This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa
File:                     AS24940.roa (raw, json)
Hash identifier:          PH6F+CxLH0LfyN4bazx2sTkWWfv6Z+3gp7u9AvGIXuc=
Subject key identifier:   1D:29:73:CC:96:B2:02:0C:D2:57:42:2B:E4:BF:52:4F:E7:0B:F9:27
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       33BEA34955E860560954691F9CB29735A28F26C3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa
Signing time:             Sun 14 Dec 2025 20:40:32 +0000
ROA not before:           Sun 14 Dec 2025 20:35:32 +0000
ROA not after:            Sun 13 Dec 2026 20:40:32 +0000
asID:                     24940
IP address blocks:        82.39.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 17 Dec 2025 09:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:be:a3:49:55:e8:60:56:09:54:69:1f:9c:b2:97:35:a2:8f:26:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 14 20:35:32 2025 GMT
            Not After : Dec 13 20:40:32 2026 GMT
        Subject: CN=1D2973CC96B2020CD257422BE4BF524FE70BF927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:05:96:c2:54:be:5c:a4:8c:39:23:96:bd:06:
                    51:ac:82:e5:64:df:83:f2:49:24:69:d9:8b:3a:0d:
                    71:67:b9:13:5f:bc:e0:e9:98:39:bd:78:31:10:62:
                    b4:7c:93:04:90:0a:d9:5a:79:bc:28:a7:72:17:a8:
                    fb:1f:61:42:44:59:b7:92:74:d6:81:43:fc:b4:50:
                    fa:f1:30:0c:65:b6:05:f6:4d:c8:78:43:9d:12:36:
                    1c:68:51:12:5a:8d:8d:50:6e:6c:e9:f6:97:57:48:
                    be:ef:fb:a4:96:0d:7b:52:ae:73:c7:57:e0:f5:4d:
                    9f:46:b9:8a:2b:f4:cf:fb:d3:ba:d0:ea:ca:d4:e4:
                    91:50:f7:91:45:ce:73:c3:a6:e2:5e:09:85:e6:80:
                    90:14:ca:3a:d0:c6:29:d7:70:09:2b:b9:a2:6d:65:
                    15:ff:38:a6:bf:52:7a:f9:b5:d8:4e:41:d8:b1:63:
                    d7:3d:0f:c0:04:53:11:0f:5c:91:72:3c:f6:48:5e:
                    e2:15:4d:04:b1:a8:1c:13:0c:e6:82:cb:7d:29:38:
                    3f:e8:7c:96:6c:04:c0:e8:c2:98:3c:f5:71:dc:94:
                    84:36:1f:a4:e9:e8:19:0b:28:52:47:46:bb:1b:7a:
                    57:66:55:97:47:93:91:71:9a:4e:6e:ea:d2:8b:3d:
                    d1:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:29:73:CC:96:B2:02:0C:D2:57:42:2B:E4:BF:52:4F:E7:0B:F9:27
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS24940.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.39.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:b4:cf:9a:da:fb:53:5d:f6:c2:f7:bc:64:97:13:bf:d2:c5:
         fe:68:ca:79:45:d2:33:84:bf:03:93:cd:cc:2e:32:49:6b:db:
         d3:de:84:e2:5e:ba:ab:5b:4b:d0:2d:b9:37:b7:f1:49:96:6c:
         1c:43:c8:e3:fe:c5:31:9d:d3:ee:c5:e6:3d:6e:09:3f:4a:d7:
         00:97:5e:71:16:3b:c0:6f:5c:6a:a6:09:37:a1:9f:f2:a7:22:
         de:89:2c:41:3c:c1:89:b3:b8:5e:ed:b5:79:19:10:95:65:42:
         e3:51:9f:a4:7e:02:0a:9d:9f:e8:9a:58:ac:46:42:6c:36:30:
         81:05:0c:96:ed:01:2e:8d:f4:ac:96:b0:64:ef:02:b0:e3:0d:
         61:c6:c0:a0:37:cb:cd:fa:9d:b0:ce:3d:80:9a:5d:01:b3:fc:
         94:a9:de:53:d6:e0:b7:23:5b:27:4a:e9:3f:7d:43:1c:f1:da:
         35:cd:b5:6d:28:c4:f3:af:34:67:64:51:67:56:42:d7:60:3b:
         ac:69:8f:3c:f8:6d:cd:86:f7:34:03:cd:7a:71:d6:2e:47:4f:
         9a:af:6e:43:51:73:fb:c4:6b:84:8e:f9:be:8a:48:5f:66:0b:
         d8:91:80:95:61:91:22:d8:93:dc:c7:26:f5:81:a5:1c:c6:55:
         dd:76:25:e8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUM76jSVXoYFYJVGkfnLKXNaKPJsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMTQyMDM1MzJaFw0yNjEyMTMyMDQwMzJaMDMxMTAvBgNV
BAMTKDFEMjk3M0NDOTZCMjAyMENEMjU3NDIyQkU0QkY1MjRGRTcwQkY5MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZBZbCVL5cpIw5I5a9BlGsguVk
34PySSRp2Ys6DXFnuRNfvODpmDm9eDEQYrR8kwSQCtlaebwop3IXqPsfYUJEWbeS
dNaBQ/y0UPrxMAxltgX2Tch4Q50SNhxoURJajY1Qbmzp9pdXSL7v+6SWDXtSrnPH
V+D1TZ9GuYor9M/707rQ6srU5JFQ95FFznPDpuJeCYXmgJAUyjrQxinXcAkruaJt
ZRX/OKa/Unr5tdhOQdixY9c9D8AEUxEPXJFyPPZIXuIVTQSxqBwTDOaCy30pOD/o
fJZsBMDowpg89XHclIQ2H6Tp6BkLKFJHRrsbeldmVZdHk5Fxmk5u6tKLPdHzAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUHSlzzJayAgzSV0Ir5L9ST+cL+ScwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjQ5NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSJ68w
DQYJKoZIhvcNAQELBQADggEBAHC0z5ra+1Nd9sL3vGSXE7/Sxf5oynlF0jOEvwOT
zcwuMklr29PehOJeuqtbS9AtuTe38UmWbBxDyOP+xTGd0+7F5j1uCT9K1wCXXnEW
O8BvXGqmCTehn/KnIt6JLEE8wYmzuF7ttXkZEJVlQuNRn6R+Agqdn+iaWKxGQmw2
MIEFDJbtAS6N9KyWsGTvArDjDWHGwKA3y836nbDOPYCaXQGz/JSp3lPW4LcjWydK
6T99Qxzx2jXNtW0oxPOvNGdkUWdWQtdgO6xpjzz4bc2G9zQDzXpx1i5HT5qvbkNR
c/vEa4SO+b6KSF9mC9iRgJVhkSLYk9zHJvWBpRzGVd12Jeg=
-----END CERTIFICATE-----