This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa
File:                     AS34927.roa (raw, json)
Hash identifier:          PjIIzn0S8/KvxJ6ZQM6gXkhz7uevrz2KeN9KBoaxNOE=
Subject key identifier:   15:4D:50:2F:26:2D:94:71:D9:01:06:2C:CB:15:6E:40:C8:A8:5E:F4
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5C12A11358964CDAE667115909683CF6BB907E9A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa
Signing time:             Wed 26 Nov 2025 00:03:13 +0000
ROA not before:           Tue 25 Nov 2025 23:58:13 +0000
ROA not after:            Wed 25 Nov 2026 00:03:13 +0000
asID:                     34927
IP address blocks:        82.38.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 05:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:12:a1:13:58:96:4c:da:e6:67:11:59:09:68:3c:f6:bb:90:7e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Nov 25 23:58:13 2025 GMT
            Not After : Nov 25 00:03:13 2026 GMT
        Subject: CN=154D502F262D9471D901062CCB156E40C8A85EF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:75:fa:ec:ba:c2:91:cb:19:12:da:20:94:25:
                    3e:f9:62:3c:59:6b:05:73:ce:7a:a5:53:43:d7:c3:
                    f5:6d:9b:97:81:53:50:6f:15:6c:e4:b2:b1:4b:a3:
                    09:85:1b:82:56:00:fd:c8:64:d9:14:10:e1:23:9f:
                    cc:58:c5:4a:1d:d1:1c:50:b0:e5:b0:f7:48:f0:5d:
                    7d:b2:3b:4b:84:44:ee:3f:e3:19:d4:0f:57:68:25:
                    a9:28:30:c2:db:93:c2:78:94:63:f5:3b:97:a6:7e:
                    ae:73:47:7e:26:2a:f9:cd:9a:b3:3f:37:50:1f:3c:
                    10:16:d0:1a:04:ca:f3:35:5c:8b:4e:92:14:e9:9b:
                    49:71:43:ff:fd:6f:b7:df:17:5b:e1:ef:c7:c6:b6:
                    20:6a:bb:29:d5:ac:54:75:75:7f:8a:67:24:63:d8:
                    51:80:55:15:a9:ab:ee:e9:64:14:11:e7:2f:ab:63:
                    71:99:e8:1c:60:8f:17:c4:a2:33:35:92:ff:7a:c3:
                    10:54:2b:b3:5a:bb:5e:1e:b8:f1:bb:ac:50:5c:ef:
                    0e:4c:7f:fa:db:bc:f2:aa:35:fc:ad:e0:ff:fb:c3:
                    3e:d6:63:01:25:0b:f7:54:06:58:5d:f1:df:3d:99:
                    03:a9:fc:96:c3:68:9b:f2:3d:59:f6:7e:93:ca:3e:
                    21:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:4D:50:2F:26:2D:94:71:D9:01:06:2C:CB:15:6E:40:C8:A8:5E:F4
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.38.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:4a:fd:24:f2:8e:a2:26:f5:e5:db:2b:ea:e7:ea:d9:f6:74:
         8e:df:c8:c3:3e:d0:e9:dd:ff:cf:92:20:4a:f9:1a:37:c7:17:
         11:7c:d6:c5:7f:b5:90:7a:6e:d8:e1:57:c7:d5:ce:ad:1e:23:
         d9:1e:58:c8:81:0e:79:09:2b:a8:f7:d3:b4:40:ae:2c:ed:02:
         28:ba:76:63:67:82:99:1b:16:74:47:1f:f5:4c:b9:20:fc:94:
         2c:d8:bb:cc:92:c0:aa:29:4e:e5:ee:51:05:a5:28:40:b7:0f:
         35:4c:be:32:91:02:5f:79:e3:47:a6:29:d2:37:c6:c8:84:bc:
         63:45:5c:06:a2:41:a6:a1:bb:fc:88:47:c3:38:cd:62:24:e8:
         f0:ad:bd:ca:c3:6b:9d:39:2a:2a:60:a3:fa:8c:f4:7e:3f:0a:
         c7:ef:b0:e1:60:c6:8e:6c:d9:35:94:fb:50:c8:20:b7:54:9c:
         03:ee:51:7b:1d:ce:07:10:4d:99:e6:0c:71:cf:c9:7b:86:24:
         4e:f2:26:2f:b8:bc:1f:8d:0d:93:c8:11:ca:96:fa:1b:c3:4d:
         8f:fb:73:6a:e0:be:63:81:45:8d:51:2c:4d:2d:8b:95:c4:a5:
         5f:78:c7:02:eb:27:6d:2b:fd:47:bf:e2:86:37:0c:7f:07:e4:
         3c:e6:e6:9c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUXBKhE1iWTNrmZxFZCWg89ruQfpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMjUyMzU4MTNaFw0yNjExMjUwMDAzMTNaMDMxMTAvBgNV
BAMTKDE1NEQ1MDJGMjYyRDk0NzFEOTAxMDYyQ0NCMTU2RTQwQzhBODVFRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7dfrsusKRyxkS2iCUJT75YjxZ
awVzznqlU0PXw/Vtm5eBU1BvFWzksrFLowmFG4JWAP3IZNkUEOEjn8xYxUod0RxQ
sOWw90jwXX2yO0uERO4/4xnUD1doJakoMMLbk8J4lGP1O5emfq5zR34mKvnNmrM/
N1AfPBAW0BoEyvM1XItOkhTpm0lxQ//9b7ffF1vh78fGtiBquynVrFR1dX+KZyRj
2FGAVRWpq+7pZBQR5y+rY3GZ6BxgjxfEojM1kv96wxBUK7Nau14euPG7rFBc7w5M
f/rbvPKqNfyt4P/7wz7WYwElC/dUBlhd8d89mQOp/JbDaJvyPVn2fpPKPiEFAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUFU1QLyYtlHHZAQYsyxVuQMioXvQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzQ5Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSJmEw
DQYJKoZIhvcNAQELBQADggEBAItK/STyjqIm9eXbK+rn6tn2dI7fyMM+0Ond/8+S
IEr5GjfHFxF81sV/tZB6btjhV8fVzq0eI9keWMiBDnkJK6j307RAriztAii6dmNn
gpkbFnRHH/VMuSD8lCzYu8ySwKopTuXuUQWlKEC3DzVMvjKRAl9540emKdI3xsiE
vGNFXAaiQaahu/yIR8M4zWIk6PCtvcrDa505Kipgo/qM9H4/CsfvsOFgxo5s2TWU
+1DIILdUnAPuUXsdzgcQTZnmDHHPyXuGJE7yJi+4vB+NDZPIEcqW+hvDTY/7c2rg
vmOBRY1RLE0ti5XEpV94xwLrJ20r/Ue/4oY3DH8H5Dzm5pw=
-----END CERTIFICATE-----