This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS51847.roa
File:                     AS51847.roa (raw, json)
Hash identifier:          q7UgYZMOWv3vt6qRPFOCNY6imcw13O9tbakOtYD9eds=
Subject key identifier:   ED:15:2B:CA:46:6A:C9:24:D9:E7:0F:4A:56:DA:10:8C:EF:2A:3A:9C
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       0BF0FFEBF7EB50427D55DFEFCE15A412681C93E5
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS51847.roa
Signing time:             Mon 12 Jan 2026 11:55:33 +0000
ROA not before:           Mon 12 Jan 2026 11:50:33 +0000
ROA not after:            Mon 11 Jan 2027 11:55:33 +0000
asID:                     51847
IP address blocks:        141.11.22.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 Jan 2026 14:39:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:f0:ff:eb:f7:eb:50:42:7d:55:df:ef:ce:15:a4:12:68:1c:93:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jan 12 11:50:33 2026 GMT
            Not After : Jan 11 11:55:33 2027 GMT
        Subject: CN=ED152BCA466AC924D9E70F4A56DA108CEF2A3A9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:8d:d6:9d:f6:4b:05:8f:c1:b9:f8:5c:95:f7:
                    cd:81:fb:15:ca:a1:23:01:9d:d0:45:e0:fe:93:b0:
                    3d:a2:40:8f:29:b1:a2:9b:81:39:db:23:cf:52:e3:
                    60:9f:8b:c9:6a:e0:2e:39:2a:15:37:d5:c8:ae:1c:
                    73:cb:72:f7:32:85:ca:90:39:43:0c:c9:8e:63:eb:
                    2b:f2:ef:b5:e5:2c:f5:7f:18:a8:fb:d1:a8:15:58:
                    c2:45:d6:f3:7f:74:dc:27:75:48:cf:6e:14:eb:03:
                    13:6a:dd:0f:12:8d:49:02:b4:89:3e:1d:6a:d7:f8:
                    b9:43:73:29:0a:f4:9e:bc:67:5e:eb:0a:40:b5:39:
                    ea:41:0c:ff:18:dd:a5:db:4c:80:a3:aa:73:c8:e9:
                    f1:41:fa:be:df:bd:66:ed:41:66:27:31:66:16:e9:
                    0f:45:da:50:fe:49:3a:c2:bc:15:e3:da:99:9c:27:
                    7c:dd:ca:43:c4:49:20:57:b5:1e:93:55:ff:f7:74:
                    47:66:80:b9:38:a6:98:b3:fb:d8:eb:9e:f6:5a:39:
                    ab:2d:f0:5d:56:80:a4:c4:14:19:f3:0a:a0:9e:a6:
                    29:18:18:e9:22:fa:78:78:16:b4:ad:ba:94:2a:db:
                    c4:7d:93:55:09:b5:ab:fd:b1:dc:7a:cc:fd:51:aa:
                    58:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:15:2B:CA:46:6A:C9:24:D9:E7:0F:4A:56:DA:10:8C:EF:2A:3A:9C
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS51847.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:27:a2:d5:5a:a3:43:cb:d8:21:29:f7:60:46:16:21:c4:43:
         bb:e1:23:f5:07:7d:eb:b3:0b:cb:f7:99:4d:a9:b6:bf:bf:b3:
         ae:3f:84:cd:27:a1:82:71:aa:45:c8:9e:84:3e:7f:86:ec:2a:
         ba:c7:29:a9:d6:00:2c:97:90:73:46:b2:b7:fd:21:ea:5b:b5:
         79:4b:80:22:7f:01:67:57:db:dd:46:64:fa:aa:36:79:d5:83:
         20:0e:37:1e:e2:27:21:41:e3:ff:6a:74:02:08:6c:13:08:c1:
         94:a0:31:27:d5:4f:16:02:b8:d4:58:6d:83:cd:e3:5c:b5:de:
         46:ca:61:94:5a:89:15:5e:21:9b:73:77:57:8d:3a:44:71:b5:
         5e:d6:f9:71:c2:5c:19:a9:02:b3:93:b0:b0:29:f8:71:40:48:
         18:93:38:27:4e:47:5b:85:1c:0e:63:f7:89:be:a0:e6:07:68:
         ba:0e:5f:25:87:87:bc:54:92:7b:e0:b1:99:4d:14:d1:39:b3:
         44:db:42:95:22:34:0e:d7:59:8f:10:8d:c2:fd:6f:15:0d:2a:
         11:cd:a3:27:cb:eb:0b:4b:ef:2d:d5:02:a7:9f:5e:19:28:48:
         51:72:28:a6:a0:75:57:4d:7a:f8:75:4c:4c:71:ad:6c:54:b6:
         6c:10:8f:55
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUC/D/6/frUEJ9Vd/vzhWkEmgck+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAxMTIxMTUwMzNaFw0yNzAxMTExMTU1MzNaMDMxMTAvBgNV
BAMTKEVEMTUyQkNBNDY2QUM5MjREOUU3MEY0QTU2REExMDhDRUYyQTNBOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdjdad9ksFj8G5+FyV982B+xXK
oSMBndBF4P6TsD2iQI8psaKbgTnbI89S42Cfi8lq4C45KhU31ciuHHPLcvcyhcqQ
OUMMyY5j6yvy77XlLPV/GKj70agVWMJF1vN/dNwndUjPbhTrAxNq3Q8SjUkCtIk+
HWrX+LlDcykK9J68Z17rCkC1OepBDP8Y3aXbTICjqnPI6fFB+r7fvWbtQWYnMWYW
6Q9F2lD+STrCvBXj2pmcJ3zdykPESSBXtR6TVf/3dEdmgLk4ppiz+9jrnvZaOast
8F1WgKTEFBnzCqCepikYGOki+nh4FrStupQq28R9k1UJtav9sdx6zP1RqlgrAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU7RUrykZqySTZ5w9KVtoQjO8qOpwwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNTE4NDcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCxYw
DQYJKoZIhvcNAQELBQADggEBAKgnotVao0PL2CEp92BGFiHEQ7vhI/UHfeuzC8v3
mU2ptr+/s64/hM0noYJxqkXInoQ+f4bsKrrHKanWACyXkHNGsrf9IepbtXlLgCJ/
AWdX291GZPqqNnnVgyAONx7iJyFB4/9qdAIIbBMIwZSgMSfVTxYCuNRYbYPN41y1
3kbKYZRaiRVeIZtzd1eNOkRxtV7W+XHCXBmpArOTsLAp+HFASBiTOCdOR1uFHA5j
94m+oOYHaLoOXyWHh7xUknvgsZlNFNE5s0TbQpUiNA7XWY8QjcL9bxUNKhHNoyfL
6wtL7y3VAqefXhkoSFFyKKagdVdNevh1TExxrWxUtmwQj1U=
-----END CERTIFICATE-----