This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa
File:                     AS213734.roa (raw, json)
Hash identifier:          QzJxkqtRk23D//gr/OrJXoYN+K7DQe1c8cUNfH2o4Fo=
Subject key identifier:   05:01:08:0C:E0:CC:FE:DB:4E:D3:AD:C1:7B:D6:40:3B:76:D5:C9:E6
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       0B69E1980724888B16078B85515A86C28439F369
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa
Signing time:             Thu 22 Jan 2026 06:14:22 +0000
ROA not before:           Thu 22 Jan 2026 06:09:22 +0000
ROA not after:            Thu 21 Jan 2027 06:14:22 +0000
asID:                     213734
IP address blocks:        82.22.54.0/24 maxlen: 24
                          82.22.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:69:e1:98:07:24:88:8b:16:07:8b:85:51:5a:86:c2:84:39:f3:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan 22 06:09:22 2026 GMT
            Not After : Jan 21 06:14:22 2027 GMT
        Subject: CN=0501080CE0CCFEDB4ED3ADC17BD6403B76D5C9E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0f:12:45:30:a2:06:aa:d4:61:dd:4f:7b:d0:
                    73:f3:c3:d8:6c:29:d4:72:1a:48:2c:fc:5c:b1:0a:
                    e4:2b:96:e7:88:9b:e5:46:e5:36:57:f6:56:b4:48:
                    3c:a6:9b:a6:9c:c9:51:85:88:13:f5:ed:82:50:ed:
                    3a:a3:d2:33:33:29:ea:d1:dd:48:46:01:82:c3:90:
                    98:89:91:67:43:e1:5b:d6:e1:4f:23:ab:a9:f5:4f:
                    19:82:5b:35:be:58:4b:9f:b1:e7:cd:8e:2d:14:80:
                    0e:ba:b8:ec:42:e1:a8:b3:c1:56:10:a2:d0:81:ce:
                    25:95:92:6d:fb:6f:ab:56:93:e2:26:57:1c:b2:e5:
                    65:87:d3:00:e6:ab:58:44:7d:37:87:9a:12:cd:2b:
                    53:6a:96:d3:34:e5:82:5d:84:ce:3d:63:13:ca:69:
                    f1:d5:1b:78:6c:af:a4:ee:5a:b8:82:21:91:a4:16:
                    ed:cd:54:ee:9c:63:59:c8:c4:a6:6e:df:f6:46:f2:
                    2c:e7:b0:06:87:05:e9:a0:02:81:99:41:df:db:d3:
                    2a:11:85:af:a1:6f:29:9e:5d:b4:26:fb:b0:71:b5:
                    ce:27:2c:f8:d2:34:58:83:4b:dd:5c:54:1b:28:db:
                    5d:36:66:a5:26:88:be:12:7a:b2:06:39:7b:fb:5b:
                    1a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:01:08:0C:E0:CC:FE:DB:4E:D3:AD:C1:7B:D6:40:3B:76:D5:C9:E6
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.54.0/24
                  82.22.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:65:18:61:e6:36:76:42:dd:cf:47:2e:b0:90:ae:02:52:a7:
         94:4b:66:8b:44:65:66:a2:6d:3d:d8:bb:f1:63:9c:3e:5e:a4:
         f1:ee:1e:f9:df:74:db:19:5c:47:a7:6f:85:a5:20:c5:c9:d6:
         19:08:a1:8e:a6:9e:f0:cc:87:ab:15:50:2a:32:42:43:d2:b2:
         27:fd:96:0c:67:cc:b4:f4:d0:fe:61:b9:7c:d0:51:d0:ee:1a:
         20:0a:69:cb:12:a5:1c:0d:f3:43:34:27:d8:ea:b3:ff:37:09:
         1b:91:8e:d0:a7:ac:77:15:04:ac:5b:22:e4:5b:0a:e0:7b:69:
         ae:3b:a7:ab:25:a0:8f:6c:59:11:68:e8:22:9b:4a:71:56:f2:
         69:d3:3b:00:8e:49:5a:9b:a2:57:5b:37:e4:ab:5a:d5:8f:4c:
         27:ec:28:b9:ce:3c:53:b4:3f:db:f2:a6:d3:ff:85:36:77:1b:
         c1:77:36:64:44:72:0a:5e:52:bb:8d:d9:49:ee:46:24:f4:e6:
         34:88:84:c1:57:98:5e:0a:6d:65:86:9a:e9:c6:9d:aa:2c:c2:
         31:56:50:3d:13:50:ae:04:5f:17:77:d3:41:29:e1:ad:9f:3c:
         97:7a:b6:ea:7a:c8:f7:b1:c6:95:df:13:98:a3:c6:48:8d:bd:
         42:f5:36:3f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUC2nhmAckiIsWB4uFUVqGwoQ582kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMjIwNjA5MjJaFw0yNzAxMjEwNjE0MjJaMDMxMTAvBgNV
BAMTKDA1MDEwODBDRTBDQ0ZFREI0RUQzQURDMTdCRDY0MDNCNzZENUM5RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsDxJFMKIGqtRh3U970HPzw9hs
KdRyGkgs/FyxCuQrlueIm+VG5TZX9la0SDymm6acyVGFiBP17YJQ7Tqj0jMzKerR
3UhGAYLDkJiJkWdD4VvW4U8jq6n1TxmCWzW+WEufsefNji0UgA66uOxC4aizwVYQ
otCBziWVkm37b6tWk+ImVxyy5WWH0wDmq1hEfTeHmhLNK1NqltM05YJdhM49YxPK
afHVG3hsr6TuWriCIZGkFu3NVO6cY1nIxKZu3/ZG8iznsAaHBemgAoGZQd/b0yoR
ha+hbymeXbQm+7Bxtc4nLPjSNFiDS91cVBso2102ZqUmiL4SerIGOXv7WxolAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUBQEIDODM/ttO063Be9ZAO3bVyeYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhY2
AwQAUhbNMA0GCSqGSIb3DQEBCwUAA4IBAQAKZRhh5jZ2Qt3PRy6wkK4CUqeUS2aL
RGVmom092LvxY5w+XqTx7h7533TbGVxHp2+FpSDFydYZCKGOpp7wzIerFVAqMkJD
0rIn/ZYMZ8y09ND+Ybl80FHQ7hogCmnLEqUcDfNDNCfY6rP/NwkbkY7Qp6x3FQSs
WyLkWwrge2muO6erJaCPbFkRaOgim0pxVvJp0zsAjklam6JXWzfkq1rVj0wn7Ci5
zjxTtD/b8qbT/4U2dxvBdzZkRHIKXlK7jdlJ7kYk9OY0iITBV5heCm1lhprpxp2q
LMIxVlA9E1CuBF8Xd9NBKeGtnzyXerbqesj3scaV3xOYo8ZIjb1C9TY/
-----END CERTIFICATE-----