This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS61112.roa
File:                     AS61112.roa (raw, json)
Hash identifier:          RKOtSECKSQ1fyZErqkrqN4UY7QbdxD7wrbusd/1Vk9k=
Subject key identifier:   69:88:9F:6F:37:4F:49:AE:BF:76:6C:BC:43:D4:C8:FB:06:1B:74:F2
Certificate issuer:       /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial:       60D2451E6D5F39ECF08B8E4E3D8AAF9A89D9386B
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS61112.roa
Signing time:             Thu 20 Nov 2025 00:55:12 +0000
ROA not before:           Thu 20 Nov 2025 00:50:12 +0000
ROA not after:            Thu 19 Nov 2026 00:55:12 +0000
asID:                     61112
IP address blocks:        45.149.186.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Dec 2025 13:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:d2:45:1e:6d:5f:39:ec:f0:8b:8e:4e:3d:8a:af:9a:89:d9:38:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
        Validity
            Not Before: Nov 20 00:50:12 2025 GMT
            Not After : Nov 19 00:55:12 2026 GMT
        Subject: CN=69889F6F374F49AEBF766CBC43D4C8FB061B74F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0d:da:82:5b:4a:b3:f3:7a:d8:c0:9f:82:b9:
                    21:51:74:10:b7:5f:f1:98:9c:27:73:a7:63:32:62:
                    1d:7e:58:c0:54:7d:ed:9e:1d:b6:08:af:31:88:7f:
                    39:d3:d1:68:09:79:93:e1:df:17:f8:43:2b:52:29:
                    88:21:e8:2d:4e:ca:3b:ab:0e:4d:d0:aa:5b:f9:76:
                    e6:54:cf:c5:66:e7:9e:34:81:2a:be:0e:4e:64:c3:
                    16:47:85:f3:d9:6f:1f:e3:f8:b3:ec:e9:2c:d5:1d:
                    9b:dc:d2:dd:45:02:65:9a:21:37:ff:33:b3:c7:f6:
                    1e:46:95:3d:37:34:ef:81:50:4e:d0:f8:b0:ef:68:
                    cb:d5:8b:45:ce:64:f1:56:fc:38:a6:eb:99:45:a2:
                    fd:83:06:b9:a0:8c:dc:9d:2b:08:94:6f:a2:ad:76:
                    36:13:97:42:0e:55:fe:cc:5a:7e:ef:be:8a:16:1a:
                    ff:e0:3c:e0:8c:46:ef:81:7c:cf:74:e0:5a:e3:f1:
                    53:37:ea:27:52:05:13:72:b0:c0:fc:45:73:d1:8a:
                    9c:d0:8f:02:a6:1a:c9:70:d3:bd:2b:3e:78:73:9b:
                    d1:ab:16:ee:3c:85:29:ba:aa:0f:aa:f4:85:20:10:
                    c8:2a:56:c2:1f:12:7a:64:2e:b2:d3:b4:d3:77:7d:
                    43:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:88:9F:6F:37:4F:49:AE:BF:76:6C:BC:43:D4:C8:FB:06:1B:74:F2
            X509v3 Authority Key Identifier:
                keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS61112.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:8a:70:cb:c0:1a:e5:45:13:9e:2b:c1:bc:4c:7d:2e:ba:e0:
         a6:f9:ef:87:55:80:ae:74:fb:dc:ad:2e:0b:c1:c2:32:46:9d:
         05:11:16:44:07:28:b3:59:8f:21:b0:b2:3c:77:5c:38:b0:6e:
         88:f4:27:24:d9:90:74:c8:7a:12:04:69:73:ec:8b:cd:08:a3:
         b0:d1:35:a8:ca:d9:04:30:14:c6:f8:ae:c2:4f:bc:a7:78:05:
         a5:02:86:73:95:38:a5:78:20:0d:e5:b0:d9:af:19:3c:d8:10:
         50:63:d3:36:58:c0:bf:d5:a4:c4:0a:23:5f:6c:e2:28:c9:7a:
         06:89:a4:2f:af:d8:7a:92:71:76:ae:8d:15:a1:ef:54:f0:b4:
         13:d8:8d:b0:f4:b9:93:6b:4b:97:7a:1c:be:cb:fd:10:e2:13:
         26:f3:c6:ac:d6:77:7a:ef:90:79:69:e7:db:a1:b6:01:ba:4a:
         e4:aa:30:bf:e0:94:4b:3c:e3:96:f8:eb:54:d8:90:30:f0:9c:
         f3:78:95:73:a8:ae:d1:9d:1b:1c:e0:b3:f4:57:ea:ef:78:d4:
         c0:77:3f:a4:c3:52:7a:bb:e6:7c:09:7c:82:9a:ad:17:de:d4:
         4e:e8:7f:90:44:6a:b0:dd:9e:d8:4d:37:3d:06:30:64:c9:29:
         42:a0:74:5b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUYNJFHm1fOezwi45OPYqvmonZOGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTExMjAwMDUwMTJaFw0yNjExMTkwMDU1MTJaMDMxMTAvBgNV
BAMTKDY5ODg5RjZGMzc0RjQ5QUVCRjc2NkNCQzQzRDRDOEZCMDYxQjc0RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7DdqCW0qz83rYwJ+CuSFRdBC3
X/GYnCdzp2MyYh1+WMBUfe2eHbYIrzGIfznT0WgJeZPh3xf4QytSKYgh6C1Oyjur
Dk3Qqlv5duZUz8Vm5540gSq+Dk5kwxZHhfPZbx/j+LPs6SzVHZvc0t1FAmWaITf/
M7PH9h5GlT03NO+BUE7Q+LDvaMvVi0XOZPFW/Dim65lFov2DBrmgjNydKwiUb6Kt
djYTl0IOVf7MWn7vvooWGv/gPOCMRu+BfM904Frj8VM36idSBRNysMD8RXPRipzQ
jwKmGslw070rPnhzm9GrFu48hSm6qg+q9IUgEMgqVsIfEnpkLrLTtNN3fUN9AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUaYifbzdPSa6/dmy8Q9TI+wYbdPIwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTNjExMTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtlbow
DQYJKoZIhvcNAQELBQADggEBAAqKcMvAGuVFE54rwbxMfS664Kb574dVgK50+9yt
LgvBwjJGnQURFkQHKLNZjyGwsjx3XDiwboj0JyTZkHTIehIEaXPsi80Io7DRNajK
2QQwFMb4rsJPvKd4BaUChnOVOKV4IA3lsNmvGTzYEFBj0zZYwL/VpMQKI19s4ijJ
egaJpC+v2HqScXaujRWh71TwtBPYjbD0uZNrS5d6HL7L/RDiEybzxqzWd3rvkHlp
59uhtgG6SuSqML/glEs845b461TYkDDwnPN4lXOortGdGxzgs/RX6u941MB3P6TD
Unq75nwJfIKarRfe1E7of5BEarDdnthNNz0GMGTJKUKgdFs=
-----END CERTIFICATE-----