Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: RgVwchEpraZcPimsfA83oplPigaVf6uxHoMBSpr04C0=
Subject key identifier: 3F:25:F0:7C:FA:2B:9C:91:93:C9:51:0A:F1:40:02:40:7C:9C:87:0A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 75CE788A446F7801DCC355EB542D24E448617BC2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Fri 16 May 2025 03:23:37 +0000
ROA not before: Fri 16 May 2025 03:18:37 +0000
ROA not after: Fri 15 May 2026 03:23:37 +0000
asID: 31715
IP address blocks: 140.150.235.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.145.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ce:78:8a:44:6f:78:01:dc:c3:55:eb:54:2d:24:e4:48:61:7b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 16 03:18:37 2025 GMT
Not After : May 15 03:23:37 2026 GMT
Subject: CN=3F25F07CFA2B9C9193C9510AF14002407C9C870A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:d8:a5:58:94:c3:d0:a8:d9:b8:38:86:23:
d9:aa:8b:1c:63:24:c9:8b:57:30:6b:da:e7:64:d6:
47:ce:22:2e:47:33:49:80:fe:a1:c4:d8:5e:52:c2:
04:df:19:12:93:4f:a3:1b:c2:bf:e8:e7:1b:38:f6:
1c:ac:87:05:ec:80:45:dd:97:32:11:1d:28:be:a9:
3e:16:27:02:85:dd:37:95:04:a0:4c:7f:c7:3f:0d:
ee:bf:79:13:59:e3:9e:b6:8f:ec:47:21:de:77:82:
8f:29:6b:40:ca:04:65:b9:c8:8e:50:94:ad:94:d6:
8d:33:b8:d8:f9:c9:9c:65:71:a4:c5:13:af:e0:4c:
2a:dc:e4:69:8c:a7:12:71:a1:db:60:9c:85:d2:e7:
39:5c:92:51:f2:a7:7e:33:1b:f6:4a:9b:8a:08:95:
00:6b:5a:c2:02:56:d4:de:f4:38:b9:82:65:fb:4e:
f0:79:87:19:00:db:f0:3a:e5:40:7b:d2:73:9f:23:
32:6a:e9:1d:75:cc:91:23:60:fa:c6:82:5f:0e:ef:
ee:59:f2:90:bb:4b:33:6b:91:cf:84:e7:e3:6a:b3:
2d:20:13:54:4b:50:a8:6e:8f:25:df:65:ae:8f:59:
06:0c:09:93:a5:77:a8:09:c4:a8:10:d2:fa:73:82:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:25:F0:7C:FA:2B:9C:91:93:C9:51:0A:F1:40:02:40:7C:9C:87:0A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.235.0/24
150.241.249.0/24
155.117.145.0/24
155.117.227.0/24
Signature Algorithm: sha256WithRSAEncryption
15:7b:94:dc:d9:cd:9c:3d:16:5b:8c:27:f4:51:20:09:54:d2:
72:aa:2e:cc:2e:1d:d8:6d:e0:00:b3:f9:b3:c6:5c:ed:10:22:
ad:ee:01:d8:79:7a:c8:f0:66:2d:22:52:ca:c2:d0:75:c6:c1:
d0:d7:e4:47:93:e4:d1:d6:01:c3:8b:6a:5e:7d:df:2a:08:06:
e0:a0:e8:94:a8:1f:63:43:6d:f5:ed:57:cf:c3:7d:82:4d:92:
d8:7f:b5:57:65:5a:09:8b:46:6c:1f:f7:9d:e3:8f:72:15:54:
c1:a3:46:67:0c:2f:f7:f6:b3:e1:0d:43:60:b5:7b:8a:e7:02:
04:4a:4f:c2:1f:0a:2c:4f:50:d0:06:37:fb:f2:a0:dd:be:1e:
61:02:ec:e7:49:b6:5f:c3:0c:d5:75:92:27:78:2d:1e:02:78:
5b:6e:58:2b:01:06:ea:dd:3b:fe:25:0f:f4:93:59:4d:27:51:
d3:35:19:5c:9f:86:e8:ad:97:63:14:57:36:b5:13:d3:6e:1d:
5a:fb:49:fd:80:f6:d6:06:c4:dd:bf:af:a6:53:79:0c:34:a4:
eb:85:5f:f6:e2:64:cf:38:3b:8d:76:5e:07:c5:e9:08:f2:06:
ae:20:09:b9:cf:99:e9:ee:5b:e7:9e:db:a4:8c:ce:d0:b7:31:
d4:2a:65:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUdc54ikRveAHcw1XrVC0k5Ehhe8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTYwMzE4MzdaFw0yNjA1MTUwMzIzMzdaMDMxMTAvBgNV
BAMTKDNGMjVGMDdDRkEyQjlDOTE5M0M5NTEwQUYxNDAwMjQwN0M5Qzg3MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCti9ilWJTD0KjZuDiGI9mqixxj
JMmLVzBr2udk1kfOIi5HM0mA/qHE2F5SwgTfGRKTT6Mbwr/o5xs49hyshwXsgEXd
lzIRHSi+qT4WJwKF3TeVBKBMf8c/De6/eRNZ4562j+xHId53go8pa0DKBGW5yI5Q
lK2U1o0zuNj5yZxlcaTFE6/gTCrc5GmMpxJxodtgnIXS5zlcklHyp34zG/ZKm4oI
lQBrWsICVtTe9Di5gmX7TvB5hxkA2/A65UB70nOfIzJq6R11zJEjYPrGgl8O7+5Z
8pC7SzNrkc+E5+Nqsy0gE1RLUKhujyXfZa6PWQYMCZOld6gJxKgQ0vpzgmlNAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUPyXwfPornJGTyVEK8UACQHychwowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACMlusD
BACW8fkDBACbdZEDBACbdeMwDQYJKoZIhvcNAQELBQADggEBABV7lNzZzZw9FluM
J/RRIAlU0nKqLswuHdht4ACz+bPGXO0QIq3uAdh5esjwZi0iUsrC0HXGwdDX5EeT
5NHWAcOLal593yoIBuCg6JSoH2NDbfXtV8/DfYJNkth/tVdlWgmLRmwf953jj3IV
VMGjRmcML/f2s+ENQ2C1e4rnAgRKT8IfCixPUNAGN/vyoN2+HmEC7OdJtl/DDNV1
kid4LR4CeFtuWCsBBurdO/4lD/STWU0nUdM1GVyfhuitl2MUVza1E9NuHVr7Sf2A
9tYGxN2/r6ZTeQw0pOuFX/biZM84O412XgfF6QjyBq4gCbnPmenuW+ee26SMztC3
MdQqZfU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:15:29 2025 by rpki-client