This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209474.roa
File:                     AS209474.roa (raw, json)
Hash identifier:          fLymzVuz898+e7+RuYyXB4fqYMs5K/96n2q4xZjzrGw=
Subject key identifier:   FE:07:4A:3D:AB:49:4E:3A:28:AE:74:7A:59:E2:2B:EF:B7:F1:01:13
Certificate issuer:       /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial:       05E778A570A32D423B9FF48D0027D810122D48CA
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209474.roa
Signing time:             Mon 12 Jan 2026 20:55:33 +0000
ROA not before:           Mon 12 Jan 2026 20:50:33 +0000
ROA not after:            Mon 11 Jan 2027 20:55:33 +0000
asID:                     209474
IP address blocks:        193.17.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 23:37:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:e7:78:a5:70:a3:2d:42:3b:9f:f4:8d:00:27:d8:10:12:2d:48:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
        Validity
            Not Before: Jan 12 20:50:33 2026 GMT
            Not After : Jan 11 20:55:33 2027 GMT
        Subject: CN=FE074A3DAB494E3A28AE747A59E22BEFB7F10113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:97:4b:d3:71:00:37:a8:dc:d6:b3:a2:01:ae:
                    a0:50:47:b1:12:b5:62:e2:37:77:76:88:1b:ba:f9:
                    c2:4c:49:f2:96:24:28:ee:86:9d:89:eb:4f:a0:e0:
                    99:95:ed:ac:de:cb:b1:e5:06:3a:f9:15:52:03:17:
                    0f:bb:c7:51:76:df:5b:fd:05:86:61:44:d1:65:7d:
                    eb:77:47:42:61:74:e3:3b:00:73:af:a7:df:9e:ff:
                    da:0b:87:e6:b5:ae:a8:a6:43:7b:84:dd:4b:b4:87:
                    64:a0:7c:61:70:01:70:0e:4f:52:45:ad:7e:2b:5e:
                    07:89:9b:b9:11:45:2f:e1:4f:8e:ec:6a:87:d0:28:
                    a7:47:70:9f:ef:93:82:99:0e:d6:f9:88:7c:ce:d6:
                    72:0a:a8:06:20:0d:43:06:59:84:06:08:fc:dd:2a:
                    ff:40:8d:7e:ab:5b:76:1c:5e:a7:31:e7:e0:68:6c:
                    3e:e7:45:44:bb:93:71:c5:57:69:bb:58:99:20:f9:
                    b3:20:ca:9e:d6:5f:8b:fb:9a:e5:1c:41:29:3b:db:
                    58:2a:fa:9f:29:f1:fc:b0:ff:33:f7:ab:25:07:7a:
                    61:7e:3d:b1:12:45:4d:48:95:15:cd:72:69:00:8f:
                    8c:c1:6e:94:4e:db:b7:a8:30:1e:3f:8e:9f:39:d8:
                    d8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:07:4A:3D:AB:49:4E:3A:28:AE:74:7A:59:E2:2B:EF:B7:F1:01:13
            X509v3 Authority Key Identifier:
                keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209474.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:bc:a9:71:18:f0:72:59:0e:84:67:90:90:a9:5b:9a:53:8d:
         78:cd:ec:3c:96:9d:5b:64:d8:98:8b:82:dd:54:e5:62:a6:c6:
         c1:8a:7e:23:1d:a7:50:93:2e:e2:9d:a7:99:3a:e4:5d:5f:1e:
         10:3b:6d:9d:97:77:fa:f9:d2:06:6d:7d:75:6f:17:7e:df:0e:
         16:59:cf:1a:3b:51:b3:4f:99:c4:65:fe:f4:70:51:5b:b6:8a:
         bf:e2:0d:fc:c0:42:f6:43:6e:88:a4:5b:7b:61:9b:c4:58:99:
         b7:ec:f5:ff:69:f5:ec:f2:88:0c:3e:b5:6a:3e:34:74:cf:e4:
         24:64:40:bb:40:92:ab:b9:dd:3b:27:08:38:86:48:bd:b5:2d:
         2b:a9:9d:83:cf:c5:e4:b2:49:4f:07:b2:1c:c1:e9:31:e2:30:
         46:07:79:23:ea:48:8e:20:44:11:01:63:df:db:51:65:f6:b6:
         fb:6a:35:00:3a:ac:4f:05:dd:b8:50:51:96:bc:2f:e1:be:a8:
         48:d8:19:4a:4c:07:05:ae:83:9c:eb:2b:37:ce:92:03:91:1c:
         ec:4d:47:67:5c:2b:4a:e6:71:7f:29:8e:76:e8:f4:b7:1b:36:
         bf:8f:b6:be:01:46:27:b0:58:b5:d2:db:7d:c2:31:c9:06:e0:
         ed:df:02:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUBed4pXCjLUI7n/SNACfYEBItSMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNjAxMTIyMDUwMzNaFw0yNzAxMTEyMDU1MzNaMDMxMTAvBgNV
BAMTKEZFMDc0QTNEQUI0OTRFM0EyOEFFNzQ3QTU5RTIyQkVGQjdGMTAxMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUl0vTcQA3qNzWs6IBrqBQR7ES
tWLiN3d2iBu6+cJMSfKWJCjuhp2J60+g4JmV7azey7HlBjr5FVIDFw+7x1F231v9
BYZhRNFlfet3R0JhdOM7AHOvp9+e/9oLh+a1rqimQ3uE3Uu0h2SgfGFwAXAOT1JF
rX4rXgeJm7kRRS/hT47saofQKKdHcJ/vk4KZDtb5iHzO1nIKqAYgDUMGWYQGCPzd
Kv9AjX6rW3YcXqcx5+BobD7nRUS7k3HFV2m7WJkg+bMgyp7WX4v7muUcQSk721gq
+p8p8fyw/zP3qyUHemF+PbESRU1IlRXNcmkAj4zBbpRO27eoMB4/jp852NiLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU/gdKPatJTjoornR6WeIr77fxARMwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NDc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwREG
MA0GCSqGSIb3DQEBCwUAA4IBAQCLvKlxGPByWQ6EZ5CQqVuaU414zew8lp1bZNiY
i4LdVOVipsbBin4jHadQky7inaeZOuRdXx4QO22dl3f6+dIGbX11bxd+3w4WWc8a
O1GzT5nEZf70cFFbtoq/4g38wEL2Q26IpFt7YZvEWJm37PX/afXs8ogMPrVqPjR0
z+QkZEC7QJKrud07Jwg4hki9tS0rqZ2Dz8XksklPB7Icwekx4jBGB3kj6kiOIEQR
AWPf21Fl9rb7ajUAOqxPBd24UFGWvC/hvqhI2BlKTAcFroOc6ys3zpIDkRzsTUdn
XCtK5nF/KY526PS3Gza/j7a+AUYnsFi10tt9wjHJBuDt3wLk
-----END CERTIFICATE-----