc:41:c4:6a:54:
                    4f:97:72:15:c0:c5:a5:c3:49:7a:e8:1c:de:6f:83:
                    a8:a0:cd:94:99:87:b0:35:f7:1b:01:a7:f7:ef:f0:
                    e9:0e:98:8d:c1:fc:d8:54:03:b1:ce:f9:a5:cb:ca:
                    85:ce:56:36:dc:08:88:72:5c:b2:d3:ba:ed:ed:a8:
                    f2:f0:66:eb:27:f4:cb:47:0e:2d:c0:92:ad:86:94:
                    7e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:79:BC:C4:FF:41:89:5E:38:92:39:8B:CC:8F:18:82:3A:B2:63:A2
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS214432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.25.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:5b:c5:65:bb:47:f1:61:02:0e:af:bb:4b:f1:1d:a6:93:cc:
         8f:b6:72:8b:81:d3:8d:a7:bf:c8:d4:c8:4a:de:e5:79:4f:91:
         f6:b2:74:63:87:7c:80:3c:14:f5:31:83:30:3e:5b:af:13:0e:
         78:57:c3:85:35:94:d0:66:7e:cb:97:8d:19:23:ef:48:33:c9:
         25:a5:7e:8f:81:c6:4e:1a:ed:10:de:4f:89:cd:6b:08:c3:0a:
         76:36:42:05:14:2f:6a:c0:41:e8:bc:dc:ed:e9:20:63:63:89:
         c4:70:47:16:e3:e0:10:16:46:70:35:13:5f:04:69:27:72:81:
         96:3f:c6:7b:c7:7b:dc:08:d3:8c:75:1e:bc:59:08:d2:45:4a:
         e0:a6:bc:b7:3c:14:da:bb:a9:aa:ec:cb:b8:b7:7c:0a:b6:c3:
         20:b8:c4:b6:33:35:c3:cd:28:ee:28:fc:69:97:d0:07:52:9e:
         b4:26:92:a7:ce:9e:24:cb:a9:84:fa:51:bd:3d:d0:a2:56:d1:
         c3:b4:c7:bd:6c:51:0d:a6:e6:02:d5:38:b2:d1:64:2e:26:18:
         04:27:d8:47:09:e5:2f:87:c4:7a:85:f5:39:42:54:76:62:61:
         75:91:fd:7a:ae:43:b4:98:56:89:d8:76:34:bf:63:86:a9:23:
         1d:a3:64:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUBMQm6kFIlIYBKT4zBM6hrODb+mYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMDQwMzAzMjJaFw0yNjEyMDMwMzA4MjJaMDMxMTAvBgNV
BAMTKEM1NzlCQ0M0RkY0MTg5NUUzODkyMzk4QkNDOEYxODgyM0FCMjYzQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6pTcScV+ZztuBNgaTZx3SjsXk
EqMsdjbxcmr4EvpyD/85t/P+SkKU5QVYls/Z3zBR4lQ0Gu99JsCWX6BLPOIhH8n0
q5204PnwS+bRDEApHPwU16n7H44Uzkhz0wTqN1W3iW27taLGZ9fbEWblvZQERaEl
sz6j/9aJUtSRngccWGRWCRcuvFUBcpnlkeMJUj8VzQ4kTjVWNbJX99QQsOXYVXUe
+nFa6ACr/I4UG/fMQcRqVE+XchXAxaXDSXroHN5vg6igzZSZh7A19xsBp/fv8OkO
mI3B/NhUA7HO+aXLyoXOVjbcCIhyXLLTuu3tqPLwZusn9MtHDi3Akq2GlH4xAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUxXm8xP9BiV44kjmLzI8YgjqyY6IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhmO
MA0GCSqGSIb3DQEBCwUAA4IBAQBDW8Vlu0fxYQIOr7tL8R2mk8yPtnKLgdONp7/I
1MhK3uV5T5H2snRjh3yAPBT1MYMwPluvEw54V8OFNZTQZn7Ll40ZI+9IM8klpX6P
gcZOGu0Q3k+JzWsIwwp2NkIFFC9qwEHovNzt6SBjY4nEcEcW4+AQFkZwNRNfBGkn
coGWP8Z7x3vcCNOMdR68WQjSRUrgpry3PBTau6mq7Mu4t3wKtsMguMS2MzXDzSju
KPxpl9AHUp60JpKnzp4ky6mE+lG9PdCiVtHDtMe9bFENpuYC1Tiy0WQuJhgEJ9hH
CeUvh8R6hfU5QlR2YmF1kf16rkO0mFaJ2HY0v2OGqSMdo2Rb
-----END CERTIFICATE-----