This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS46450.roa
File:                     AS46450.roa (raw, json)
Hash identifier:          34WH8s698bBbo5J6l63kXqdlze0fWXY409U//ET0U8E=
Subject key identifier:   1D:BC:66:8F:47:2F:F7:1B:23:D0:5E:CC:50:65:00:A8:87:00:45:EA
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       7C6F07011FFAE4BD5C21EB0922D5A9132FF3BD6E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS46450.roa
Signing time:             Tue 30 Dec 2025 22:55:33 +0000
ROA not before:           Tue 30 Dec 2025 22:50:33 +0000
ROA not after:            Tue 29 Dec 2026 22:55:33 +0000
asID:                     46450
IP address blocks:        82.22.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:6f:07:01:1f:fa:e4:bd:5c:21:eb:09:22:d5:a9:13:2f:f3:bd:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 30 22:50:33 2025 GMT
            Not After : Dec 29 22:55:33 2026 GMT
        Subject: CN=1DBC668F472FF71B23D05ECC506500A8870045EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:ca:ea:6e:6c:e6:11:c7:68:89:01:de:ca:8f:
                    22:70:f6:b2:91:b0:e5:77:46:95:72:f4:2d:5c:1e:
                    cf:78:b7:4e:cf:ae:08:95:d2:3c:25:e1:d8:a8:bf:
                    f0:06:1f:bd:ae:02:8f:b7:58:9e:fe:15:4f:10:cb:
                    98:bd:92:c8:60:11:37:b8:21:7d:af:32:9f:de:c3:
                    63:ce:e2:8a:85:6a:fb:8d:e7:91:56:59:5a:2f:39:
                    ba:7e:0a:2b:a3:b8:72:ba:a0:0c:1d:ae:68:61:3f:
                    52:e0:92:92:21:b5:4e:fa:6d:b9:52:22:17:6b:d3:
                    4d:32:16:80:55:f4:c2:0e:e3:49:ac:79:40:e6:1a:
                    4f:c6:49:39:c2:eb:0e:2f:f9:c5:6d:8c:de:03:72:
                    87:6b:b8:2b:ed:e7:99:f1:a1:aa:7e:1f:e8:51:56:
                    a2:9d:d4:fb:98:98:33:b4:79:4f:92:39:c2:6d:ec:
                    c0:e1:21:8d:8b:67:3a:73:f9:ac:ab:50:0d:60:32:
                    51:82:d6:67:17:4f:b4:9a:7e:d1:2b:c8:c1:c0:20:
                    05:48:e4:be:56:4a:13:83:77:ba:2b:68:99:8a:8f:
                    3d:f6:ee:6c:1a:d3:1b:b1:8f:3f:b7:d3:93:df:fc:
                    1f:4f:dd:59:df:f5:45:69:7f:4b:31:de:13:e2:14:
                    4d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:BC:66:8F:47:2F:F7:1B:23:D0:5E:CC:50:65:00:A8:87:00:45:EA
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS46450.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:a5:ec:ec:3f:1c:f9:01:c2:58:31:db:7a:9a:79:2e:26:ce:
         f0:8e:bd:34:7f:c8:68:11:57:b6:cc:84:0f:f0:82:4b:17:1f:
         73:ce:85:a3:40:fd:db:46:36:cb:ef:63:22:4d:9a:54:84:5c:
         34:eb:eb:c3:53:fe:b9:9f:75:e8:38:38:fe:c4:ec:73:f3:f5:
         db:57:01:2e:8e:d7:9d:33:d6:95:92:aa:53:c2:2a:13:e5:04:
         ea:9c:ee:07:c8:51:42:45:c3:ff:57:6b:10:19:39:08:89:97:
         3c:bd:ec:10:ff:71:a3:87:cd:7f:36:d3:7a:36:5e:9d:f0:ae:
         db:50:5d:ca:97:3f:6d:54:48:16:31:9c:0f:d9:2b:f5:d6:4d:
         b1:71:dd:67:ec:ac:58:7e:ac:82:88:c5:62:9c:bb:0a:28:d1:
         e3:59:74:23:11:6c:fe:c7:3f:b5:01:b3:67:58:33:cd:3e:5e:
         44:c6:be:a5:1b:76:65:0d:05:e9:12:59:45:67:bb:bd:85:83:
         89:3b:3e:a7:30:b0:88:4e:83:74:39:e8:2a:9b:f8:0b:d2:e2:
         30:09:84:99:d2:ad:8b:56:47:c5:b3:03:6e:e1:7b:67:8a:41:
         f1:d2:6a:0d:fd:85:29:a2:55:b9:c1:03:1f:aa:a0:6f:7a:ce:
         93:93:81:cf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUfG8HAR/65L1cIesJItWpEy/zvW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMzAyMjUwMzNaFw0yNjEyMjkyMjU1MzNaMDMxMTAvBgNV
BAMTKDFEQkM2NjhGNDcyRkY3MUIyM0QwNUVDQzUwNjUwMEE4ODcwMDQ1RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqyupubOYRx2iJAd7KjyJw9rKR
sOV3RpVy9C1cHs94t07PrgiV0jwl4diov/AGH72uAo+3WJ7+FU8Qy5i9kshgETe4
IX2vMp/ew2PO4oqFavuN55FWWVovObp+CiujuHK6oAwdrmhhP1LgkpIhtU76bblS
Ihdr000yFoBV9MIO40mseUDmGk/GSTnC6w4v+cVtjN4DcodruCvt55nxoap+H+hR
VqKd1PuYmDO0eU+SOcJt7MDhIY2LZzpz+ayrUA1gMlGC1mcXT7SaftEryMHAIAVI
5L5WShODd7oraJmKjz327mwa0xuxjz+305Pf/B9P3Vnf9UVpf0sx3hPiFE03AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUHbxmj0cv9xsj0F7MUGUAqIcAReowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDY0NTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFsAw
DQYJKoZIhvcNAQELBQADggEBACml7Ow/HPkBwlgx23qaeS4mzvCOvTR/yGgRV7bM
hA/wgksXH3POhaNA/dtGNsvvYyJNmlSEXDTr68NT/rmfdeg4OP7E7HPz9dtXAS6O
150z1pWSqlPCKhPlBOqc7gfIUUJFw/9XaxAZOQiJlzy97BD/caOHzX8203o2Xp3w
rttQXcqXP21USBYxnA/ZK/XWTbFx3WfsrFh+rIKIxWKcuwoo0eNZdCMRbP7HP7UB
s2dYM80+XkTGvqUbdmUNBekSWUVnu72Fg4k7PqcwsIhOg3Q56Cqb+AvS4jAJhJnS
rYtWR8WzA27he2eKQfHSag39hSmiVbnBAx+qoG96zpOTgc8=
-----END CERTIFICATE-----