This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
File:                     AS64289.roa (raw, json)
Hash identifier:          hN89fW44XRUbbNJ0Eq16xuOUJE3QrU7agyvEP850b14=
Subject key identifier:   74:A9:39:CD:83:86:BB:32:BB:26:59:73:EA:89:B6:99:AA:BC:C7:95
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       736408278FBB8433BCB476FD52D36C7D1990C1F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa
Signing time:             Tue 27 Jan 2026 00:03:24 +0000
ROA not before:           Mon 26 Jan 2026 23:58:24 +0000
ROA not after:            Tue 26 Jan 2027 00:03:24 +0000
asID:                     64289
IP address blocks:        82.21.43.0/24 maxlen: 24
                          82.22.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Feb 2026 06:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:64:08:27:8f:bb:84:33:bc:b4:76:fd:52:d3:6c:7d:19:90:c1:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan 26 23:58:24 2026 GMT
            Not After : Jan 26 00:03:24 2027 GMT
        Subject: CN=74A939CD8386BB32BB265973EA89B699AABCC795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e5:c3:25:6b:a9:f5:b5:9e:58:be:6f:1c:cb:
                    9e:57:50:50:25:ea:13:4b:32:90:9e:6b:80:7a:c0:
                    54:b9:0d:7d:ab:31:c3:3b:53:e1:cf:08:96:c3:d5:
                    f3:f0:eb:3e:9e:11:3f:88:8d:1b:8a:eb:69:35:06:
                    23:7e:ac:f6:21:8a:ce:df:42:75:8e:74:a3:63:62:
                    0a:f7:63:d5:42:d5:05:94:91:cc:5e:2f:3d:f9:12:
                    c6:2d:a2:25:18:a3:f4:3f:2f:64:4e:e0:de:4e:34:
                    88:a8:e6:6f:97:aa:ec:e5:98:4f:6f:dc:a9:d0:c9:
                    03:e8:a1:35:f5:6c:f3:9a:48:b5:b5:38:6b:4b:72:
                    45:c9:83:97:ca:22:da:01:10:e3:52:0f:37:5a:f3:
                    7a:81:7f:35:63:92:14:21:ee:fd:9b:e9:0b:06:1c:
                    33:c8:5a:0c:c5:d4:31:0a:f5:f6:d2:31:69:e8:26:
                    ed:e6:b2:f4:39:5e:90:7b:7c:29:cd:20:4e:65:ea:
                    4b:38:de:2f:dc:3e:d2:07:bc:2b:e3:d7:1b:ae:6d:
                    20:5d:ef:24:1d:86:68:70:d1:ba:8c:46:02:d1:a9:
                    41:31:0b:b3:62:1f:2c:a4:94:d1:10:f0:a1:f1:2b:
                    ca:0b:7d:f6:91:a6:16:0b:46:1c:6e:51:04:05:06:
                    c0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A9:39:CD:83:86:BB:32:BB:26:59:73:EA:89:B6:99:AA:BC:C7:95
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS64289.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.43.0/24
                  82.22.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:2a:db:38:48:84:c1:e8:f6:91:8d:95:ea:53:2a:7d:d4:7a:
         cd:0d:8c:81:35:2e:d5:c3:93:9a:46:15:f5:d2:28:14:03:8b:
         25:ec:34:d6:15:30:86:32:46:ea:5f:90:96:75:8c:4f:c9:31:
         e7:aa:40:6b:ec:84:57:b1:30:2a:ce:3f:90:3c:71:ef:a0:30:
         b0:d7:88:38:b8:d7:71:37:ec:3f:b6:a9:63:32:34:1c:63:f7:
         aa:29:54:c9:85:de:6d:ed:74:49:f0:cf:dd:ec:1b:8e:89:05:
         c6:d5:71:0b:71:11:bc:96:20:d7:48:5b:d0:cc:87:2e:fa:cd:
         6c:58:c5:41:15:14:84:99:af:9a:5d:55:3d:5c:fd:4c:f7:b0:
         7c:64:ba:34:a4:a2:e0:42:29:34:4d:44:75:11:f0:63:4c:4f:
         12:93:01:0c:7f:00:75:59:41:a4:0b:b7:79:83:c3:bf:f2:06:
         56:a1:23:cb:cd:f4:96:75:f7:0e:12:18:84:e4:c1:64:86:ef:
         24:6d:e5:fb:cb:1e:ea:a6:9c:d9:12:c8:52:cb:14:9c:99:16:
         ab:cf:79:4b:25:6b:00:2b:9e:e3:bb:8c:91:ec:eb:39:e0:e3:
         50:a9:f5:4f:ec:82:2a:6f:85:fa:4c:d8:6b:d1:bb:00:c5:c1:
         8d:53:9d:7c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUc2QIJ4+7hDO8tHb9UtNsfRmQwfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMjYyMzU4MjRaFw0yNzAxMjYwMDAzMjRaMDMxMTAvBgNV
BAMTKDc0QTkzOUNEODM4NkJCMzJCQjI2NTk3M0VBODlCNjk5QUFCQ0M3OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw5cMla6n1tZ5Yvm8cy55XUFAl
6hNLMpCea4B6wFS5DX2rMcM7U+HPCJbD1fPw6z6eET+IjRuK62k1BiN+rPYhis7f
QnWOdKNjYgr3Y9VC1QWUkcxeLz35EsYtoiUYo/Q/L2RO4N5ONIio5m+XquzlmE9v
3KnQyQPooTX1bPOaSLW1OGtLckXJg5fKItoBEONSDzda83qBfzVjkhQh7v2b6QsG
HDPIWgzF1DEK9fbSMWnoJu3msvQ5XpB7fCnNIE5l6ks43i/cPtIHvCvj1xuubSBd
7yQdhmhw0bqMRgLRqUExC7NiHyyklNEQ8KHxK8oLffaRphYLRhxuUQQFBsAFAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUdKk5zYOGuzK7Jllz6om2maq8x5UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjQyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSFSsD
BABSFq8wDQYJKoZIhvcNAQELBQADggEBAB0q2zhIhMHo9pGNlepTKn3Ues0NjIE1
LtXDk5pGFfXSKBQDiyXsNNYVMIYyRupfkJZ1jE/JMeeqQGvshFexMCrOP5A8ce+g
MLDXiDi413E37D+2qWMyNBxj96opVMmF3m3tdEnwz93sG46JBcbVcQtxEbyWINdI
W9DMhy76zWxYxUEVFISZr5pdVT1c/Uz3sHxkujSkouBCKTRNRHUR8GNMTxKTAQx/
AHVZQaQLt3mDw7/yBlahI8vN9JZ19w4SGITkwWSG7yRt5fvLHuqmnNkSyFLLFJyZ
FqvPeUslawArnuO7jJHs6zng41Cp9U/sgipvhfpM2GvRuwDFwY1TnXw=
-----END CERTIFICATE-----