Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: dgXTmzL3uf3fbXJK7B77TBHqL+TEqFjeiWqQW7z9W3M=
Subject key identifier: 08:6D:1D:CE:AA:19:5F:A0:F3:EB:BE:AB:CF:52:B6:2D:B2:97:89:07
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 013C2B6F7D2EDB1BA6E9E8155E7EA48F4D32D7DB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Mon 02 Mar 2026 00:02:14 +0000
ROA not before: Sun 01 Mar 2026 23:57:14 +0000
ROA not after: Mon 01 Mar 2027 00:02:14 +0000
asID: 31715
IP address blocks: 148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
162.141.106.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:3c:2b:6f:7d:2e:db:1b:a6:e9:e8:15:5e:7e:a4:8f:4d:32:d7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 23:57:14 2026 GMT
Not After : Mar 1 00:02:14 2027 GMT
Subject: CN=086D1DCEAA195FA0F3EBBEABCF52B62DB2978907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c6:f5:6e:ef:3b:e1:bf:17:fe:a5:24:aa:c3:
4c:56:56:f1:28:ed:cc:c0:c7:5a:04:ea:cb:84:f7:
c8:93:fa:8f:26:cb:d1:84:3c:d2:6a:23:26:39:90:
06:1b:39:98:7f:08:1b:68:02:88:ed:71:d5:f6:61:
a1:77:d1:f2:19:ce:74:8c:05:94:ea:42:c0:d1:c2:
3a:89:da:8b:92:e9:9a:37:9a:0f:f3:75:f6:8b:43:
ba:8b:18:66:10:c7:d0:b1:06:2c:e8:0d:5b:f0:7b:
56:b4:5f:dc:56:9d:1d:65:66:13:0a:65:ad:07:da:
f7:92:4d:71:83:bb:0a:96:29:bc:4a:d3:fd:67:bc:
08:ce:75:a7:62:3a:a2:43:c3:af:fb:d4:a7:4c:9c:
4d:6d:c5:01:8e:3d:fe:07:eb:24:a5:8e:5a:87:2d:
84:75:0d:71:88:55:77:f4:93:e6:68:9c:b0:9f:71:
99:df:a8:72:c3:4f:77:04:d3:df:fc:d3:c2:1c:ba:
ef:2e:0f:9c:dc:47:d3:d8:be:fd:6b:f4:52:bb:88:
9e:12:28:a1:15:91:c7:b5:f3:be:7d:83:40:84:81:
c6:5e:25:96:3a:6a:c2:7c:79:b0:41:b7:78:d8:40:
e1:71:71:b1:29:ff:29:f1:7b:ac:a3:19:e1:84:5b:
3e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6D:1D:CE:AA:19:5F:A0:F3:EB:BE:AB:CF:52:B6:2D:B2:97:89:07
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
162.141.106.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:46:39:f2:92:35:81:73:92:88:21:fc:4b:f0:87:96:0c:02:
c0:b1:e9:ae:b2:87:2a:f0:59:11:63:03:50:4b:8d:85:a3:ca:
90:40:f1:43:87:f0:f5:e7:f8:6b:42:1f:e4:ae:ad:03:5b:f6:
a0:7d:97:76:25:55:54:0d:fb:05:a5:33:05:62:58:0e:83:39:
ff:c9:13:15:25:52:c7:0a:66:0d:79:c1:bb:18:ab:28:53:9f:
9a:7f:1c:0d:f1:1d:1e:cb:0e:40:da:cc:92:d8:6b:c6:67:61:
81:7f:59:ab:87:85:e3:6c:dd:47:e8:80:4a:60:3e:cb:7a:fd:
04:25:1d:09:c4:c4:d1:bc:73:b3:cf:38:89:3b:35:cf:b8:3f:
ad:ff:47:ee:63:67:01:23:78:ad:d9:f0:bf:99:76:f3:79:9c:
9f:18:2e:e3:97:14:db:bc:11:e5:8f:32:d6:56:b7:b7:d2:f6:
55:2f:bd:95:2d:66:76:a0:8c:bb:02:9f:64:f6:75:8b:37:25:
4a:5c:2e:4a:6d:ec:70:65:3e:bf:01:2d:e9:04:fa:7b:7b:9f:
56:60:2b:fe:11:7d:8b:eb:c2:f3:23:14:24:09:b7:e4:f6:3c:
6d:0e:09:62:95:eb:7a:80:61:17:1b:8e:de:92:ea:70:29:d9:
42:81:9b:7a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUATwrb30u2xum6egVXn6kj00y19swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDEyMzU3MTRaFw0yNzAzMDEwMDAyMTRaMDMxMTAvBgNV
BAMTKDA4NkQxRENFQUExOTVGQTBGM0VCQkVBQkNGNTJCNjJEQjI5Nzg5MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZxvVu7zvhvxf+pSSqw0xWVvEo
7czAx1oE6suE98iT+o8my9GEPNJqIyY5kAYbOZh/CBtoAojtcdX2YaF30fIZznSM
BZTqQsDRwjqJ2ouS6Zo3mg/zdfaLQ7qLGGYQx9CxBizoDVvwe1a0X9xWnR1lZhMK
Za0H2veSTXGDuwqWKbxK0/1nvAjOdadiOqJDw6/71KdMnE1txQGOPf4H6ySljlqH
LYR1DXGIVXf0k+ZonLCfcZnfqHLDT3cE09/808Icuu8uD5zcR9PYvv1r9FK7iJ4S
KKEVkce18759g0CEgcZeJZY6asJ8ebBBt3jYQOFxcbEp/ynxe6yjGeGEWz4fAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUCG0dzqoZX6Dz676rz1K2LbKXiQcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACUh5gD
BACW8fkDBACbdSYDBACbdZYDBACijWoDBACnlMcwDQYJKoZIhvcNAQELBQADggEB
AK5GOfKSNYFzkogh/Evwh5YMAsCx6a6yhyrwWRFjA1BLjYWjypBA8UOH8PXn+GtC
H+SurQNb9qB9l3YlVVQN+wWlMwViWA6DOf/JExUlUscKZg15wbsYqyhTn5p/HA3x
HR7LDkDazJLYa8ZnYYF/WauHheNs3UfogEpgPst6/QQlHQnExNG8c7PPOIk7Nc+4
P63/R+5jZwEjeK3Z8L+ZdvN5nJ8YLuOXFNu8EeWPMtZWt7fS9lUvvZUtZnagjLsC
n2T2dYs3JUpcLkpt7HBlPr8BLekE+nt7n1ZgK/4RfYvrwvMjFCQJt+T2PG0OCWKV
63qAYRcbjt6S6nAp2UKBm3o=
-----END CERTIFICATE-----
Generated at Thu Mar 5 10:48:29 2026 by rpki-client