This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa
File:                     AS401776.roa (raw, json)
Hash identifier:          5zyykWGq+QAX0I5h9zRnMWBrb08AhqylS9xAoqDqEy4=
Subject key identifier:   B7:7F:A5:7D:12:64:92:F3:A6:C2:E5:B4:0D:C6:CD:08:B6:C4:9F:CB
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       4AE7EFC58450099129498DD2B89C5ADB6B805E89
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa
Signing time:             Mon 15 Dec 2025 06:37:02 +0000
ROA not before:           Mon 15 Dec 2025 06:32:02 +0000
ROA not after:            Mon 14 Dec 2026 06:37:02 +0000
asID:                     401776
IP address blocks:        179.61.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Dec 2025 12:07:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:e7:ef:c5:84:50:09:91:29:49:8d:d2:b8:9c:5a:db:6b:80:5e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Dec 15 06:32:02 2025 GMT
            Not After : Dec 14 06:37:02 2026 GMT
        Subject: CN=B77FA57D126492F3A6C2E5B40DC6CD08B6C49FCB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:12:9c:bd:5d:f7:dc:21:90:7d:69:5e:55:00:
                    6b:fa:a7:67:7d:30:e3:27:85:3f:7b:70:da:ef:7e:
                    e7:d7:b5:5c:40:60:b3:07:07:3e:7a:c8:4f:f7:6b:
                    8a:31:4e:b9:88:94:a1:46:2c:06:1c:13:f2:85:8b:
                    b8:6d:e9:ea:37:21:d1:97:68:07:c5:13:98:23:31:
                    68:94:ef:d9:1a:6d:9d:f8:22:4f:9f:09:08:68:a5:
                    8c:1c:c7:f2:ef:cd:1a:42:87:9c:02:b4:4d:18:8b:
                    1e:b6:b2:dc:12:58:ae:97:5a:21:eb:65:95:ac:bb:
                    bc:28:57:6b:8b:0e:54:e8:9a:fa:80:13:ec:8f:13:
                    cf:68:12:db:30:d0:d6:65:15:2f:07:78:a9:47:54:
                    24:47:2c:8d:a2:04:68:ea:57:c8:db:74:73:45:d5:
                    bc:f9:30:41:61:2e:73:66:ab:23:e0:e4:25:3a:73:
                    79:01:1d:89:f4:49:b1:29:6b:5d:ad:1a:02:97:89:
                    b9:cf:fb:8d:c0:d3:52:7a:ae:e8:b8:13:bb:fc:04:
                    0e:da:d5:84:d0:5c:f2:4c:77:d1:7c:df:b5:75:2a:
                    25:66:90:97:4a:25:df:bf:ee:0e:f0:cb:93:2e:48:
                    ce:ff:28:33:bd:a4:4f:c2:f4:3f:eb:c9:e3:8a:a6:
                    ad:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:7F:A5:7D:12:64:92:F3:A6:C2:E5:B4:0D:C6:CD:08:B6:C4:9F:CB
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401776.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:aa:48:bf:d3:cc:ac:58:c4:3b:4a:32:4c:46:4b:af:96:f5:
         c6:20:d7:de:19:78:b3:af:d3:b2:f8:55:d3:0f:c7:69:9c:41:
         a3:09:a9:7e:b0:83:ac:96:e2:c9:0f:40:32:3c:31:63:f5:99:
         82:1a:30:73:6e:64:ab:d6:d4:2c:8c:ea:f4:5c:67:b7:6e:ee:
         6a:fb:9f:64:f5:b2:5b:26:19:68:a6:78:ef:ff:5d:ab:4f:50:
         66:1b:cf:cb:d6:05:f9:1c:43:58:c7:f5:a2:63:ff:28:48:f9:
         f7:02:b7:bb:a7:83:3c:27:0f:c7:ef:89:d6:59:7a:11:da:a8:
         c9:4b:08:21:38:f5:cf:9c:f6:df:20:71:c0:e2:59:d7:b7:b5:
         c0:9f:e9:41:b7:6e:93:99:17:ae:13:55:15:1a:fb:fa:bc:8e:
         8d:7e:af:3b:5d:a8:b8:8f:b6:04:b1:56:00:6c:64:c8:de:5a:
         7f:1a:c9:1b:c0:46:da:d7:d5:1d:aa:40:fe:49:06:d2:bb:c6:
         9b:80:62:b7:b9:69:cf:a0:b1:96:eb:72:7b:5b:08:e4:b1:cd:
         77:bc:2b:ea:35:1a:39:b2:e3:b4:8a:d8:23:95:74:e2:da:49:
         dc:94:ac:9f:db:bb:44:76:e7:5e:1d:08:43:b2:10:51:87:5a:
         64:2d:d9:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSufvxYRQCZEpSY3SuJxa22uAXokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEyMTUwNjMyMDJaFw0yNjEyMTQwNjM3MDJaMDMxMTAvBgNV
BAMTKEI3N0ZBNTdEMTI2NDkyRjNBNkMyRTVCNDBEQzZDRDA4QjZDNDlGQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Epy9XffcIZB9aV5VAGv6p2d9
MOMnhT97cNrvfufXtVxAYLMHBz56yE/3a4oxTrmIlKFGLAYcE/KFi7ht6eo3IdGX
aAfFE5gjMWiU79kabZ34Ik+fCQhopYwcx/LvzRpCh5wCtE0Yix62stwSWK6XWiHr
ZZWsu7woV2uLDlTomvqAE+yPE89oEtsw0NZlFS8HeKlHVCRHLI2iBGjqV8jbdHNF
1bz5MEFhLnNmqyPg5CU6c3kBHYn0SbEpa12tGgKXibnP+43A01J6rui4E7v8BA7a
1YTQXPJMd9F837V1KiVmkJdKJd+/7g7wy5MuSM7/KDO9pE/C9D/ryeOKpq3pAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUt3+lfRJkkvOmwuW0DcbNCLbEn8swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAxNzc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsz2M
MA0GCSqGSIb3DQEBCwUAA4IBAQBbqki/08ysWMQ7SjJMRkuvlvXGINfeGXizr9Oy
+FXTD8dpnEGjCal+sIOsluLJD0AyPDFj9ZmCGjBzbmSr1tQsjOr0XGe3bu5q+59k
9bJbJhlopnjv/12rT1BmG8/L1gX5HENYx/WiY/8oSPn3Are7p4M8Jw/H74nWWXoR
2qjJSwghOPXPnPbfIHHA4lnXt7XAn+lBt26TmReuE1UVGvv6vI6Nfq87Xai4j7YE
sVYAbGTI3lp/GskbwEba19UdqkD+SQbSu8abgGK3uWnPoLGW63J7Wwjksc13vCvq
NRo5suO0itgjlXTi2knclKyf27tEdudeHQhDshBRh1pkLdn0
-----END CERTIFICATE-----