This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197071.roa
File:                     AS197071.roa (raw, json)
Hash identifier:          tSvWvUiF9BS2aIj+zIUSPSvxOaKjorSi1I2SiyO54kk=
Subject key identifier:   79:49:59:C1:3E:10:2B:E9:71:6F:97:8B:54:0E:FE:7B:0A:35:1E:5E
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       1BFC7B6B4B10B72662A191744BE76C6133C868BC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197071.roa
Signing time:             Fri 05 Dec 2025 10:13:11 +0000
ROA not before:           Fri 05 Dec 2025 10:08:11 +0000
ROA not after:            Fri 04 Dec 2026 10:13:11 +0000
asID:                     197071
IP address blocks:        178.95.15.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Dec 2025 11:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:fc:7b:6b:4b:10:b7:26:62:a1:91:74:4b:e7:6c:61:33:c8:68:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Dec  5 10:08:11 2025 GMT
            Not After : Dec  4 10:13:11 2026 GMT
        Subject: CN=794959C13E102BE9716F978B540EFE7B0A351E5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:67:58:15:c1:01:54:d7:33:ca:fb:ff:35:6a:
                    cd:8f:40:12:59:61:e8:82:0e:8e:d7:0a:10:dc:c0:
                    ef:88:30:2a:1d:27:1b:37:db:cc:12:b7:df:13:51:
                    6f:30:3d:e3:2f:47:4d:d7:77:12:64:09:4b:69:1e:
                    34:e2:4d:9e:9f:4e:69:0b:24:dc:f3:89:9d:7f:e4:
                    a9:cd:33:01:35:f1:8f:4d:11:1d:89:63:38:ab:ca:
                    08:1f:94:77:5f:59:9b:86:90:77:f9:52:bb:22:7a:
                    69:58:2f:fe:fb:72:dc:48:e1:8a:9e:d9:cd:e7:59:
                    57:b3:15:a7:59:33:4a:95:95:bc:44:5c:ae:d0:b9:
                    9e:4e:77:68:7c:ad:ca:84:df:4d:81:35:82:63:94:
                    72:85:d0:29:55:fe:fd:65:a9:1a:fb:d4:00:5c:ef:
                    b9:c7:83:e4:2e:22:2c:2f:95:7c:7f:21:6c:ba:b8:
                    36:fb:d5:ac:2b:55:05:40:38:d2:2c:27:1c:b5:ea:
                    ca:32:31:a5:51:ce:7b:d6:2d:b6:e5:ee:0e:6e:18:
                    8c:1e:d8:db:c5:4d:7c:bc:82:0c:f7:34:e4:73:c2:
                    4a:b2:92:d1:f1:f4:1d:a0:25:d0:d1:c8:44:aa:07:
                    cb:5a:00:ff:95:2d:87:26:5f:8c:8d:5a:e9:c5:24:
                    66:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:49:59:C1:3E:10:2B:E9:71:6F:97:8B:54:0E:FE:7B:0A:35:1E:5E
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197071.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.95.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:3e:df:70:72:64:58:2a:c3:49:27:26:e0:43:e5:98:c7:77:
         85:3a:62:31:3e:9f:37:29:43:6a:30:b7:87:25:66:aa:aa:41:
         7f:cf:b5:37:08:c4:ae:a8:3e:1e:e4:1f:54:d7:e8:68:80:c3:
         9a:cf:60:0e:c7:cb:ec:6b:11:95:91:3d:80:d6:32:31:55:57:
         b0:ae:f1:4d:b2:34:cf:3f:74:f0:30:79:56:41:7b:73:47:f8:
         9e:36:f0:9e:50:c3:c3:57:aa:ba:03:63:1c:6b:43:33:70:1f:
         c9:a7:4f:a2:fe:f6:31:8a:a0:fe:dd:9d:58:0b:eb:2a:8a:64:
         d6:79:f7:30:70:03:f9:85:2b:48:ee:e7:4d:66:2d:96:15:e9:
         e5:4b:34:60:64:31:d1:73:2b:4d:d0:1d:7e:e3:d4:4c:9a:cf:
         58:76:2c:2b:76:b3:4a:07:01:3f:97:f1:89:f2:a1:f8:a5:ff:
         7c:36:df:e7:da:ff:26:42:86:30:ce:8e:1c:a8:39:05:d2:0c:
         cf:1f:b0:e8:6a:28:87:a9:b9:ae:52:7d:3a:34:eb:60:1d:49:
         a7:fb:37:2a:25:fa:f4:b4:f8:5e:6f:9f:c8:56:45:6f:0d:d6:
         ee:0b:c5:3a:3e:d1:6b:ff:e4:7d:1f:03:58:4c:6f:3c:c4:cf:
         64:1c:c9:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUG/x7a0sQtyZioZF0S+dsYTPIaLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEyMDUxMDA4MTFaFw0yNjEyMDQxMDEzMTFaMDMxMTAvBgNV
BAMTKDc5NDk1OUMxM0UxMDJCRTk3MTZGOTc4QjU0MEVGRTdCMEEzNTFFNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZ1gVwQFU1zPK+/81as2PQBJZ
YeiCDo7XChDcwO+IMCodJxs328wSt98TUW8wPeMvR03XdxJkCUtpHjTiTZ6fTmkL
JNzziZ1/5KnNMwE18Y9NER2JYziryggflHdfWZuGkHf5UrsiemlYL/77ctxI4Yqe
2c3nWVezFadZM0qVlbxEXK7QuZ5Od2h8rcqE302BNYJjlHKF0ClV/v1lqRr71ABc
77nHg+QuIiwvlXx/IWy6uDb71awrVQVAONIsJxy16soyMaVRznvWLbbl7g5uGIwe
2NvFTXy8ggz3NORzwkqyktHx9B2gJdDRyESqB8taAP+VLYcmX4yNWunFJGYRAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUeUlZwT4QK+lxb5eLVA7+ewo1Hl4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk3MDcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsl8P
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Pt9wcmRYKsNJJybgQ+WYx3eFOmIxPp83KUNq
MLeHJWaqqkF/z7U3CMSuqD4e5B9U1+hogMOaz2AOx8vsaxGVkT2A1jIxVVewrvFN
sjTPP3TwMHlWQXtzR/ieNvCeUMPDV6q6A2Mca0MzcB/Jp0+i/vYxiqD+3Z1YC+sq
imTWefcwcAP5hStI7udNZi2WFenlSzRgZDHRcytN0B1+49RMms9YdiwrdrNKBwE/
l/GJ8qH4pf98Nt/n2v8mQoYwzo4cqDkF0gzPH7DoaiiHqbmuUn06NOtgHUmn+zcq
Jfr0tPheb5/IVkVvDdbuC8U6PtFr/+R9HwNYTG88xM9kHMlE
-----END CERTIFICATE-----