This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa
File:                     32332e3135332e3233322e302f32342d3234203d3e203539393933.roa (raw, json)
Hash identifier:          Xa94VPXxaKxQavq41HUhZQOU53EjRewYZdqWNPMbOkI=
Subject key identifier:   37:E6:59:4F:06:82:74:0E:1A:67:CA:C0:F2:2A:88:A1:6E:FA:49:98
Certificate issuer:       /CN=4b43c64a680efdc51a00463172b8f5aff945e0733fc49c2e4c
Certificate serial:       28F988E3B2BA17FDA6252B9DD7CAC799362CD21B
Authority key identifier: D7:49:83:C1:FA:BA:0C:C1:56:6F:06:01:AF:E1:14:23:E1:1B:51:71
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b150e98d-80e9-45f6-bc63-6b40a3d59e9c/4b43c64a680efdc51a00463172b8f5aff945e0733fc49c2e4c.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa
Signing time:             Thu 06 Nov 2025 00:05:21 +0000
ROA not before:           Thu 06 Nov 2025 00:00:21 +0000
ROA not after:            Thu 05 Nov 2026 00:05:21 +0000
asID:                     59993
IP address blocks:        23.153.232.0/24 maxlen: 24
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:f9:88:e3:b2:ba:17:fd:a6:25:2b:9d:d7:ca:c7:99:36:2c:d2:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b43c64a680efdc51a00463172b8f5aff945e0733fc49c2e4c
        Validity
            Not Before: Nov  6 00:00:21 2025 GMT
            Not After : Nov  5 00:05:21 2026 GMT
        Subject: CN=37E6594F0682740E1A67CAC0F22A88A16EFA4998
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:85:c2:eb:fe:f0:ee:98:c8:72:38:b0:da:03:
                    68:dc:05:f3:b0:1b:c9:86:20:47:1a:c6:3f:ec:46:
                    6c:98:08:e4:1e:a8:b4:6d:66:10:5c:24:9d:42:35:
                    f6:ff:f1:94:61:32:96:5a:2c:ae:a9:9b:20:10:34:
                    5b:56:94:25:9d:f9:cf:66:5b:cf:cf:59:7a:1b:2b:
                    78:2a:a4:59:10:0c:58:b2:05:d2:93:97:87:f9:85:
                    34:5f:40:c4:a8:60:62:ca:87:73:cf:6f:2b:6a:89:
                    a1:b2:06:75:80:b6:86:e7:00:a8:70:1f:34:6f:14:
                    cd:1b:fb:ef:9d:e6:32:04:8d:f1:f6:ad:54:19:88:
                    c6:5c:9f:26:c3:60:e7:c0:56:98:53:ad:af:ce:f6:
                    8e:de:90:c5:18:91:78:09:3f:9d:b9:7f:c4:56:f0:
                    2b:2e:31:09:ac:08:9e:eb:d2:17:ca:7b:2e:ff:62:
                    d2:e5:6c:1d:1e:a5:fa:53:b8:78:98:de:83:e8:ec:
                    6d:3d:38:8d:b6:29:64:96:c9:1b:2f:dc:c4:9c:64:
                    67:3b:20:e8:8a:dd:aa:9f:6b:29:45:f4:fe:80:50:
                    b7:d1:35:75:2b:7b:2b:cf:9d:29:ba:31:ca:1b:d0:
                    0c:41:d8:78:af:89:0f:79:a2:87:fe:0e:9a:86:a7:
                    c3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E6:59:4F:06:82:74:0E:1A:67:CA:C0:F2:2A:88:A1:6E:FA:49:98
            X509v3 Authority Key Identifier:
                keyid:D7:49:83:C1:FA:BA:0C:C1:56:6F:06:01:AF:E1:14:23:E1:1B:51:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/7/D74983C1FABA0CC1566F0601AFE11423E11B5171.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b150e98d-80e9-45f6-bc63-6b40a3d59e9c/4b43c64a680efdc51a00463172b8f5aff945e0733fc49c2e4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.153.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:63:fe:b1:3f:0e:3f:da:4f:d7:5b:9b:8f:ec:b7:55:1e:f8:
         31:a8:9f:11:2d:f9:bd:1c:c2:1d:69:b5:64:c5:9b:1c:d9:8c:
         85:99:72:d6:7b:67:ba:16:01:45:ba:3d:b8:0c:af:be:bf:7a:
         75:91:a9:00:37:92:9f:73:1b:88:60:47:8e:1a:cf:66:5f:5a:
         d4:38:aa:f9:01:e0:09:ad:69:8e:25:da:94:df:cd:5f:a6:bf:
         88:74:9e:46:8f:01:9e:3e:f1:28:67:8e:8f:5d:7d:6b:ce:36:
         30:6c:01:4b:97:27:f1:e6:26:e5:39:63:2d:71:e2:ea:db:8e:
         44:8e:5a:54:44:dd:3f:8f:24:74:6d:4f:6b:2d:71:4a:3f:6c:
         ce:ae:e2:eb:c8:13:d7:13:10:00:05:35:df:bc:10:1c:22:50:
         b3:d7:c1:7d:8b:da:2d:28:27:ec:47:30:01:97:4b:74:c9:37:
         92:c0:26:b6:2c:8e:52:be:08:24:24:ba:56:58:8d:b5:12:4b:
         c2:8a:25:aa:81:a9:9c:08:93:db:54:1f:b3:e8:ed:4c:ce:eb:
         12:0b:db:01:24:9d:9f:0f:e0:f4:27:1c:99:85:d7:f3:57:d1:
         aa:97:40:db:af:02:b2:31:10:12:d5:06:3c:76:c6:1c:13:53:
         c4:b0:a6:16
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUKPmI47K6F/2mJSud18rHmTYs0hswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNGI0M2M2NGE2ODBlZmRjNTFhMDA0NjMxNzJiOGY1YWZm
OTQ1ZTA3MzNmYzQ5YzJlNGMwHhcNMjUxMTA2MDAwMDIxWhcNMjYxMTA1MDAwNTIx
WjAzMTEwLwYDVQQDEygzN0U2NTk0RjA2ODI3NDBFMUE2N0NBQzBGMjJBODhBMTZF
RkE0OTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIXC6/7w7pjI
cjiw2gNo3AXzsBvJhiBHGsY/7EZsmAjkHqi0bWYQXCSdQjX2//GUYTKWWiyuqZsg
EDRbVpQlnfnPZlvPz1l6Gyt4KqRZEAxYsgXSk5eH+YU0X0DEqGBiyodzz28raomh
sgZ1gLaG5wCocB80bxTNG/vvneYyBI3x9q1UGYjGXJ8mw2DnwFaYU62vzvaO3pDF
GJF4CT+duX/EVvArLjEJrAie69IXynsu/2LS5WwdHqX6U7h4mN6D6OxtPTiNtilk
lskbL9zEnGRnOyDoit2qn2spRfT+gFC30TV1K3srz50pujHKG9AMQdh4r4kPeaKH
/g6ahqfDBQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFDfmWU8GgnQOGmfKwPIqiKFu
+kmYMB8GA1UdIwQYMBaAFNdJg8H6ugzBVm8GAa/hFCPhG1FxMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FlNmVkZWVjLTA4YmEtNGNkZS04OTc5
LTRmYWVhNGIxYmMxMi83L0Q3NDk4M0MxRkFCQTBDQzE1NjZGMDYwMUFGRTExNDIz
RTExQjUxNzEuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2Mt
NGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9iMTUwZTk4ZC04MGU5LTQ1ZjYtYmM2My02
YjQwYTNkNTllOWMvNGI0M2M2NGE2ODBlZmRjNTFhMDA0NjMxNzJiOGY1YWZmOTQ1
ZTA3MzNmYzQ5YzJlNGMuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L2FlNmVkZWVjLTA4YmEtNGNkZS04OTc5LTRmYWVhNGIxYmMxMi83LzMyMzMyZTMx
MzUzMzJlMzIzMzMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzOTM5MzkzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeZ6DANBgkqhkiG9w0BAQsFAAOCAQEAPWP+sT8OP9pP11ubj+y3
VR74MaifES35vRzCHWm1ZMWbHNmMhZly1ntnuhYBRbo9uAyvvr96dZGpADeSn3Mb
iGBHjhrPZl9a1Diq+QHgCa1pjiXalN/NX6a/iHSeRo8Bnj7xKGeOj119a842MGwB
S5cn8eYm5TljLXHi6tuORI5aVETdP48kdG1Pay1xSj9szq7i68gT1xMQAAU137wQ
HCJQs9fBfYvaLSgn7EcwAZdLdMk3ksAmtiyOUr4IJCS6VliNtRJLwoolqoGpnAiT
21Qfs+jtTM7rEgvbASSdnw/g9CccmYXX81fRqpdA268CsjEQEtUGPHbGHBNTxLCm
Fg==
-----END CERTIFICATE-----