Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: NKrkHgKCPgnAj68t/Go5Ps1nv4a16qlE5+ti69vdh60=
Subject key identifier: 2F:D3:F7:90:33:60:AC:B9:48:B3:95:A0:C4:E7:5D:23:B8:99:CC:3A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 28045E56C6E492B99CAE5DCEE415212026FB4CB1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Mon 23 Jun 2025 09:12:54 +0000
ROA not before: Mon 23 Jun 2025 09:07:54 +0000
ROA not after: Mon 22 Jun 2026 09:12:54 +0000
asID: 31715
IP address blocks: 140.150.235.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.145.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:04:5e:56:c6:e4:92:b9:9c:ae:5d:ce:e4:15:21:20:26:fb:4c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 23 09:07:54 2025 GMT
Not After : Jun 22 09:12:54 2026 GMT
Subject: CN=2FD3F7903360ACB948B395A0C4E75D23B899CC3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8e:01:74:97:9e:b6:96:f7:df:f0:0a:78:cf:
6a:96:74:0e:ce:92:ab:34:8e:d6:00:0c:29:56:20:
c7:8c:a9:b9:c1:19:d5:f8:7e:db:d0:95:df:84:69:
22:6f:3f:f8:1b:50:ad:ca:bd:27:30:d7:51:a6:24:
6e:c2:a5:30:88:40:c2:79:30:cc:3e:86:5e:ca:c7:
7f:1a:f5:03:95:08:43:72:9d:5f:f1:2e:5f:dc:a8:
7b:cd:27:df:da:f6:0f:f4:7e:ac:8c:07:2e:e5:64:
66:28:84:d4:bd:83:81:a8:ba:a2:99:17:d8:de:09:
17:6d:87:2e:f4:12:62:37:27:d5:b7:c0:4c:65:0b:
71:69:cb:bd:17:ec:7b:77:b3:c5:9d:9a:f2:c7:4d:
97:27:3b:ca:b3:e1:b1:6e:86:47:5a:98:a8:a3:29:
b4:71:7a:af:d0:58:48:81:9a:67:3e:aa:d8:e1:86:
c7:00:69:64:18:19:ad:d6:11:88:92:55:52:b4:47:
d9:84:07:8c:32:94:41:66:30:84:80:f3:fe:b8:3c:
21:84:6d:cf:21:ed:17:72:ce:2c:d9:43:c3:23:82:
12:b0:f7:a0:42:bb:b0:53:ad:12:11:a2:b7:4e:a4:
5d:ba:fb:08:a4:82:cc:76:fb:12:53:7d:c0:82:9e:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D3:F7:90:33:60:AC:B9:48:B3:95:A0:C4:E7:5D:23:B8:99:CC:3A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.235.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.145.0/24
155.117.150.0/24
155.117.227.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
21:96:2c:c0:89:38:d0:b6:b0:8c:a9:25:85:36:f9:30:26:d7:
2c:3c:95:92:aa:a3:0d:3e:5d:bf:a3:d0:87:de:4b:b9:c9:77:
56:2b:bc:0d:fe:85:11:5f:db:a3:d9:93:a0:35:d7:d1:af:c6:
ed:74:ea:c7:4a:3f:b9:f1:c1:35:81:e6:d3:d0:ab:2c:86:73:
c8:55:78:c1:a8:fe:be:1e:e2:17:6a:c3:5d:53:b8:ce:e6:0b:
67:c6:68:a3:00:7f:ab:a2:6e:64:6d:56:29:79:d2:bc:ef:3c:
7e:3e:07:15:a0:52:a0:2a:60:91:b5:2e:a2:8b:16:06:f3:73:
97:07:24:ba:a9:9a:b0:63:f7:de:4b:85:ec:ec:ff:8c:cd:6b:
3f:92:61:8c:d6:aa:c2:c6:15:58:bb:8e:60:8c:cf:ec:8b:e8:
a3:64:26:04:25:51:ae:2b:ef:03:b2:f0:9a:e1:b5:f7:3c:93:
00:aa:9c:54:8e:53:6d:c8:bd:ee:0e:04:e7:7b:54:4b:aa:ce:
d2:d6:45:2d:ec:a4:25:c1:a6:fe:e4:7a:5e:6e:a6:a2:35:64:
06:af:c1:18:4f:84:b4:fc:3f:97:04:88:dc:63:99:bf:c1:fb:
78:69:00:52:da:32:b8:89:24:ac:04:a9:2d:35:88:61:5c:bf:
98:02:2f:fe
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUKAReVsbkkrmcrl3O5BUhICb7TLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjMwOTA3NTRaFw0yNjA2MjIwOTEyNTRaMDMxMTAvBgNV
BAMTKDJGRDNGNzkwMzM2MEFDQjk0OEIzOTVBMEM0RTc1RDIzQjg5OUNDM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPjgF0l562lvff8Ap4z2qWdA7O
kqs0jtYADClWIMeMqbnBGdX4ftvQld+EaSJvP/gbUK3KvScw11GmJG7CpTCIQMJ5
MMw+hl7Kx38a9QOVCENynV/xLl/cqHvNJ9/a9g/0fqyMBy7lZGYohNS9g4GouqKZ
F9jeCRdthy70EmI3J9W3wExlC3Fpy70X7Ht3s8WdmvLHTZcnO8qz4bFuhkdamKij
KbRxeq/QWEiBmmc+qtjhhscAaWQYGa3WEYiSVVK0R9mEB4wylEFmMISA8/64PCGE
bc8h7RdyzizZQ8MjghKw96BCu7BTrRIRordOpF26+wikgsx2+xJTfcCCnvvnAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUL9P3kDNgrLlIs5WgxOddI7iZzDowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBACMlusD
BACUh5gDBACW8fkDBACbdSYDBACbdZEDBACbdZYDBACbdeMDBACnlMcwDQYJKoZI
hvcNAQELBQADggEBACGWLMCJONC2sIypJYU2+TAm1yw8lZKqow0+Xb+j0IfeS7nJ
d1YrvA3+hRFf26PZk6A119Gvxu106sdKP7nxwTWB5tPQqyyGc8hVeMGo/r4e4hdq
w11TuM7mC2fGaKMAf6uibmRtVil50rzvPH4+BxWgUqAqYJG1LqKLFgbzc5cHJLqp
mrBj995Lhezs/4zNaz+SYYzWqsLGFVi7jmCMz+yL6KNkJgQlUa4r7wOy8Jrhtfc8
kwCqnFSOU23Ive4OBOd7VEuqztLWRS3spCXBpv7kel5upqI1ZAavwRhPhLT8P5cE
iNxjmb/B+3hpAFLaMriJJKwEqS01iGFcv5gCL/4=
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:44:38 2025 by rpki-client