Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: n6/oep15YmD5hEPbGaaWPibh4FXW/JsUsmqZp/qIYMM=
Subject key identifier: 68:66:F3:F3:82:86:51:45:08:C7:53:C0:55:36:ED:08:4E:0E:43:7A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 02A4A5092F7DA09CFF3B729AFEBAFA425C64FE18
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Tue 26 Aug 2025 04:02:03 +0000
ROA not before: Tue 26 Aug 2025 03:57:03 +0000
ROA not after: Tue 25 Aug 2026 04:02:03 +0000
asID: 31715
IP address blocks: 143.14.217.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.255.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 05:51:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:a4:a5:09:2f:7d:a0:9c:ff:3b:72:9a:fe:ba:fa:42:5c:64:fe:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 26 03:57:03 2025 GMT
Not After : Aug 25 04:02:03 2026 GMT
Subject: CN=6866F3F38286514508C753C05536ED084E0E437A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:82:ef:5d:48:c1:60:06:98:2f:35:8b:a3:
d8:64:c6:35:1f:fb:6f:f5:eb:82:89:1e:90:c1:46:
1c:65:87:57:c6:b8:a4:45:c5:58:e1:e2:75:a5:e9:
1a:81:f7:74:61:37:ed:95:c0:c1:20:6a:22:03:17:
59:c7:91:f6:15:6a:69:1e:73:70:1c:58:96:10:40:
a4:0f:67:84:d9:10:19:1f:e5:c0:71:a7:e5:2a:39:
da:3a:93:ed:ff:c3:16:12:be:82:b5:1e:b9:30:0e:
97:5a:d0:0d:5a:6f:20:42:75:1c:48:85:ac:15:bf:
01:ba:f5:f3:02:bd:7f:62:6f:03:c4:ae:de:f9:b5:
6d:92:7b:44:6c:9c:a4:b8:8b:f0:95:27:14:cb:32:
80:d0:54:c2:d8:93:99:bc:d0:9b:ad:a3:80:ae:20:
ed:5a:4f:62:32:b7:2d:da:96:a6:8c:63:13:f3:74:
c0:e7:63:1a:7e:49:8f:c9:39:e9:77:07:c8:eb:df:
5b:56:4f:17:24:ae:ca:f6:ae:27:b4:cd:49:b6:ce:
b4:7e:ca:0c:81:7e:0a:68:95:52:c3:91:37:5c:3b:
53:2c:ab:8a:d1:fb:4d:8b:69:9a:b5:fd:c8:7b:69:
79:f3:08:05:9d:a4:27:ba:63:f3:bc:09:4d:a9:9c:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:66:F3:F3:82:86:51:45:08:C7:53:C0:55:36:ED:08:4E:0E:43:7A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.217.0/24
147.79.2.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
155.117.255.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:d0:a3:90:22:39:4a:db:43:4f:db:e4:9e:45:2a:7e:7b:e3:
25:57:54:92:ce:7a:47:65:ce:7c:24:11:d4:02:f1:da:2f:00:
15:88:9f:16:60:8d:d1:2c:01:81:28:f4:c9:d5:ae:da:c8:cd:
98:53:6a:33:83:45:5b:cd:f6:ea:b2:36:01:a7:ee:4d:59:8b:
76:a4:f4:2e:f6:ae:b8:18:90:8f:08:d7:f7:5d:18:60:5b:34:
0d:8f:5a:46:8c:ab:f6:81:b3:fb:24:68:53:e6:65:59:a2:e7:
86:69:dc:c0:97:d6:ba:a8:10:4b:f0:d1:24:88:ba:1c:38:41:
dd:a5:3b:89:8f:0d:95:f6:a0:cb:99:e9:12:4c:54:ac:05:bd:
b0:3c:6b:b2:6e:a2:92:8d:ac:c3:77:bb:b8:d8:c3:0a:51:4b:
66:91:13:ce:0f:ea:3f:a5:f0:e7:24:e0:cc:46:ea:52:3a:1e:
de:8f:0d:47:71:1b:1a:4c:9c:6a:9b:e8:b5:5c:bf:da:d3:79:
88:fc:83:f3:31:18:52:28:58:6b:31:1c:e3:18:12:4b:37:13:
a1:0b:09:ae:cc:46:27:0f:bc:81:ab:16:9d:ad:fe:bb:da:eb:
ee:4f:d8:f9:6f:cf:a5:11:c5:8d:50:f6:ca:8f:b5:72:0a:c9:
d4:01:6e:f2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUAqSlCS99oJz/O3Ka/rr6Qlxk/hgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjYwMzU3MDNaFw0yNjA4MjUwNDAyMDNaMDMxMTAvBgNV
BAMTKDY4NjZGM0YzODI4NjUxNDUwOEM3NTNDMDU1MzZFRDA4NEUwRTQzN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB/oLvXUjBYAaYLzWLo9hkxjUf
+2/164KJHpDBRhxlh1fGuKRFxVjh4nWl6RqB93RhN+2VwMEgaiIDF1nHkfYVamke
c3AcWJYQQKQPZ4TZEBkf5cBxp+UqOdo6k+3/wxYSvoK1HrkwDpda0A1abyBCdRxI
hawVvwG69fMCvX9ibwPErt75tW2Se0RsnKS4i/CVJxTLMoDQVMLYk5m80Juto4Cu
IO1aT2Iyty3alqaMYxPzdMDnYxp+SY/JOel3B8jr31tWTxckrsr2rie0zUm2zrR+
ygyBfgpolVLDkTdcO1Msq4rR+02LaZq1/ch7aXnzCAWdpCe6Y/O8CU2pnKjpAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUaGbz84KGUUUIx1PAVTbtCE4OQ3owHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACPDtkD
BACTTwIDBACUh5gDBACW8fkDBACbdSYDBACbdZYDBACbdf8DBACnlMcwDQYJKoZI
hvcNAQELBQADggEBAB/Qo5AiOUrbQ0/b5J5FKn574yVXVJLOekdlznwkEdQC8dov
ABWInxZgjdEsAYEo9MnVrtrIzZhTajODRVvN9uqyNgGn7k1Zi3ak9C72rrgYkI8I
1/ddGGBbNA2PWkaMq/aBs/skaFPmZVmi54Zp3MCX1rqoEEvw0SSIuhw4Qd2lO4mP
DZX2oMuZ6RJMVKwFvbA8a7JuopKNrMN3u7jYwwpRS2aRE84P6j+l8Ock4MxG6lI6
Ht6PDUdxGxpMnGqb6LVcv9rTeYj8g/MxGFIoWGsxHOMYEks3E6ELCa7MRicPvIGr
Fp2t/rva6+5P2Plvz6URxY1Q9sqPtXIKydQBbvI=
-----END CERTIFICATE-----
Generated at Fri Sep 19 16:55:48 2025 by rpki-client