This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215152.roa
File:                     AS215152.roa (raw, json)
Hash identifier:          WXDOs45AOoa0yPxQ5jFIHegEghJZ1suwoXABM+WE7Hs=
Subject key identifier:   A3:2E:8D:BF:33:70:38:ED:9C:49:48:ED:AA:46:E7:15:BA:DD:06:0A
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       6B5F27A738DDF1E34F652AB32C55113157C99E46
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215152.roa
Signing time:             Fri 28 Nov 2025 10:41:35 +0000
ROA not before:           Fri 28 Nov 2025 10:36:35 +0000
ROA not after:            Fri 27 Nov 2026 10:41:35 +0000
asID:                     215152
IP address blocks:        91.124.58.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 29 Nov 2025 11:26:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:5f:27:a7:38:dd:f1:e3:4f:65:2a:b3:2c:55:11:31:57:c9:9e:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Nov 28 10:36:35 2025 GMT
            Not After : Nov 27 10:41:35 2026 GMT
        Subject: CN=A32E8DBF337038ED9C4948EDAA46E715BADD060A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b4:9f:a3:0f:b7:ce:6f:27:8e:91:08:66:27:
                    d5:33:ec:92:d0:f5:51:cf:6f:fc:88:79:16:7e:61:
                    ca:8c:c2:87:9d:ba:bb:59:b1:60:d9:ce:70:eb:0e:
                    1e:18:b6:ff:26:44:ef:86:06:62:4c:75:5f:fd:ff:
                    df:c3:ca:94:c8:f2:ed:91:00:6f:73:66:93:b3:00:
                    58:01:08:16:7c:e8:a1:c5:7c:1b:ae:b1:26:12:90:
                    0f:a7:11:ab:c4:00:ba:11:3e:06:54:9d:59:28:6c:
                    8a:ba:b8:58:77:41:84:34:08:60:47:5c:a5:1b:a8:
                    0e:47:16:a3:3e:14:d9:38:ce:29:25:9c:62:8d:4f:
                    1b:1a:3c:84:11:59:07:1a:fc:b1:69:c7:03:14:60:
                    9f:aa:70:2a:84:0f:8b:eb:01:2c:a0:10:66:1b:0f:
                    bf:75:54:8e:89:b1:d1:0c:24:10:c9:ba:66:e2:dd:
                    16:b4:00:4f:38:e3:a4:cc:c2:1b:4e:a5:18:63:6d:
                    e2:cb:69:dd:12:22:4b:2d:30:c8:fc:74:af:be:5b:
                    3a:52:c8:33:2f:88:00:30:76:a0:2e:9b:5c:bc:d8:
                    c9:91:b2:94:f0:76:0f:93:4a:b8:fc:e4:a0:99:58:
                    1d:e1:9f:12:d5:5a:08:1a:39:b8:c6:94:d2:54:6d:
                    9f:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:2E:8D:BF:33:70:38:ED:9C:49:48:ED:AA:46:E7:15:BA:DD:06:0A
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS215152.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.124.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:df:70:81:04:87:e8:d7:d4:8e:cb:1b:91:84:82:a2:a3:5a:
         2a:20:dc:f8:f6:24:40:0a:44:8c:4f:21:43:59:c9:8b:e8:c9:
         25:49:3e:a6:f5:4c:e7:25:df:ce:2e:d2:53:91:c8:1d:38:40:
         de:7a:b3:f2:25:7c:65:4d:bf:3e:ce:eb:f2:e4:36:8a:94:b6:
         fd:7a:77:a1:61:3a:a8:b1:27:0f:d9:c9:a0:eb:91:9e:16:8d:
         78:f3:4a:32:12:dd:e3:e2:3b:4d:c8:03:0f:58:0a:7a:cc:68:
         20:21:d6:7e:c7:2a:cc:68:21:26:4a:7a:d9:90:63:50:1f:d5:
         f6:0f:67:c6:e7:1e:19:2b:9c:d2:a0:81:e7:9d:07:0e:45:aa:
         18:09:37:70:de:e3:41:fe:c0:73:2e:7a:72:63:d2:d6:f8:f7:
         ad:c0:60:71:bb:44:45:65:42:48:ad:94:18:dc:96:f9:a2:42:
         d9:44:f3:bd:a7:0d:69:09:cb:58:9e:ff:06:20:ce:3d:00:6b:
         af:53:48:14:0b:f7:5a:b8:3a:5b:31:b0:a3:39:10:2c:9a:bd:
         d7:74:ea:4a:d5:1d:96:77:1e:da:2d:7f:6c:68:77:0c:64:de:
         da:01:8e:89:af:f1:94:a4:eb:17:bc:69:e0:9f:a2:3e:8f:c4:
         a1:2c:5c:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUa18npzjd8eNPZSqzLFURMVfJnkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTExMjgxMDM2MzVaFw0yNjExMjcxMDQxMzVaMDMxMTAvBgNV
BAMTKEEzMkU4REJGMzM3MDM4RUQ5QzQ5NDhFREFBNDZFNzE1QkFERDA2MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCstJ+jD7fObyeOkQhmJ9Uz7JLQ
9VHPb/yIeRZ+YcqMwoedurtZsWDZznDrDh4Ytv8mRO+GBmJMdV/9/9/DypTI8u2R
AG9zZpOzAFgBCBZ86KHFfBuusSYSkA+nEavEALoRPgZUnVkobIq6uFh3QYQ0CGBH
XKUbqA5HFqM+FNk4ziklnGKNTxsaPIQRWQca/LFpxwMUYJ+qcCqED4vrASygEGYb
D791VI6JsdEMJBDJumbi3Ra0AE8446TMwhtOpRhjbeLLad0SIkstMMj8dK++WzpS
yDMviAAwdqAum1y82MmRspTwdg+TSrj85KCZWB3hnxLVWggaObjGlNJUbZ/3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUoy6NvzNwOO2cSUjtqkbnFbrdBgowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW3w6
MA0GCSqGSIb3DQEBCwUAA4IBAQCA33CBBIfo19SOyxuRhIKio1oqINz49iRACkSM
TyFDWcmL6MklST6m9UznJd/OLtJTkcgdOEDeerPyJXxlTb8+zuvy5DaKlLb9eneh
YTqosScP2cmg65GeFo1480oyEt3j4jtNyAMPWAp6zGggIdZ+xyrMaCEmSnrZkGNQ
H9X2D2fG5x4ZK5zSoIHnnQcORaoYCTdw3uNB/sBzLnpyY9LW+PetwGBxu0RFZUJI
rZQY3Jb5okLZRPO9pw1pCctYnv8GIM49AGuvU0gUC/dauDpbMbCjORAsmr3XdOpK
1R2Wdx7aLX9saHcMZN7aAY6Jr/GUpOsXvGngn6I+j8ShLFwY
-----END CERTIFICATE-----