Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: HS/u2Uxeg2UTEWjLcRpfx0+Kk/zGN6mSS6zHODivwC8=
Subject key identifier: 76:40:10:2B:9C:F4:31:72:67:E7:C7:49:BD:09:B9:5B:C8:0D:04:5A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7019BC82795A282DC86F51CFF31519565EDC733E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Sat 25 Oct 2025 00:09:28 +0000
ROA not before: Sat 25 Oct 2025 00:04:28 +0000
ROA not after: Sat 24 Oct 2026 00:09:28 +0000
asID: 31715
IP address blocks: 143.14.217.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:19:bc:82:79:5a:28:2d:c8:6f:51:cf:f3:15:19:56:5e:dc:73:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 25 00:04:28 2025 GMT
Not After : Oct 24 00:09:28 2026 GMT
Subject: CN=7640102B9CF4317267E7C749BD09B95BC80D045A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a1:69:58:c9:9c:57:be:eb:0b:87:c5:e4:e1:
a3:e9:9d:0e:c4:b2:0a:e0:25:94:e0:99:99:b6:ad:
bd:0b:62:a3:6e:61:e0:de:f7:9a:17:41:48:cc:76:
58:b0:71:21:87:da:09:90:95:f6:b4:25:3b:15:5c:
83:6f:78:40:86:c6:8c:a8:35:68:46:b0:a5:40:e3:
ec:9d:91:22:03:b4:62:72:10:99:ea:34:5c:0a:8c:
18:6a:ab:08:9e:84:9b:0e:cf:f8:13:42:25:f2:13:
3f:72:76:2e:cb:37:a4:c1:b0:cc:7d:34:af:c0:03:
86:74:3d:7c:ee:6c:02:fb:16:62:cc:28:78:3a:ee:
f2:92:90:42:54:df:f6:ca:7d:94:4b:a1:da:ec:46:
f0:22:69:c1:ba:48:82:c4:69:74:f7:e6:d2:2d:2a:
9d:e0:c2:2d:57:b3:0e:58:3f:55:cc:05:ad:fe:aa:
dc:8b:a5:40:f0:db:50:bb:c7:c5:f5:d2:4c:49:bc:
55:0b:51:e5:4a:05:e3:4e:8c:9b:ff:3c:64:58:2b:
11:51:2e:11:35:b7:4d:bb:75:40:01:b1:46:5b:3c:
c5:b8:74:f6:53:17:80:91:56:84:9e:d5:50:0e:b1:
8b:74:38:56:cd:ae:88:66:80:58:eb:2a:ad:08:97:
06:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:40:10:2B:9C:F4:31:72:67:E7:C7:49:BD:09:B9:5B:C8:0D:04:5A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.217.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
32:73:d4:d1:02:6e:51:4f:53:fd:77:8b:4b:72:c5:5b:a3:73:
66:4c:07:45:68:8f:9c:ac:79:21:65:55:cf:de:ba:c7:dd:89:
2e:82:80:9a:5a:d0:b9:1c:a2:2c:cc:98:ab:eb:4d:00:06:0f:
eb:c5:26:c5:96:81:5b:8f:83:84:f5:77:5b:75:66:1e:a1:e2:
f9:28:c5:6a:78:29:47:3b:53:41:a0:5a:b3:76:84:0e:f4:ec:
ca:a3:33:cf:c3:b7:f0:ea:66:74:50:55:a5:d9:3e:aa:ff:1c:
ef:cf:4b:e1:b2:6c:16:b3:d1:f1:3f:a0:6d:8d:8b:81:10:ca:
1b:b0:0f:6c:d6:ba:aa:46:47:d9:e6:97:df:cc:f5:5d:76:b2:
7c:8e:02:3e:03:95:79:b7:cf:8a:ae:46:00:6d:e5:56:a7:f7:
59:40:da:c5:b5:2b:cf:1a:0d:13:c9:b8:f5:ce:54:d4:96:5a:
f5:c0:fc:8b:d5:98:b7:00:ac:3d:64:6c:44:ca:b6:93:7e:4e:
b8:5b:ec:37:13:79:a1:1b:76:4a:e0:83:77:bb:ad:b5:a3:d3:
23:40:7e:d4:9b:8a:89:6c:32:80:7a:1c:23:07:ac:b4:b9:90:
e9:f5:62:3c:89:aa:4c:bf:33:55:9a:d8:d0:b0:c5:9a:0b:ef:
19:ee:12:c1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUcBm8gnlaKC3Ib1HP8xUZVl7ccz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjUwMDA0MjhaFw0yNjEwMjQwMDA5MjhaMDMxMTAvBgNV
BAMTKDc2NDAxMDJCOUNGNDMxNzI2N0U3Qzc0OUJEMDlCOTVCQzgwRDA0NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWoWlYyZxXvusLh8Xk4aPpnQ7E
sgrgJZTgmZm2rb0LYqNuYeDe95oXQUjMdliwcSGH2gmQlfa0JTsVXINveECGxoyo
NWhGsKVA4+ydkSIDtGJyEJnqNFwKjBhqqwiehJsOz/gTQiXyEz9ydi7LN6TBsMx9
NK/AA4Z0PXzubAL7FmLMKHg67vKSkEJU3/bKfZRLodrsRvAiacG6SILEaXT35tIt
Kp3gwi1Xsw5YP1XMBa3+qtyLpUDw21C7x8X10kxJvFULUeVKBeNOjJv/PGRYKxFR
LhE1t027dUABsUZbPMW4dPZTF4CRVoSe1VAOsYt0OFbNrohmgFjrKq0Ilwa9AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUdkAQK5z0MXJn58dJvQm5W8gNBFowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACPDtkD
BACUh5gDBACW8fkDBACbdSYDBACbdZYDBACnlMcwDQYJKoZIhvcNAQELBQADggEB
ADJz1NECblFPU/13i0tyxVujc2ZMB0Voj5yseSFlVc/eusfdiS6CgJpa0LkcoizM
mKvrTQAGD+vFJsWWgVuPg4T1d1t1Zh6h4vkoxWp4KUc7U0GgWrN2hA707MqjM8/D
t/DqZnRQVaXZPqr/HO/PS+GybBaz0fE/oG2Ni4EQyhuwD2zWuqpGR9nml9/M9V12
snyOAj4DlXm3z4quRgBt5Van91lA2sW1K88aDRPJuPXOVNSWWvXA/IvVmLcArD1k
bETKtpN+Trhb7DcTeaEbdkrgg3e7rbWj0yNAftSbiolsMoB6HCMHrLS5kOn1YjyJ
qky/M1Wa2NCwxZoL7xnuEsE=
-----END CERTIFICATE-----
Generated at Tue Nov 4 05:33:11 2025 by rpki-client