This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62068.roa
File:                     AS62068.roa (raw, json)
Hash identifier:          Xumr2oh/Cmg+8YLIwJHhVuODaR80xLje8qQS8Jmj5qY=
Subject key identifier:   44:F3:1F:63:FE:57:75:81:5B:C0:DF:2F:C8:04:27:6A:39:8A:14:AF
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       6B87A0AB400B3821BD9C4174D89BAE34F9AC3BEB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62068.roa
Signing time:             Mon 15 Dec 2025 15:55:32 +0000
ROA not before:           Mon 15 Dec 2025 15:50:32 +0000
ROA not after:            Mon 14 Dec 2026 15:55:32 +0000
asID:                     62068
IP address blocks:        82.21.160.0/24 maxlen: 24
                          82.21.161.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 16 Dec 2025 15:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:87:a0:ab:40:0b:38:21:bd:9c:41:74:d8:9b:ae:34:f9:ac:3b:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Dec 15 15:50:32 2025 GMT
            Not After : Dec 14 15:55:32 2026 GMT
        Subject: CN=44F31F63FE5775815BC0DF2FC804276A398A14AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5e:2b:76:49:68:c5:eb:b4:6d:5a:35:ca:1a:
                    ee:30:7c:3a:09:10:30:a0:ce:32:39:e0:d7:a4:eb:
                    24:f2:ef:56:29:f1:38:34:e0:5d:9f:d1:15:0b:71:
                    af:bc:85:fc:be:46:e2:7d:27:05:b3:7a:ed:37:81:
                    c0:dd:a1:54:86:85:d0:65:4f:8c:75:64:6c:35:b3:
                    7d:62:72:3c:c2:d0:46:72:6b:15:af:76:1a:5f:a6:
                    8a:3f:26:91:fa:93:58:68:40:a5:2f:1b:31:9a:63:
                    45:c6:ff:a4:6d:90:f9:93:ca:5c:3e:cf:59:9c:95:
                    00:a3:98:cd:3c:41:bc:6e:5c:59:1c:5e:c6:21:85:
                    27:39:be:b7:0f:d7:bf:ff:a6:33:fb:28:86:5a:69:
                    c2:d4:8e:6d:a5:fe:d6:c9:fd:d4:eb:5d:b8:fa:79:
                    5a:5a:39:70:e7:b7:8e:ad:95:97:74:1e:28:36:b3:
                    47:d5:85:c9:d8:4a:49:24:ff:d8:b3:19:57:14:7e:
                    65:2e:9a:ad:fa:d4:0b:26:d9:f9:ac:f1:a6:c8:ff:
                    02:18:a1:9c:5a:6e:01:f2:dc:8a:16:9a:a1:e8:6e:
                    54:f3:e7:2a:6a:ac:32:eb:fb:92:f4:79:10:b0:ad:
                    4e:39:c4:b2:28:a4:c7:2a:6f:87:55:ef:39:b4:73:
                    43:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F3:1F:63:FE:57:75:81:5B:C0:DF:2F:C8:04:27:6A:39:8A:14:AF
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS62068.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:30:81:ed:21:27:1d:9f:ee:67:d2:4e:c2:99:03:7c:c1:b1:
         97:19:fe:a2:78:3f:9a:e4:4b:f0:dc:62:84:7f:69:64:fa:b6:
         ff:94:11:91:ec:b1:ff:f9:f9:e3:cc:48:52:13:5c:4f:54:61:
         5d:96:5e:83:35:0e:dc:90:7f:bc:b2:98:a5:b2:0e:0c:99:14:
         55:a5:49:b4:73:e0:bc:68:bc:2e:b1:7d:38:f7:04:99:7d:b8:
         60:15:85:22:bb:f9:5d:92:11:50:63:0c:ad:c3:1a:f2:e9:96:
         10:a7:1a:da:bf:97:31:90:19:17:bb:cb:bf:ed:ee:7c:b6:3c:
         38:85:3e:41:f3:b3:37:85:84:36:b0:3f:e8:5b:f1:3a:39:dc:
         2b:2d:b2:b4:eb:15:18:3b:3e:99:6f:d5:b7:5d:a6:b4:f5:ed:
         e0:a1:4a:19:ca:7f:e8:7f:c1:7a:07:41:d6:6e:ea:85:5b:e3:
         4b:04:02:fc:25:ba:f2:ee:c1:08:c0:66:63:20:4b:76:78:16:
         7b:5a:f8:3c:af:90:9e:c7:26:52:c3:79:79:e3:94:b4:c0:de:
         6e:02:52:40:75:25:71:29:db:06:9c:bc:95:01:06:4c:6d:0e:
         47:e2:e8:3f:34:81:51:8a:46:16:70:fd:6a:b5:bb:2d:da:51:
         80:53:c2:a4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUa4egq0ALOCG9nEF02JuuNPmsO+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEyMTUxNTUwMzJaFw0yNjEyMTQxNTU1MzJaMDMxMTAvBgNV
BAMTKDQ0RjMxRjYzRkU1Nzc1ODE1QkMwREYyRkM4MDQyNzZBMzk4QTE0QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJXit2SWjF67RtWjXKGu4wfDoJ
EDCgzjI54Nek6yTy71Yp8Tg04F2f0RULca+8hfy+RuJ9JwWzeu03gcDdoVSGhdBl
T4x1ZGw1s31icjzC0EZyaxWvdhpfpoo/JpH6k1hoQKUvGzGaY0XG/6RtkPmTylw+
z1mclQCjmM08QbxuXFkcXsYhhSc5vrcP17//pjP7KIZaacLUjm2l/tbJ/dTrXbj6
eVpaOXDnt46tlZd0Hig2s0fVhcnYSkkk/9izGVcUfmUumq361Asm2fms8abI/wIY
oZxabgHy3IoWmqHoblTz5ypqrDLr+5L0eRCwrU45xLIopMcqb4dV7zm0c0N/AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQURPMfY/5XdYFbwN8vyAQnajmKFK8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjIwNjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFSFaAw
DQYJKoZIhvcNAQELBQADggEBAIkwge0hJx2f7mfSTsKZA3zBsZcZ/qJ4P5rkS/Dc
YoR/aWT6tv+UEZHssf/5+ePMSFITXE9UYV2WXoM1DtyQf7yymKWyDgyZFFWlSbRz
4LxovC6xfTj3BJl9uGAVhSK7+V2SEVBjDK3DGvLplhCnGtq/lzGQGRe7y7/t7ny2
PDiFPkHzszeFhDawP+hb8To53CstsrTrFRg7Pplv1bddprT17eChShnKf+h/wXoH
QdZu6oVb40sEAvwluvLuwQjAZmMgS3Z4Fnta+DyvkJ7HJlLDeXnjlLTA3m4CUkB1
JXEp2wacvJUBBkxtDkfi6D80gVGKRhZw/Wq1uy3aUYBTwqQ=
-----END CERTIFICATE-----