This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
File:                     AS395374.roa (raw, json)
Hash identifier:          ti5S9bcPVxR9ofISbjjowfY5KmVLhbdwBZL7JTpZDPs=
Subject key identifier:   24:10:80:9A:99:95:F6:B9:FC:70:97:5B:32:AA:CE:99:29:B7:81:47
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       6A96F2226E11895C179C184A305A0A27CBF4111F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
Signing time:             Sat 13 Dec 2025 03:04:04 +0000
ROA not before:           Sat 13 Dec 2025 02:59:04 +0000
ROA not after:            Sat 12 Dec 2026 03:04:04 +0000
asID:                     395374
IP address blocks:        82.22.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:96:f2:22:6e:11:89:5c:17:9c:18:4a:30:5a:0a:27:cb:f4:11:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 13 02:59:04 2025 GMT
            Not After : Dec 12 03:04:04 2026 GMT
        Subject: CN=2410809A9995F6B9FC70975B32AACE9929B78147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1a:d9:f5:01:f9:80:93:87:44:3f:d1:09:80:
                    6d:42:d4:b6:68:57:a9:6d:15:dd:ac:79:a8:b0:7f:
                    d1:a8:9c:84:ab:6c:ba:07:49:f2:f5:79:bc:1f:e6:
                    cc:0b:0b:e5:33:e1:5e:1e:dd:a7:aa:62:76:e3:fd:
                    60:a9:86:aa:8e:5c:fa:19:21:59:f6:5e:30:12:05:
                    15:61:a5:51:e3:c2:9b:80:1b:5d:be:9c:77:30:be:
                    cf:3a:16:e6:57:44:76:61:50:f5:fd:89:51:c5:e8:
                    b4:68:40:1b:50:e0:85:32:75:2d:70:d6:cb:fa:97:
                    2e:b0:6d:38:75:8d:d2:5e:bf:5b:f3:2d:73:6d:08:
                    8a:7e:68:97:50:16:30:af:59:43:c1:47:55:2e:4e:
                    e8:24:c9:f5:42:fe:20:78:67:5f:ed:c9:c2:f1:8a:
                    9d:c5:e4:37:f3:0c:06:e0:27:76:26:d9:b4:98:00:
                    fe:14:70:ac:96:72:5a:d8:62:60:2a:7e:e5:a3:2b:
                    6b:cd:ca:c5:bd:23:63:c3:1a:30:db:7b:5d:90:cf:
                    f0:55:7a:f5:f0:b7:3a:9b:be:80:a9:cb:c0:eb:be:
                    bf:d4:d6:cf:0c:3c:f8:c7:24:8b:93:13:92:8f:ac:
                    90:f3:48:5c:58:d8:64:08:31:6f:18:81:5b:d4:56:
                    55:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:10:80:9A:99:95:F6:B9:FC:70:97:5B:32:AA:CE:99:29:B7:81:47
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:aa:e2:35:aa:d4:e8:7e:ce:7a:23:e5:6b:20:ad:6c:8d:41:
         c3:28:85:5a:83:62:3c:dc:d3:1e:ac:06:d3:9a:ca:2e:be:10:
         a8:9c:e7:79:34:bd:05:46:87:92:2f:21:3a:86:ff:fd:a4:a5:
         1e:7d:e6:ec:d0:1d:f0:6e:dd:08:a0:2a:d8:e1:20:bf:81:5a:
         71:0d:7d:14:f3:dd:a7:09:cc:23:88:78:d7:d7:87:05:c9:3f:
         37:c7:fc:7a:b3:12:68:c4:0f:11:c8:f1:33:32:25:c9:04:3b:
         64:dd:bf:6c:5e:ab:8d:5a:23:75:86:ed:5b:74:4e:b3:40:2c:
         46:37:2d:53:48:a6:13:ec:17:d6:2f:3f:4a:6b:de:e3:7b:69:
         58:cd:70:b8:c9:62:be:89:37:6d:46:fd:64:95:e5:22:2b:96:
         61:47:2b:06:fb:c8:48:4c:5e:d5:e4:71:7e:f7:2c:e7:6c:40:
         8e:fe:8e:a5:b8:1e:7c:26:f0:b1:a7:94:cc:52:0b:76:04:13:
         c6:03:d6:3f:c3:f2:56:7e:69:65:2b:be:b2:3f:db:53:ed:33:
         13:dd:1c:55:c9:66:a2:42:a2:7f:5d:d3:d1:90:4a:5a:00:64:
         51:b4:51:c1:a1:12:13:fb:6a:48:63:e3:e7:04:84:7f:61:ac:
         ff:95:25:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUapbyIm4RiVwXnBhKMFoKJ8v0ER8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMTMwMjU5MDRaFw0yNjEyMTIwMzA0MDRaMDMxMTAvBgNV
BAMTKDI0MTA4MDlBOTk5NUY2QjlGQzcwOTc1QjMyQUFDRTk5MjlCNzgxNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGtn1AfmAk4dEP9EJgG1C1LZo
V6ltFd2seaiwf9GonISrbLoHSfL1ebwf5swLC+Uz4V4e3aeqYnbj/WCphqqOXPoZ
IVn2XjASBRVhpVHjwpuAG12+nHcwvs86FuZXRHZhUPX9iVHF6LRoQBtQ4IUydS1w
1sv6ly6wbTh1jdJev1vzLXNtCIp+aJdQFjCvWUPBR1UuTugkyfVC/iB4Z1/tycLx
ip3F5DfzDAbgJ3Ym2bSYAP4UcKyWclrYYmAqfuWjK2vNysW9I2PDGjDbe12Qz/BV
evXwtzqbvoCpy8Drvr/U1s8MPPjHJIuTE5KPrJDzSFxY2GQIMW8YgVvUVlXXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJBCAmpmV9rn8cJdbMqrOmSm3gUcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhYb
MA0GCSqGSIb3DQEBCwUAA4IBAQBQquI1qtTofs56I+VrIK1sjUHDKIVag2I83NMe
rAbTmsouvhConOd5NL0FRoeSLyE6hv/9pKUefebs0B3wbt0IoCrY4SC/gVpxDX0U
892nCcwjiHjX14cFyT83x/x6sxJoxA8RyPEzMiXJBDtk3b9sXquNWiN1hu1bdE6z
QCxGNy1TSKYT7BfWLz9Ka97je2lYzXC4yWK+iTdtRv1kleUiK5ZhRysG+8hITF7V
5HF+9yznbECO/o6luB58JvCxp5TMUgt2BBPGA9Y/w/JWfmllK76yP9tT7TMT3RxV
yWaiQqJ/XdPRkEpaAGRRtFHBoRIT+2pIY+PnBIR/Yaz/lSWh
-----END CERTIFICATE-----