This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49608.roa
File:                     AS49608.roa (raw, json)
Hash identifier:          mPpIXhaX7HJxZ2VtYbUoKA6Pl1EtM077Se50Au2dFXc=
Subject key identifier:   5A:7A:B6:8A:1A:5B:AE:E8:AF:E0:09:1B:F7:F1:03:3C:26:E2:2C:FE
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       165C5FF0CD8C519852EE5962831FF38D1F3816D0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49608.roa
Signing time:             Sat 17 Jan 2026 10:29:54 +0000
ROA not before:           Sat 17 Jan 2026 10:24:54 +0000
ROA not after:            Sat 16 Jan 2027 10:29:54 +0000
asID:                     49608
IP address blocks:        178.83.140.0/24 maxlen: 24
                          178.83.230.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:5c:5f:f0:cd:8c:51:98:52:ee:59:62:83:1f:f3:8d:1f:38:16:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan 17 10:24:54 2026 GMT
            Not After : Jan 16 10:29:54 2027 GMT
        Subject: CN=5A7AB68A1A5BAEE8AFE0091BF7F1033C26E22CFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cb:8a:4c:7a:70:e3:d4:89:8d:de:5c:82:30:
                    e0:0e:17:3b:e5:0d:c9:a1:42:f8:f6:37:56:2a:14:
                    c0:02:99:d5:7f:b6:02:2d:86:cb:09:e0:3b:75:bd:
                    b5:72:e1:54:6e:3f:fa:68:60:f7:27:b3:72:f4:0a:
                    2a:07:7c:c0:51:31:97:ca:ac:7a:ee:cf:98:4d:af:
                    a2:6a:ff:22:80:c1:51:1b:df:89:ee:84:4f:cd:6c:
                    28:c3:f4:b8:2b:c2:7a:c9:25:43:c0:85:6b:b9:1b:
                    0b:50:04:4d:8e:4f:6e:18:7e:61:2c:de:55:6e:7c:
                    fe:99:31:87:f6:14:f4:d8:39:f3:87:22:b6:14:58:
                    d7:71:26:f7:9e:dc:27:48:52:11:3e:95:60:a3:15:
                    16:7b:27:11:de:0b:41:23:c6:44:8c:31:cd:a0:34:
                    16:00:66:fa:40:87:4e:e6:96:cd:88:0f:89:ac:03:
                    12:6c:c9:b0:f7:d4:ac:7d:3e:f2:e1:b1:b7:92:d4:
                    7f:b3:2f:85:c5:af:7f:df:ae:67:e7:58:1c:66:07:
                    5a:2b:7e:a6:f1:0c:cd:41:4e:2c:5d:b9:ad:a9:55:
                    c6:f0:42:b7:8c:14:b0:67:d0:ba:49:1d:ac:71:27:
                    e1:ce:81:d6:14:f5:78:b9:01:23:98:96:a2:81:97:
                    71:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:7A:B6:8A:1A:5B:AE:E8:AF:E0:09:1B:F7:F1:03:3C:26:E2:2C:FE
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS49608.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.83.140.0/24
                  178.83.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:a9:7c:a8:25:1c:1d:d7:25:96:62:ec:ba:55:3f:f4:92:08:
         81:ed:ac:52:54:95:08:73:34:00:93:bd:b3:b3:c1:b7:18:ee:
         67:2a:43:a6:67:7f:11:29:63:74:f0:20:8a:5f:29:41:5d:cc:
         e6:e4:6c:ec:43:99:d0:89:82:3d:66:99:0e:c0:e6:9f:2c:cf:
         1d:41:34:ab:09:b0:f6:c5:1d:6c:82:6b:ee:6c:8f:6a:ef:d3:
         14:f4:2c:e6:fe:0d:cc:dc:77:73:8e:ad:1f:cc:dd:cf:4c:de:
         71:21:6e:36:14:f6:f6:11:13:a2:13:f1:cb:5a:b4:84:9a:06:
         dc:2e:8a:4d:08:c3:33:51:72:3a:9e:12:40:13:6c:6f:80:76:
         1b:d1:65:85:de:21:4f:a4:d1:44:a3:d6:cb:41:7d:30:e8:c0:
         48:41:c6:c4:0d:d8:ff:19:29:50:6b:23:19:bc:2f:88:3d:aa:
         c9:85:e0:90:2f:9b:91:8e:6a:51:d7:d8:10:af:ac:97:78:43:
         b7:85:12:70:14:dc:04:51:5b:0d:3e:e0:92:97:26:d4:8f:9c:
         d5:79:00:a1:87:a0:dd:3b:e2:40:e9:d1:bf:80:e9:d6:5d:8e:
         2a:2e:82:10:1b:51:79:d4:33:ff:fa:9f:2f:0d:f7:b9:7f:e2:
         99:cc:df:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUFlxf8M2MUZhS7lligx/zjR84FtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMTcxMDI0NTRaFw0yNzAxMTYxMDI5NTRaMDMxMTAvBgNV
BAMTKDVBN0FCNjhBMUE1QkFFRThBRkUwMDkxQkY3RjEwMzNDMjZFMjJDRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2y4pMenDj1ImN3lyCMOAOFzvl
DcmhQvj2N1YqFMACmdV/tgIthssJ4Dt1vbVy4VRuP/poYPcns3L0CioHfMBRMZfK
rHruz5hNr6Jq/yKAwVEb34nuhE/NbCjD9LgrwnrJJUPAhWu5GwtQBE2OT24YfmEs
3lVufP6ZMYf2FPTYOfOHIrYUWNdxJvee3CdIUhE+lWCjFRZ7JxHeC0EjxkSMMc2g
NBYAZvpAh07mls2ID4msAxJsybD31Kx9PvLhsbeS1H+zL4XFr3/frmfnWBxmB1or
fqbxDM1BTixdua2pVcbwQreMFLBn0LpJHaxxJ+HOgdYU9Xi5ASOYlqKBl3GRAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUWnq2ihpbruiv4Akb9/EDPCbiLP4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDk2MDgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACyU4wD
BACyU+YwDQYJKoZIhvcNAQELBQADggEBABOpfKglHB3XJZZi7LpVP/SSCIHtrFJU
lQhzNACTvbOzwbcY7mcqQ6ZnfxEpY3TwIIpfKUFdzObkbOxDmdCJgj1mmQ7A5p8s
zx1BNKsJsPbFHWyCa+5sj2rv0xT0LOb+Dczcd3OOrR/M3c9M3nEhbjYU9vYRE6IT
8ctatISaBtwuik0IwzNRcjqeEkATbG+AdhvRZYXeIU+k0USj1stBfTDowEhBxsQN
2P8ZKVBrIxm8L4g9qsmF4JAvm5GOalHX2BCvrJd4Q7eFEnAU3ARRWw0+4JKXJtSP
nNV5AKGHoN074kDp0b+A6dZdjioughAbUXnUM//6ny8N97l/4pnM380=
-----END CERTIFICATE-----