This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25198.roa
File:                     AS25198.roa (raw, json)
Hash identifier:          cwXs3/rd22Z4/EzgK/5o4JIaItRqkpH5AIK9mx9LTu8=
Subject key identifier:   55:15:F6:03:FC:AF:A1:B7:19:FC:AD:2A:E0:69:A4:30:DA:CF:D4:4C
Certificate issuer:       /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial:       4EFC6AB28AB595913816DEDD317BC2A1827DE722
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25198.roa
Signing time:             Wed 07 Jan 2026 11:47:20 +0000
ROA not before:           Wed 07 Jan 2026 11:42:20 +0000
ROA not after:            Wed 06 Jan 2027 11:47:20 +0000
asID:                     25198
IP address blocks:        83.171.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 04:21:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:fc:6a:b2:8a:b5:95:91:38:16:de:dd:31:7b:c2:a1:82:7d:e7:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
        Validity
            Not Before: Jan  7 11:42:20 2026 GMT
            Not After : Jan  6 11:47:20 2027 GMT
        Subject: CN=5515F603FCAFA1B719FCAD2AE069A430DACFD44C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7f:0f:6a:40:a0:4f:8f:35:c7:7c:69:f0:5d:
                    15:9b:b4:6f:bd:28:7f:36:cf:a1:26:48:c8:d9:9a:
                    e1:9e:e7:aa:74:95:d0:7c:14:53:3c:a4:43:fd:85:
                    2b:5c:6a:d2:09:48:a1:36:f6:8a:f0:d4:f6:75:0e:
                    72:62:09:87:01:f6:8f:f3:a6:bc:2d:36:4a:36:6c:
                    74:a1:f8:40:14:87:4f:b0:f1:03:21:9d:13:fc:cd:
                    ad:62:5a:42:0b:6a:80:db:cf:5c:b0:17:0f:4d:31:
                    1c:4d:0e:31:bb:20:11:d1:8b:8c:90:9a:56:a8:05:
                    22:5e:ee:95:84:46:55:0d:c4:1a:c4:ef:58:bf:3b:
                    f1:f5:f0:55:5d:30:f5:b2:02:99:81:4c:70:53:39:
                    a0:fa:71:67:96:fd:b8:0f:c7:15:91:40:5c:05:03:
                    a6:87:ef:86:89:07:9e:3f:7b:31:98:6d:69:f7:b9:
                    a5:75:55:ea:43:95:8b:ea:7c:cd:55:d3:0a:47:a1:
                    9b:d3:61:68:02:be:0d:d6:14:94:50:f0:ec:5e:e4:
                    01:6b:53:60:df:5a:41:20:52:47:76:2a:e9:8e:2f:
                    83:b1:9e:1c:9d:e0:ca:41:5e:e7:58:1d:47:55:f9:
                    ac:64:6d:d3:e6:00:03:1f:1f:31:c6:da:d0:32:b8:
                    d4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:15:F6:03:FC:AF:A1:B7:19:FC:AD:2A:E0:69:A4:30:DA:CF:D4:4C
            X509v3 Authority Key Identifier:
                keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS25198.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.171.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:be:0d:c3:24:0d:7b:de:96:58:db:f9:48:7c:83:75:6c:c0:
         3a:32:ea:31:14:08:e1:2e:6b:c3:e4:3f:65:4a:4e:b3:cf:de:
         44:1f:8f:d4:3f:7a:54:50:7f:a0:fb:8a:cd:4a:1a:20:5e:56:
         0d:4d:4a:06:fc:b4:ce:8a:e5:ca:7d:77:1c:b5:ec:0b:e0:92:
         24:8b:fb:c2:4f:7d:b4:d9:75:01:4f:96:59:89:c4:71:2f:74:
         39:b5:f9:90:a6:80:07:a6:72:26:d9:9f:a2:34:5d:86:f4:30:
         ab:3b:66:7b:33:c5:2e:bc:c6:48:6b:55:ec:96:d0:cb:0c:fd:
         95:e7:60:46:74:0f:54:eb:5c:25:19:6c:4d:95:74:11:b6:aa:
         4d:0f:c6:e7:b7:a5:9c:22:2c:e7:5b:f9:43:05:dc:c2:9e:f6:
         62:93:c5:be:8c:7a:ac:6b:a3:26:ec:db:02:3d:be:7e:24:bf:
         a5:82:88:52:8a:f9:c5:aa:3a:02:61:0b:74:57:c4:ad:86:a6:
         d7:8d:b8:d3:83:f0:ca:0d:98:7a:2c:c0:b7:b8:3d:74:c5:81:
         18:b1:ba:e8:ec:2d:a3:fe:fd:7d:f4:59:56:c3:39:dc:10:d0:
         31:03:15:b5:83:11:78:10:d4:56:10:a7:79:7c:4b:f3:82:ec:
         78:53:30:72
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUTvxqsoq1lZE4Ft7dMXvCoYJ95yIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNjAxMDcxMTQyMjBaFw0yNzAxMDYxMTQ3MjBaMDMxMTAvBgNV
BAMTKDU1MTVGNjAzRkNBRkExQjcxOUZDQUQyQUUwNjlBNDMwREFDRkQ0NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSfw9qQKBPjzXHfGnwXRWbtG+9
KH82z6EmSMjZmuGe56p0ldB8FFM8pEP9hStcatIJSKE29orw1PZ1DnJiCYcB9o/z
prwtNko2bHSh+EAUh0+w8QMhnRP8za1iWkILaoDbz1ywFw9NMRxNDjG7IBHRi4yQ
mlaoBSJe7pWERlUNxBrE71i/O/H18FVdMPWyApmBTHBTOaD6cWeW/bgPxxWRQFwF
A6aH74aJB54/ezGYbWn3uaV1VepDlYvqfM1V0wpHoZvTYWgCvg3WFJRQ8Oxe5AFr
U2DfWkEgUkd2KumOL4Oxnhyd4MpBXudYHUdV+axkbdPmAAMfHzHG2tAyuNTXAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUVRX2A/yvobcZ/K0q4GmkMNrP1EwwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABTq/Uw
DQYJKoZIhvcNAQELBQADggEBAC++DcMkDXvelljb+Uh8g3VswDoy6jEUCOEua8Pk
P2VKTrPP3kQfj9Q/elRQf6D7is1KGiBeVg1NSgb8tM6K5cp9dxy17AvgkiSL+8JP
fbTZdQFPllmJxHEvdDm1+ZCmgAemcibZn6I0XYb0MKs7ZnszxS68xkhrVeyW0MsM
/ZXnYEZ0D1TrXCUZbE2VdBG2qk0Pxue3pZwiLOdb+UMF3MKe9mKTxb6Meqxroybs
2wI9vn4kv6WCiFKK+cWqOgJhC3RXxK2GpteNuNOD8MoNmHoswLe4PXTFgRixuujs
LaP+/X30WVbDOdwQ0DEDFbWDEXgQ1FYQp3l8S/OC7HhTMHI=
-----END CERTIFICATE-----
Generated at Sun Jan 25 18:51:50 2026 by rpki-client