This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa
File:                     AS59432.roa (raw, json)
Hash identifier:          1312YNGxp2I4f6ZNX4ovxO+wMf+GBYFsLVOSUL+kQJk=
Subject key identifier:   C8:D1:F0:8E:0F:CE:C0:94:42:0F:83:A6:22:B1:ED:37:C4:84:18:BD
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       046404350B5CAC191F182644B8017F3373D24037
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa
Signing time:             Sun 21 Dec 2025 16:40:55 +0000
ROA not before:           Sun 21 Dec 2025 16:35:55 +0000
ROA not after:            Sun 20 Dec 2026 16:40:55 +0000
asID:                     59432
IP address blocks:        82.23.181.0/24 maxlen: 24
                          82.24.107.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 19 Jan 2026 04:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:64:04:35:0b:5c:ac:19:1f:18:26:44:b8:01:7f:33:73:d2:40:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 21 16:35:55 2025 GMT
            Not After : Dec 20 16:40:55 2026 GMT
        Subject: CN=C8D1F08E0FCEC094420F83A622B1ED37C48418BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:8a:87:3f:e2:c5:ff:5f:10:23:34:12:32:55:
                    29:44:f7:0e:5e:0a:87:e0:d1:04:48:9f:2c:26:a9:
                    18:93:8c:0c:23:6a:91:5d:33:eb:a8:52:c6:5c:a3:
                    ca:38:19:9e:00:48:61:c4:b4:a0:e6:ae:85:8e:01:
                    9c:8b:fa:ba:f1:58:8c:80:bd:6b:f9:8e:64:a5:47:
                    7c:a6:62:06:6e:30:d3:9d:c8:08:c7:57:4a:91:4d:
                    6c:a3:f7:3d:06:87:3d:03:72:fc:03:96:1f:91:60:
                    5f:5c:f6:17:2e:72:5d:8c:a5:5f:8d:95:7c:6e:ea:
                    e3:3d:b6:c3:59:0c:93:ae:cd:8a:ed:e0:d6:dd:19:
                    92:c0:4f:79:44:7b:28:a3:03:e1:b4:f1:c4:46:40:
                    53:6a:f3:7a:11:c1:2d:c3:43:6c:f8:ed:19:e0:5c:
                    0c:4c:b7:00:4c:a2:0e:70:b2:22:79:98:0d:51:d2:
                    03:78:da:66:4f:8a:c8:fa:6e:06:11:7f:1d:42:ca:
                    32:8d:7d:9e:58:d7:bb:0a:7e:04:87:8e:67:57:86:
                    be:3f:ca:23:1b:50:9f:48:55:5a:b3:56:a1:f4:e8:
                    cb:4e:25:cd:78:d1:d6:99:7f:36:b5:62:c3:6c:9b:
                    c6:0c:3c:fc:21:93:e2:e4:c5:ef:2c:d4:8e:89:08:
                    4f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D1:F0:8E:0F:CE:C0:94:42:0F:83:A6:22:B1:ED:37:C4:84:18:BD
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.23.181.0/24
                  82.24.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:36:1d:e7:21:b7:7d:78:60:8d:7c:4f:b3:4d:68:43:6a:d7:
         ca:42:2a:c7:09:22:76:33:c3:36:33:42:60:21:19:58:9d:70:
         c9:35:43:dc:dc:0b:21:25:df:31:3c:b8:34:f9:ce:fc:73:14:
         ea:f2:da:2f:d5:0b:34:74:a0:34:ec:ed:94:6b:62:8b:7c:e0:
         b2:46:42:91:0c:df:e8:5b:33:96:39:00:89:f1:27:8e:b0:56:
         af:5a:bf:63:31:66:db:94:8d:e6:13:cb:a1:34:1b:0d:4a:ff:
         34:e2:14:99:77:fd:97:a8:85:4f:eb:26:4f:62:9b:92:35:09:
         d5:19:01:97:5d:46:50:c3:53:bd:5e:cd:92:a4:8e:b2:59:c2:
         5d:27:21:24:e4:bd:f5:c3:96:a2:cc:2f:72:e9:cc:bf:a8:5e:
         df:3e:81:11:0b:a3:d4:fb:63:25:49:74:0c:95:dc:1a:8b:ab:
         5a:57:aa:2a:9a:f8:8e:e4:41:5f:4d:7f:dd:26:ec:32:71:fc:
         4b:31:b7:6d:e9:c9:64:9b:67:f7:28:12:d6:0c:e8:23:50:d9:
         e7:b0:28:c8:d7:f2:97:f3:33:b1:e2:29:68:ae:bb:12:a4:17:
         aa:1f:8b:4a:9b:3e:75:b9:0b:7b:48:c8:d6:43:91:49:d9:10:
         d4:ca:ac:d4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUBGQENQtcrBkfGCZEuAF/M3PSQDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMjExNjM1NTVaFw0yNjEyMjAxNjQwNTVaMDMxMTAvBgNV
BAMTKEM4RDFGMDhFMEZDRUMwOTQ0MjBGODNBNjIyQjFFRDM3QzQ4NDE4QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZioc/4sX/XxAjNBIyVSlE9w5e
Cofg0QRInywmqRiTjAwjapFdM+uoUsZco8o4GZ4ASGHEtKDmroWOAZyL+rrxWIyA
vWv5jmSlR3ymYgZuMNOdyAjHV0qRTWyj9z0Ghz0DcvwDlh+RYF9c9hcucl2MpV+N
lXxu6uM9tsNZDJOuzYrt4NbdGZLAT3lEeyijA+G08cRGQFNq83oRwS3DQ2z47Rng
XAxMtwBMog5wsiJ5mA1R0gN42mZPisj6bgYRfx1CyjKNfZ5Y17sKfgSHjmdXhr4/
yiMbUJ9IVVqzVqH06MtOJc140daZfza1YsNsm8YMPPwhk+Lkxe8s1I6JCE/XAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUyNHwjg/OwJRCD4OmIrHtN8SEGL0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk0MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSF7UD
BABSGGswDQYJKoZIhvcNAQELBQADggEBAII2Hecht314YI18T7NNaENq18pCKscJ
InYzwzYzQmAhGVidcMk1Q9zcCyEl3zE8uDT5zvxzFOry2i/VCzR0oDTs7ZRrYot8
4LJGQpEM3+hbM5Y5AInxJ46wVq9av2MxZtuUjeYTy6E0Gw1K/zTiFJl3/ZeohU/r
Jk9im5I1CdUZAZddRlDDU71ezZKkjrJZwl0nISTkvfXDlqLML3LpzL+oXt8+gREL
o9T7YyVJdAyV3BqLq1pXqiqa+I7kQV9Nf90m7DJx/Esxt23pyWSbZ/coEtYM6CNQ
2eewKMjX8pfzM7HiKWiuuxKkF6ofi0qbPnW5C3tIyNZDkUnZENTKrNQ=
-----END CERTIFICATE-----