This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS401322.roa
File:                     AS401322.roa (raw, json)
Hash identifier:          7+7WBh1RgzKQ32cew1LY3sPob+6Gl98/F648pDlQtYg=
Subject key identifier:   88:F5:82:E9:53:E5:F1:74:7E:F6:56:83:8A:62:5C:BE:71:B3:5A:34
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       2931CCE7332AF825C193823759FAC99DDAC65454
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS401322.roa
Signing time:             Sat 24 Jan 2026 13:17:35 +0000
ROA not before:           Sat 24 Jan 2026 13:12:35 +0000
ROA not after:            Sat 23 Jan 2027 13:17:35 +0000
asID:                     401322
IP address blocks:        194.60.90.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:31:cc:e7:33:2a:f8:25:c1:93:82:37:59:fa:c9:9d:da:c6:54:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jan 24 13:12:35 2026 GMT
            Not After : Jan 23 13:17:35 2027 GMT
        Subject: CN=88F582E953E5F1747EF656838A625CBE71B35A34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0c:c6:aa:8e:df:41:11:e7:d4:33:75:6a:d9:
                    e5:93:d5:6a:6c:6a:dc:72:27:c8:db:4f:18:14:03:
                    0a:6d:c6:43:0a:00:06:75:3c:7c:2a:4a:a3:50:de:
                    fd:f0:31:eb:5b:55:4d:1f:eb:7f:b4:c9:a5:04:d6:
                    37:c5:b9:9d:e4:30:cb:8c:c2:bb:da:8b:4d:28:2b:
                    51:9c:da:dd:10:47:87:75:c6:1c:b5:da:f4:6a:2b:
                    f6:b8:1a:12:54:72:9d:b6:a5:a8:92:63:59:93:88:
                    90:fa:0c:7b:58:1d:36:37:70:06:63:f0:d5:e4:ba:
                    a9:32:ee:7b:a2:d7:9f:2b:77:a3:a5:ce:67:26:16:
                    63:d6:fe:05:a7:70:27:c1:9d:86:da:db:65:33:43:
                    47:cf:ec:54:a9:45:58:ad:a0:da:6e:b5:6a:7d:77:
                    0a:3c:cf:f2:b6:c6:72:39:35:ab:a5:8d:ed:d9:2d:
                    11:c2:76:fa:c8:62:30:ef:ea:b7:ca:9b:1b:a9:69:
                    f9:38:97:6a:06:07:41:5d:09:50:1a:5b:d1:bc:22:
                    bf:5e:8c:99:7b:19:54:43:ac:48:bb:08:27:8e:42:
                    ac:a4:84:be:0c:4b:69:09:38:05:18:1f:a0:9e:c1:
                    a6:0b:33:38:71:2e:3e:98:64:8b:f0:62:d0:b9:0b:
                    ba:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:F5:82:E9:53:E5:F1:74:7E:F6:56:83:8A:62:5C:BE:71:B3:5A:34
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS401322.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.60.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:ba:88:6e:70:f1:68:10:1b:4e:20:cc:bc:4c:1e:61:d3:62:
         65:7a:c5:04:7c:f8:34:ac:ef:2e:7e:5f:93:8d:54:43:fb:d0:
         f2:8b:62:18:56:66:ef:8a:05:0a:c9:84:e4:c9:8a:4e:8a:be:
         94:05:1a:55:1c:02:bc:46:22:98:b3:ab:ee:79:62:d8:84:34:
         29:ce:a8:86:35:07:3c:7c:f0:74:4f:9d:4c:fb:6d:98:88:d0:
         47:37:ba:ba:6b:70:cd:71:d3:23:7e:b6:50:3f:4f:1e:23:b0:
         d2:20:0b:38:0a:b6:6d:c5:40:2a:10:a0:c9:c7:ee:4c:c2:8e:
         2e:27:34:e9:c3:db:14:e7:eb:7c:38:5c:a8:28:92:14:71:88:
         0a:1a:a0:b0:4c:4f:e1:e2:e4:47:4c:d9:45:07:58:1f:d7:29:
         7c:3d:f7:51:f2:7d:9a:45:90:c2:8f:14:8c:23:dd:31:22:10:
         18:a6:3e:03:7a:f3:9c:39:a9:af:8e:f2:59:e3:be:1a:49:31:
         30:4f:21:79:01:fe:a5:92:f1:bb:2a:c6:f7:2a:e8:a5:25:12:
         b0:c3:24:5f:cc:20:1c:c2:fe:62:b0:91:03:52:ce:9d:1f:1b:
         6f:4f:dd:d8:d9:4a:58:6c:d7:d6:00:f3:42:ae:97:cc:f9:3c:
         ba:93:be:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKTHM5zMq+CXBk4I3WfrJndrGVFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAxMjQxMzEyMzVaFw0yNzAxMjMxMzE3MzVaMDMxMTAvBgNV
BAMTKDg4RjU4MkU5NTNFNUYxNzQ3RUY2NTY4MzhBNjI1Q0JFNzFCMzVBMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGDMaqjt9BEefUM3Vq2eWT1Wps
atxyJ8jbTxgUAwptxkMKAAZ1PHwqSqNQ3v3wMetbVU0f63+0yaUE1jfFuZ3kMMuM
wrvai00oK1Gc2t0QR4d1xhy12vRqK/a4GhJUcp22paiSY1mTiJD6DHtYHTY3cAZj
8NXkuqky7nui158rd6OlzmcmFmPW/gWncCfBnYba22UzQ0fP7FSpRVitoNputWp9
dwo8z/K2xnI5Naulje3ZLRHCdvrIYjDv6rfKmxupafk4l2oGB0FdCVAaW9G8Ir9e
jJl7GVRDrEi7CCeOQqykhL4MS2kJOAUYH6CewaYLMzhxLj6YZIvwYtC5C7pXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUiPWC6VPl8XR+9laDimJcvnGzWjQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDAxMzIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjxa
MA0GCSqGSIb3DQEBCwUAA4IBAQA2uohucPFoEBtOIMy8TB5h02JlesUEfPg0rO8u
fl+TjVRD+9Dyi2IYVmbvigUKyYTkyYpOir6UBRpVHAK8RiKYs6vueWLYhDQpzqiG
NQc8fPB0T51M+22YiNBHN7q6a3DNcdMjfrZQP08eI7DSIAs4CrZtxUAqEKDJx+5M
wo4uJzTpw9sU5+t8OFyoKJIUcYgKGqCwTE/h4uRHTNlFB1gf1yl8PfdR8n2aRZDC
jxSMI90xIhAYpj4DevOcOamvjvJZ474aSTEwTyF5Af6lkvG7Ksb3KuilJRKwwyRf
zCAcwv5isJEDUs6dHxtvT93Y2UpYbNfWAPNCrpfM+Ty6k740
-----END CERTIFICATE-----