This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215459.roa
File:                     AS215459.roa (raw, json)
Hash identifier:          rKwG/B9hNSRcV0JhaaewrEYEcmE2cUWC8wE+uHouQwQ=
Subject key identifier:   70:F6:60:A2:AF:E8:00:87:87:E3:66:68:C6:06:BA:9A:A2:E8:25:05
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       1124EBC8CC1415FC631855F130EEFAD9E237162C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215459.roa
Signing time:             Wed 21 Jan 2026 06:39:31 +0000
ROA not before:           Wed 21 Jan 2026 06:34:31 +0000
ROA not after:            Wed 20 Jan 2027 06:39:31 +0000
asID:                     215459
IP address blocks:        2a13:9500:12a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:24:eb:c8:cc:14:15:fc:63:18:55:f1:30:ee:fa:d9:e2:37:16:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jan 21 06:34:31 2026 GMT
            Not After : Jan 20 06:39:31 2027 GMT
        Subject: CN=70F660A2AFE8008787E36668C606BA9AA2E82505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:86:76:4d:5c:01:b3:2b:e7:b0:88:66:99:cb:
                    f6:31:2e:e5:84:54:2b:dc:a3:50:98:b9:c8:46:c3:
                    fc:5f:a8:fa:05:20:08:3d:80:13:09:32:c2:9d:d6:
                    10:0a:ac:75:39:45:d3:14:51:78:8b:61:14:49:17:
                    65:d3:fd:d2:b5:94:1f:ab:46:19:a4:33:3e:93:ee:
                    b0:a6:7b:5b:d1:ca:c7:e8:46:e9:15:9e:76:0b:5a:
                    24:f2:ee:67:7e:96:6a:94:80:83:6c:23:bf:06:fb:
                    d2:6c:16:7f:e4:c8:c5:6e:1c:ea:d0:12:50:89:af:
                    c5:f1:13:6a:9c:3c:26:09:a9:53:bb:13:5d:c2:13:
                    b0:8d:d7:a6:88:47:47:65:a4:0e:2f:cc:9c:20:9a:
                    02:43:62:7c:55:c8:ba:ae:38:64:ef:57:eb:20:52:
                    d3:11:fe:3d:b3:aa:ef:dc:83:f8:ba:28:8b:ba:04:
                    63:ac:78:61:20:9d:3c:40:aa:a6:04:87:dc:92:30:
                    a6:48:51:d0:82:8e:f4:3f:14:e6:ff:a8:d5:03:bf:
                    42:71:89:fc:69:1e:e1:e3:21:05:c3:2a:56:39:3d:
                    66:6c:ba:1f:17:5c:0f:2d:0c:b7:b2:05:1f:77:11:
                    36:0f:ef:6f:79:a3:37:c7:46:f5:4e:cc:03:e4:8e:
                    8f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:F6:60:A2:AF:E8:00:87:87:E3:66:68:C6:06:BA:9A:A2:E8:25:05
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS215459.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:12a::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:ae:ec:83:b6:cf:f0:cf:99:54:29:8a:58:11:95:fb:c2:d7:
         e2:36:cb:d6:31:b9:b4:2f:0f:64:9f:fd:5b:dd:64:93:05:91:
         ce:72:bd:6b:5c:e8:8e:df:eb:fd:84:57:bc:d7:f7:1c:df:e0:
         43:8a:92:19:a6:ca:76:4d:93:8e:e0:63:a1:4b:0a:93:a8:98:
         b7:d2:b3:05:9f:80:0d:0c:3c:72:0d:f1:bf:12:75:fc:24:1b:
         57:9b:dd:9d:1e:03:53:c2:a0:0b:50:b0:5a:ce:60:cd:a4:87:
         c6:af:84:7e:cf:c2:77:77:63:ef:0a:50:ee:9c:2d:47:f6:5d:
         d9:86:8f:3a:e1:1d:34:8f:78:ce:97:8e:b6:5a:42:be:e6:15:
         12:db:6c:78:70:56:8d:d4:73:56:7f:e8:2a:76:0b:e6:89:a9:
         de:5d:69:bb:68:50:b5:fb:e5:96:62:64:32:37:e5:de:31:a7:
         a7:f6:ac:e9:f7:82:18:53:5d:bf:cc:6f:d1:c6:31:73:d1:ce:
         ce:0f:e1:0e:70:fe:c7:ec:95:6f:45:c4:d5:6d:0a:c7:d8:ff:
         e1:4d:b5:67:bf:24:93:ba:ce:d8:9a:d7:49:67:68:17:3e:db:
         b0:4a:69:b0:ea:ce:bb:15:60:b8:8c:35:ca:84:29:24:b3:6b:
         da:c0:c7:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUESTryMwUFfxjGFXxMO762eI3FiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAxMjEwNjM0MzFaFw0yNzAxMjAwNjM5MzFaMDMxMTAvBgNV
BAMTKDcwRjY2MEEyQUZFODAwODc4N0UzNjY2OEM2MDZCQTlBQTJFODI1MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCshnZNXAGzK+ewiGaZy/YxLuWE
VCvco1CYuchGw/xfqPoFIAg9gBMJMsKd1hAKrHU5RdMUUXiLYRRJF2XT/dK1lB+r
RhmkMz6T7rCme1vRysfoRukVnnYLWiTy7md+lmqUgINsI78G+9JsFn/kyMVuHOrQ
ElCJr8XxE2qcPCYJqVO7E13CE7CN16aIR0dlpA4vzJwgmgJDYnxVyLquOGTvV+sg
UtMR/j2zqu/cg/i6KIu6BGOseGEgnTxAqqYEh9ySMKZIUdCCjvQ/FOb/qNUDv0Jx
ifxpHuHjIQXDKlY5PWZsuh8XXA8tDLeyBR93ETYP7295ozfHRvVOzAPkjo/7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUcPZgoq/oAIeH42Zoxga6mqLoJQUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE1NDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAEqMA0GCSqGSIb3DQEBCwUAA4IBAQCRruyDts/wz5lUKYpYEZX7wtfiNsvWMbm0
Lw9kn/1b3WSTBZHOcr1rXOiO3+v9hFe81/cc3+BDipIZpsp2TZOO4GOhSwqTqJi3
0rMFn4ANDDxyDfG/EnX8JBtXm92dHgNTwqALULBazmDNpIfGr4R+z8J3d2PvClDu
nC1H9l3Zho864R00j3jOl462WkK+5hUS22x4cFaN1HNWf+gqdgvmianeXWm7aFC1
++WWYmQyN+XeMaen9qzp94IYU12/zG/RxjFz0c7OD+EOcP7H7JVvRcTVbQrH2P/h
TbVnvySTus7YmtdJZ2gXPtuwSmmw6s67FWC4jDXKhCkks2vawMdT
-----END CERTIFICATE-----