This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59642.roa
File:                     AS59642.roa (raw, json)
Hash identifier:          5c/tqO9Ka7ynx62j4yMWjHRpiBAFj/ZTffS92BzXwXU=
Subject key identifier:   59:37:44:BF:3F:C5:32:5F:0D:60:27:80:8E:B1:AE:B7:90:CA:3C:48
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       60D105A295852CA25D109088FA3064A0EF74ABFE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59642.roa
Signing time:             Thu 13 Nov 2025 11:43:52 +0000
ROA not before:           Thu 13 Nov 2025 11:38:52 +0000
ROA not after:            Thu 12 Nov 2026 11:43:52 +0000
asID:                     59642
IP address blocks:        82.29.106.0/24 maxlen: 24
                          82.38.64.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Dec 2025 11:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:d1:05:a2:95:85:2c:a2:5d:10:90:88:fa:30:64:a0:ef:74:ab:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Nov 13 11:38:52 2025 GMT
            Not After : Nov 12 11:43:52 2026 GMT
        Subject: CN=593744BF3FC5325F0D6027808EB1AEB790CA3C48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:92:fe:75:d1:d3:d9:0c:df:3b:1a:82:b2:eb:
                    8a:51:82:c6:c2:03:29:86:8f:6e:9f:f5:60:64:5e:
                    60:b2:f4:ae:90:da:36:e5:8d:93:00:33:3d:fe:e4:
                    aa:19:0a:97:c4:92:9e:ad:e2:de:71:75:2a:6b:11:
                    d9:80:1a:9d:4f:a6:76:34:74:99:59:e6:b0:9f:88:
                    fd:98:ed:6f:d9:3e:dd:5f:46:51:e5:c8:91:64:b0:
                    82:6f:ca:05:68:aa:cf:1d:f6:15:2c:bc:e5:20:c9:
                    60:77:d8:e2:64:fc:a4:8a:65:6b:8a:e1:ff:37:d9:
                    02:0e:d4:52:8c:b8:b2:24:cc:09:61:ea:a9:44:3f:
                    e6:21:3c:c7:91:a1:83:7a:c8:fe:db:c4:3f:57:84:
                    a5:05:02:cc:1f:b7:d2:56:1c:1a:5c:e1:fd:ba:c9:
                    df:16:6b:96:b9:4d:1b:01:d1:12:d5:ca:8d:c4:43:
                    49:63:aa:3a:f3:26:3f:c1:59:36:7d:4a:21:f9:06:
                    a7:a0:a8:93:1e:1a:d9:3b:73:3a:f2:f1:f7:2e:98:
                    63:67:08:cc:bf:eb:c8:2d:12:7e:52:04:ab:b9:79:
                    23:f4:a5:fd:c9:7f:83:2f:67:03:54:cd:93:fb:12:
                    65:f3:52:4f:24:71:d7:77:48:19:f3:44:f9:69:33:
                    9f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:37:44:BF:3F:C5:32:5F:0D:60:27:80:8E:B1:AE:B7:90:CA:3C:48
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS59642.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.29.106.0/24
                  82.38.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:0c:c0:17:c5:02:20:dc:9f:6d:4a:1e:72:a2:e2:3a:c9:4f:
         82:85:ab:d4:b8:31:58:e2:60:44:b5:af:9e:d5:1d:7d:56:86:
         b9:18:eb:11:ed:ee:e7:67:d8:f0:88:1d:0c:30:b8:e2:02:fc:
         c1:51:29:82:65:f1:d0:f4:6a:4e:d8:5f:6d:9b:a9:86:71:37:
         e3:40:9f:56:ce:b6:6e:d0:2c:b2:34:6e:10:e5:0f:4a:de:63:
         6d:53:a9:27:3a:46:ec:b8:83:13:72:2a:22:4a:6a:58:63:da:
         37:40:f6:f8:bb:8c:9d:44:c2:38:dc:1d:72:a8:eb:23:10:ca:
         0b:6a:9c:64:95:76:e9:f1:8f:5b:fe:b8:e1:06:ba:40:a3:d0:
         d2:61:46:f2:43:9b:93:0e:80:45:79:69:91:6e:83:16:12:41:
         8a:de:8b:a9:06:5d:3d:3d:7b:70:79:ad:6f:c1:66:76:cd:a6:
         89:7d:d6:44:21:cb:64:e3:cd:df:12:52:49:3e:45:05:17:5e:
         b9:ea:0f:cc:04:cc:ee:07:60:fd:b8:ab:6f:d6:90:5f:68:f2:
         c3:d2:4d:92:45:3e:cd:9e:09:4c:68:d0:41:84:9f:cb:5d:a2:
         3c:4d:56:23:c5:a4:98:81:d4:63:38:59:37:53:d9:a3:f6:3c:
         05:60:77:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUYNEFopWFLKJdEJCI+jBkoO90q/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMTMxMTM4NTJaFw0yNjExMTIxMTQzNTJaMDMxMTAvBgNV
BAMTKDU5Mzc0NEJGM0ZDNTMyNUYwRDYwMjc4MDhFQjFBRUI3OTBDQTNDNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBkv510dPZDN87GoKy64pRgsbC
AymGj26f9WBkXmCy9K6Q2jbljZMAMz3+5KoZCpfEkp6t4t5xdSprEdmAGp1PpnY0
dJlZ5rCfiP2Y7W/ZPt1fRlHlyJFksIJvygVoqs8d9hUsvOUgyWB32OJk/KSKZWuK
4f832QIO1FKMuLIkzAlh6qlEP+YhPMeRoYN6yP7bxD9XhKUFAswft9JWHBpc4f26
yd8Wa5a5TRsB0RLVyo3EQ0ljqjrzJj/BWTZ9SiH5BqegqJMeGtk7czry8fcumGNn
CMy/68gtEn5SBKu5eSP0pf3Jf4MvZwNUzZP7EmXzUk8kcdd3SBnzRPlpM59rAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUWTdEvz/FMl8NYCeAjrGut5DKPEgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTk2NDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSHWoD
BANSJkAwDQYJKoZIhvcNAQELBQADggEBAIcMwBfFAiDcn21KHnKi4jrJT4KFq9S4
MVjiYES1r57VHX1WhrkY6xHt7udn2PCIHQwwuOIC/MFRKYJl8dD0ak7YX22bqYZx
N+NAn1bOtm7QLLI0bhDlD0reY21TqSc6Ruy4gxNyKiJKalhj2jdA9vi7jJ1Ewjjc
HXKo6yMQygtqnGSVdunxj1v+uOEGukCj0NJhRvJDm5MOgEV5aZFugxYSQYrei6kG
XT09e3B5rW/BZnbNpol91kQhy2Tjzd8SUkk+RQUXXrnqD8wEzO4HYP24q2/WkF9o
8sPSTZJFPs2eCUxo0EGEn8tdojxNViPFpJiB1GM4WTdT2aP2PAVgdys=
-----END CERTIFICATE-----