This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS152179.roa
File:                     AS152179.roa (raw, json)
Hash identifier:          2MIzyHXCENjxQ5bqQskpxnop2vC9TVMh9bxKR6itZQI=
Subject key identifier:   E1:BF:8D:B6:9B:9D:DE:67:CF:EE:D3:E1:E2:1C:71:0D:9D:73:D8:B8
Certificate issuer:       /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial:       7AD446F3857A1F86ADF3ED0D75E130EFE656DE98
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS152179.roa
Signing time:             Sat 29 Nov 2025 19:51:29 +0000
ROA not before:           Sat 29 Nov 2025 19:46:29 +0000
ROA not after:            Sat 28 Nov 2026 19:51:29 +0000
asID:                     152179
IP address blocks:        193.32.206.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 10:13:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:d4:46:f3:85:7a:1f:86:ad:f3:ed:0d:75:e1:30:ef:e6:56:de:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
        Validity
            Not Before: Nov 29 19:46:29 2025 GMT
            Not After : Nov 28 19:51:29 2026 GMT
        Subject: CN=E1BF8DB69B9DDE67CFEED3E1E21C710D9D73D8B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ea:bf:65:28:19:05:5a:f9:c8:61:90:b6:63:
                    a2:cb:10:53:4f:a4:ae:99:0a:25:e2:7b:14:3c:b2:
                    3e:fc:92:f6:fa:d5:71:f5:3b:aa:96:10:21:2b:f4:
                    4d:b3:d5:8a:c7:d1:c1:3f:92:93:f1:dd:6e:7b:46:
                    d4:b9:d8:c2:45:9b:e8:ce:e4:fe:28:c0:8d:3e:62:
                    a8:2c:f5:78:f4:37:0b:94:aa:ef:3e:42:37:e6:58:
                    2d:c3:9f:90:2e:79:65:dc:26:52:b7:e0:74:c8:1e:
                    c3:15:49:6f:d4:7d:25:9b:01:27:d7:23:88:4c:72:
                    a2:74:01:ee:3b:95:47:64:49:97:db:fc:56:c0:c0:
                    ae:40:20:27:02:68:13:6e:9f:fe:54:4a:52:ee:d0:
                    6f:c9:f4:20:98:0a:aa:31:f5:81:d0:15:7a:eb:b7:
                    b9:00:cc:43:01:7a:da:b4:8a:3d:a3:ae:09:71:73:
                    a6:a4:fa:5e:b7:5e:b7:77:54:81:89:93:ca:78:83:
                    c9:a0:ea:2c:23:60:14:30:aa:23:d3:c5:95:da:49:
                    80:12:ad:9c:b8:07:2d:66:09:12:e3:0e:c1:9b:75:
                    16:46:dd:67:69:bc:cf:68:aa:7b:d1:d6:00:5b:23:
                    da:6d:ab:d7:d9:c7:58:03:3b:dc:b0:f7:9d:29:17:
                    6f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:BF:8D:B6:9B:9D:DE:67:CF:EE:D3:E1:E2:1C:71:0D:9D:73:D8:B8
            X509v3 Authority Key Identifier:
                keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS152179.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:bf:e9:32:f7:db:fc:9a:92:02:2e:a7:a5:4a:55:82:75:f9:
         24:ce:88:98:46:1d:4a:f1:42:36:aa:fa:c9:53:48:05:00:9a:
         c9:ba:65:eb:bb:25:c4:3a:36:70:6c:50:2c:fc:2b:b8:9c:20:
         35:8b:e9:8c:1d:80:59:7f:e4:55:6a:79:82:d6:30:8d:01:7d:
         ee:7b:9a:d4:11:5e:04:0c:b6:65:44:cb:11:f7:4b:95:6e:70:
         f3:b2:96:45:0e:fc:f4:b1:7b:a1:53:d6:7f:64:af:1d:92:fc:
         89:02:1d:ef:71:e4:bc:74:6b:fc:04:71:da:1d:fe:5d:30:e5:
         37:29:75:29:51:30:0f:33:b3:ef:f6:e9:65:e3:20:88:41:b9:
         c7:ed:e4:56:81:58:d1:b7:ae:cf:40:09:96:f9:ee:33:ca:95:
         e1:d8:3b:b3:41:9d:7b:a7:19:26:8e:d1:89:2d:bf:57:53:a3:
         b4:4c:69:fd:49:7a:86:a9:ce:e5:9e:d0:fd:41:55:4c:21:e5:
         a5:8d:c8:2a:90:4a:9e:85:ad:5f:74:be:62:81:70:ba:d6:bf:
         5a:26:aa:6a:6c:74:4e:95:d1:90:d2:24:e1:df:14:f2:69:35:
         75:a9:a7:4c:fd:68:96:56:13:52:c4:84:0c:6e:35:71:ee:5c:
         48:5f:19:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUetRG84V6H4at8+0NdeEw7+ZW3pgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTExMjkxOTQ2MjlaFw0yNjExMjgxOTUxMjlaMDMxMTAvBgNV
BAMTKEUxQkY4REI2OUI5RERFNjdDRkVFRDNFMUUyMUM3MTBEOUQ3M0Q4QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCO6r9lKBkFWvnIYZC2Y6LLEFNP
pK6ZCiXiexQ8sj78kvb61XH1O6qWECEr9E2z1YrH0cE/kpPx3W57RtS52MJFm+jO
5P4owI0+Yqgs9Xj0NwuUqu8+QjfmWC3Dn5AueWXcJlK34HTIHsMVSW/UfSWbASfX
I4hMcqJ0Ae47lUdkSZfb/FbAwK5AICcCaBNun/5USlLu0G/J9CCYCqox9YHQFXrr
t7kAzEMBetq0ij2jrglxc6ak+l63Xrd3VIGJk8p4g8mg6iwjYBQwqiPTxZXaSYAS
rZy4By1mCRLjDsGbdRZG3WdpvM9oqnvR1gBbI9ptq9fZx1gDO9yw950pF28XAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU4b+Ntpud3mfP7tPh4hxxDZ1z2LgwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMTUyMTc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSDO
MA0GCSqGSIb3DQEBCwUAA4IBAQBxv+ky99v8mpICLqelSlWCdfkkzoiYRh1K8UI2
qvrJU0gFAJrJumXruyXEOjZwbFAs/Cu4nCA1i+mMHYBZf+RVanmC1jCNAX3ue5rU
EV4EDLZlRMsR90uVbnDzspZFDvz0sXuhU9Z/ZK8dkvyJAh3vceS8dGv8BHHaHf5d
MOU3KXUpUTAPM7Pv9ull4yCIQbnH7eRWgVjRt67PQAmW+e4zypXh2DuzQZ17pxkm
jtGJLb9XU6O0TGn9SXqGqc7lntD9QVVMIeWljcgqkEqeha1fdL5igXC61r9aJqpq
bHROldGQ0iTh3xTyaTV1qadM/WiWVhNSxIQMbjVx7lxIXxkg
-----END CERTIFICATE-----