Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: q1Gcca2SuuZJ06MotenzerRnx+sAuHj0zgKB5Ha297Q=
Subject key identifier: A2:96:99:B2:89:98:6A:A2:F6:14:5B:A1:3B:87:A1:D6:B4:4B:43:B4
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 75F8D7617F4F68114976521FDAC4AA7EEF082992
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS31715.roa
Signing time: Mon 27 Oct 2025 11:01:45 +0000
ROA not before: Mon 27 Oct 2025 10:56:45 +0000
ROA not after: Mon 26 Oct 2026 11:01:45 +0000
asID: 31715
IP address blocks: 143.20.45.0/24 maxlen: 24
143.20.83.0/24 maxlen: 24
143.20.94.0/24 maxlen: 24
143.20.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f8:d7:61:7f:4f:68:11:49:76:52:1f:da:c4:aa:7e:ef:08:29:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 27 10:56:45 2025 GMT
Not After : Oct 26 11:01:45 2026 GMT
Subject: CN=A29699B289986AA2F6145BA13B87A1D6B44B43B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:8c:f4:c0:d6:71:1b:0d:19:22:a8:ff:df:
1c:46:8a:68:17:2e:8a:06:e4:5f:78:82:03:d8:8b:
25:ff:1b:89:25:e9:35:71:3b:6b:8a:57:bd:5c:e8:
92:a1:60:93:ec:fd:a6:da:81:4e:db:98:de:e8:3e:
1b:61:41:50:50:25:97:7c:bd:ab:23:4d:e6:04:b2:
06:de:a2:f4:5b:ae:1c:12:a8:14:b4:ee:5b:f9:76:
24:49:02:bc:09:17:19:7e:77:73:ca:3a:77:fc:9a:
1c:3b:95:a0:96:5b:61:69:37:91:c2:d0:af:b1:ff:
74:48:41:3b:98:5e:68:cd:a1:a3:30:84:2f:ee:92:
00:5a:00:d4:7d:b0:86:b4:86:fa:a9:1c:c8:81:63:
69:e8:7d:2a:1f:e3:df:37:8b:84:d3:86:0e:eb:07:
78:fc:c5:50:9e:ee:9c:1d:c5:e0:74:32:92:9a:dc:
04:cb:b6:93:32:36:75:b5:b8:cd:2a:d8:45:b3:17:
5f:2f:07:e5:75:7d:07:73:7b:a9:aa:b3:12:16:0a:
f8:ca:f7:03:48:bd:ad:57:ba:39:52:c8:26:86:cc:
59:1e:4f:b4:90:c4:11:7f:10:41:a6:69:fe:d7:8f:
6d:a0:db:e5:65:1b:0b:68:d6:50:5a:fb:8f:c8:f8:
6c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:96:99:B2:89:98:6A:A2:F6:14:5B:A1:3B:87:A1:D6:B4:4B:43:B4
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.45.0/24
143.20.83.0/24
143.20.94.0/24
143.20.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:99:5e:17:25:22:38:98:f4:2b:ab:1f:15:a4:15:96:f7:4c:
c2:ca:73:01:ed:96:a5:dd:33:8d:33:27:65:ea:90:81:fa:d6:
d0:0f:de:69:7b:35:1e:c0:39:ef:3f:8d:40:c0:f2:8a:93:6e:
19:c6:f3:5b:c2:64:b9:7c:b6:f2:6b:d9:2c:de:71:3f:6e:fb:
3f:b0:bf:a5:7a:fa:ae:25:c5:78:ba:d6:80:02:89:e0:fa:83:
3f:8a:66:42:be:51:9f:6c:1f:64:58:a4:b6:86:b7:4f:53:a8:
e2:f9:af:0c:df:ea:89:0f:e0:46:0f:a3:48:ad:c1:f0:63:10:
48:d9:51:93:25:fe:8b:9c:27:fa:c1:8c:f9:5b:72:6a:75:07:
82:c4:32:6e:2d:59:be:e7:90:58:c0:1c:89:b7:f4:33:47:ee:
1b:8b:0f:9e:1d:88:a2:08:c2:60:74:27:53:15:66:c1:ac:cf:
aa:be:83:53:3b:9b:a0:68:27:5e:60:5e:71:11:d4:d5:74:50:
98:de:54:33:b5:a1:b4:83:b5:04:42:94:ec:7d:cb:2d:5c:46:
27:b5:55:38:fe:10:f0:4e:37:a8:09:34:a4:3c:b2:c1:f1:74:
c1:b1:ea:a4:82:d8:79:5a:ed:c1:3b:63:ab:83:f2:67:f3:bf:
be:fb:51:b6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUdfjXYX9PaBFJdlIf2sSqfu8IKZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjcxMDU2NDVaFw0yNjEwMjYxMTAxNDVaMDMxMTAvBgNV
BAMTKEEyOTY5OUIyODk5ODZBQTJGNjE0NUJBMTNCODdBMUQ2QjQ0QjQzQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVsIz0wNZxGw0ZIqj/3xxGimgX
LooG5F94ggPYiyX/G4kl6TVxO2uKV71c6JKhYJPs/abagU7bmN7oPhthQVBQJZd8
vasjTeYEsgbeovRbrhwSqBS07lv5diRJArwJFxl+d3PKOnf8mhw7laCWW2FpN5HC
0K+x/3RIQTuYXmjNoaMwhC/ukgBaANR9sIa0hvqpHMiBY2nofSof4983i4TThg7r
B3j8xVCe7pwdxeB0MpKa3ATLtpMyNnW1uM0q2EWzF18vB+V1fQdze6mqsxIWCvjK
9wNIva1XujlSyCaGzFkeT7SQxBF/EEGmaf7Xj22g2+VlGwto1lBa+4/I+Gw1AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUopaZsomYaqL2FFuhO4eh1rRLQ7QwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACPFC0D
BACPFFMDBACPFF4DBACPFHUwDQYJKoZIhvcNAQELBQADggEBAE+ZXhclIjiY9Cur
HxWkFZb3TMLKcwHtlqXdM40zJ2XqkIH61tAP3ml7NR7AOe8/jUDA8oqTbhnG81vC
ZLl8tvJr2SzecT9u+z+wv6V6+q4lxXi61oACieD6gz+KZkK+UZ9sH2RYpLaGt09T
qOL5rwzf6okP4EYPo0itwfBjEEjZUZMl/oucJ/rBjPlbcmp1B4LEMm4tWb7nkFjA
HIm39DNH7huLD54diKIIwmB0J1MVZsGsz6q+g1M7m6BoJ15gXnER1NV0UJjeVDO1
obSDtQRClOx9yy1cRie1VTj+EPBON6gJNKQ8ssHxdMGx6qSC2Hla7cE7Y6uD8mfz
v777UbY=
-----END CERTIFICATE-----
Generated at Tue Nov 4 05:33:12 2025 by rpki-client