This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9318.roa
File:                     AS9318.roa (raw, json)
Hash identifier:          Jqc171D+lVDozJBhussisEweW3njtLlpKSl7y2/K7E4=
Subject key identifier:   39:18:51:16:4E:F1:5B:F4:94:E5:AB:6C:AC:B3:DD:F7:E3:2E:CA:85
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       22299386D489D7BE9D065E75F943617DA5A1031D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9318.roa
Signing time:             Thu 04 Dec 2025 03:08:58 +0000
ROA not before:           Thu 04 Dec 2025 03:03:58 +0000
ROA not after:            Thu 03 Dec 2026 03:08:58 +0000
asID:                     9318
IP address blocks:        178.93.217.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Dec 2025 16:30:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:29:93:86:d4:89:d7:be:9d:06:5e:75:f9:43:61:7d:a5:a1:03:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Dec  4 03:03:58 2025 GMT
            Not After : Dec  3 03:08:58 2026 GMT
        Subject: CN=391851164EF15BF494E5AB6CACB3DDF7E32ECA85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1e:af:79:af:1a:9e:1f:87:eb:cc:2f:2e:e1:
                    4b:23:5e:95:4a:7d:b7:90:0f:49:9b:7a:a3:92:0c:
                    bb:f8:5c:9f:c4:03:58:d9:cf:c2:6e:ec:be:4b:ff:
                    7d:f7:23:48:8d:41:37:6f:58:8b:13:97:22:c4:1f:
                    9d:27:48:6e:1c:e9:ee:d6:b4:2a:08:85:6c:b0:6b:
                    76:fe:a7:ea:d7:81:a4:15:e4:7a:a0:3b:88:50:cd:
                    9b:23:c8:14:ee:60:11:a4:fe:08:21:a6:a1:89:37:
                    05:2f:84:22:b3:b7:30:1f:71:94:39:f2:c9:0b:67:
                    01:d5:60:da:7d:50:77:48:98:91:88:79:40:f6:ac:
                    8a:4c:c0:fa:87:5b:7e:69:f9:1f:d1:4e:c7:67:ed:
                    f0:cb:be:bc:98:1e:61:4c:09:be:e5:a4:aa:75:ef:
                    60:c1:cd:58:c8:ec:92:fa:c1:f4:13:5b:eb:b6:1e:
                    77:13:11:14:18:02:7b:5b:b3:ce:4a:fa:58:2b:fb:
                    52:1e:e6:63:51:b4:e5:04:e8:48:ff:c4:f1:8f:db:
                    cc:57:68:d7:45:c7:bc:71:cc:e0:06:3b:7b:19:1d:
                    b5:56:8a:9e:58:11:f8:5c:79:b4:24:dc:79:64:23:
                    b4:0b:81:a9:59:f5:09:8c:5d:99:f7:61:64:a4:d0:
                    c8:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:18:51:16:4E:F1:5B:F4:94:E5:AB:6C:AC:B3:DD:F7:E3:2E:CA:85
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9318.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.93.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:3f:da:b9:66:bf:f2:77:5f:c7:fb:c9:34:d7:f6:c4:b4:ed:
         fc:e1:60:31:a5:fd:16:6f:51:b7:7f:a6:75:5f:52:3b:b3:ed:
         71:b6:5d:91:b1:d0:d5:09:eb:4d:51:36:69:92:b9:cd:bc:02:
         08:17:65:0f:ba:9e:44:80:4d:e7:0e:e1:a9:90:55:3d:d8:2a:
         68:96:17:6c:d4:41:1b:32:bc:31:ca:fe:97:fa:a3:08:9c:2b:
         e8:0f:c6:ad:6a:58:a0:23:49:91:17:da:14:7e:71:f3:b1:fe:
         be:f6:5f:94:8e:e3:49:6c:b4:51:a6:e4:95:5d:c0:f1:03:ff:
         aa:65:82:42:6b:42:1d:73:2e:ee:26:22:35:fc:48:3a:1a:22:
         92:00:eb:69:f1:6e:3b:57:51:6a:89:db:04:98:6e:58:5e:9f:
         85:a8:21:b9:9a:bb:d4:e1:b3:b0:cf:c0:e8:be:c4:55:e5:53:
         a6:fb:1c:93:7b:e2:85:84:e0:27:0d:1b:97:fa:98:16:df:7f:
         a8:2a:84:5b:e5:1a:8b:57:9c:b6:21:62:9f:a5:28:46:d2:81:
         2e:a8:4c:c1:3a:15:2f:5f:bf:29:df:03:42:f2:1b:a0:fb:2a:
         a0:ed:f1:d8:c7:a1:05:78:63:0d:86:03:bf:e8:7d:a3:7b:d4:
         42:cb:e8:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUIimThtSJ176dBl51+UNhfaWhAx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEyMDQwMzAzNThaFw0yNjEyMDMwMzA4NThaMDMxMTAvBgNV
BAMTKDM5MTg1MTE2NEVGMTVCRjQ5NEU1QUI2Q0FDQjNEREY3RTMyRUNBODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTHq95rxqeH4frzC8u4UsjXpVK
fbeQD0mbeqOSDLv4XJ/EA1jZz8Ju7L5L/333I0iNQTdvWIsTlyLEH50nSG4c6e7W
tCoIhWywa3b+p+rXgaQV5HqgO4hQzZsjyBTuYBGk/gghpqGJNwUvhCKztzAfcZQ5
8skLZwHVYNp9UHdImJGIeUD2rIpMwPqHW35p+R/RTsdn7fDLvryYHmFMCb7lpKp1
72DBzVjI7JL6wfQTW+u2HncTERQYAntbs85K+lgr+1Ie5mNRtOUE6Ej/xPGP28xX
aNdFx7xxzOAGO3sZHbVWip5YEfhcebQk3HlkI7QLgalZ9QmMXZn3YWSk0Mi3AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUORhRFk7xW/SU5atsrLPd9+MuyoUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTMxOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALJd2TAN
BgkqhkiG9w0BAQsFAAOCAQEAHD/auWa/8ndfx/vJNNf2xLTt/OFgMaX9Fm9Rt3+m
dV9SO7PtcbZdkbHQ1QnrTVE2aZK5zbwCCBdlD7qeRIBN5w7hqZBVPdgqaJYXbNRB
GzK8Mcr+l/qjCJwr6A/GrWpYoCNJkRfaFH5x87H+vvZflI7jSWy0UabklV3A8QP/
qmWCQmtCHXMu7iYiNfxIOhoikgDrafFuO1dRaonbBJhuWF6fhaghuZq71OGzsM/A
6L7EVeVTpvsck3vihYTgJw0bl/qYFt9/qCqEW+Uai1ectiFin6UoRtKBLqhMwToV
L1+/Kd8DQvIboPsqoO3x2MehBXhjDYYDv+h9o3vUQsvo3w==
-----END CERTIFICATE-----