Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: hxBlJCP+mQ45yYpnTAXjMzN70HduN6Zk9QXcx91c1E8=
Subject key identifier: F6:1E:18:DF:2F:AB:78:4B:02:C5:DD:72:AE:E9:FB:B0:6A:7B:BC:38
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 221EC2B23D0B20B7A461396FCDF2EB95E44039A0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Thu 23 Apr 2026 00:05:15 +0000
ROA not before: Thu 23 Apr 2026 00:00:15 +0000
ROA not after: Thu 22 Apr 2027 00:05:15 +0000
asID: 31715
IP address blocks: 148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
162.141.106.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
168.222.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:1e:c2:b2:3d:0b:20:b7:a4:61:39:6f:cd:f2:eb:95:e4:40:39:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 23 00:00:15 2026 GMT
Not After : Apr 22 00:05:15 2027 GMT
Subject: CN=F61E18DF2FAB784B02C5DD72AEE9FBB06A7BBC38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ae:85:c4:46:47:7e:bf:a2:e2:8a:db:8b:d7:
de:2a:75:a6:1e:18:66:67:9e:b6:31:5b:78:0f:c6:
29:5b:2e:18:82:c1:90:2f:18:e8:e5:59:62:fc:71:
14:3a:a9:f4:aa:f8:d4:b2:e6:7a:9a:7e:36:b6:f0:
35:68:7f:01:d0:44:03:b9:6b:df:05:a2:f6:28:5f:
4d:4d:c4:0b:ad:09:d2:55:03:30:42:be:ee:5c:51:
ad:83:6e:0d:e4:3c:4a:19:18:8a:ec:d3:c0:21:22:
52:74:73:05:4b:0a:51:1c:9d:fe:12:1e:05:9a:86:
3f:13:f1:a6:f4:17:d8:62:67:6a:53:39:12:a9:b5:
6a:2a:4d:64:02:e3:62:c2:e8:6b:39:6f:2c:39:f7:
5e:56:4b:ea:dd:3a:ed:d2:f8:67:9e:5c:eb:7f:c5:
a7:60:61:d6:bf:9f:81:ad:d5:3f:0d:0f:3d:c6:54:
69:5c:fc:32:6f:3d:9b:84:be:35:66:c8:28:65:04:
41:d2:c9:22:5d:e6:e3:9e:6b:9b:63:69:e8:80:eb:
e5:e8:99:d0:03:24:58:87:56:5f:9f:12:a5:c6:7f:
8f:62:4a:12:e8:9f:d1:b7:0c:ca:6e:de:fc:04:85:
ec:d7:3a:81:7b:3a:12:26:d7:7c:a8:35:3d:6d:66:
1b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1E:18:DF:2F:AB:78:4B:02:C5:DD:72:AE:E9:FB:B0:6A:7B:BC:38
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.152.0/24
150.241.249.0/24
162.141.106.0/24
167.148.199.0/24
168.222.104.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:57:20:a7:69:43:b4:b8:b7:9c:a6:5c:7a:3a:d4:67:10:4e:
3c:40:82:c4:1e:ef:78:63:85:93:1a:b5:99:34:00:90:d5:a2:
37:79:08:b0:d1:66:bd:1e:65:ac:22:a1:c1:a5:55:3a:05:b2:
aa:74:ef:fc:41:58:9d:e6:73:b1:6a:ad:51:5a:a5:4a:0e:e1:
fe:8f:62:e0:da:d9:9d:fd:a3:76:a0:f1:5c:01:36:cb:2f:67:
ef:f0:35:61:22:c6:4a:22:ee:d0:38:0d:f6:01:63:cb:73:2d:
21:97:37:66:28:34:37:b3:65:c2:ba:b0:af:f6:b8:d7:e1:93:
20:e8:36:1b:94:c1:46:40:6a:cd:6f:37:56:2a:22:5d:8b:4c:
ff:fb:b0:9c:ad:76:0e:09:3e:4d:f6:b3:f0:b5:46:f7:40:73:
3c:1e:66:69:d7:cf:64:9d:66:ba:a7:2e:43:60:78:58:7d:4a:
3a:81:f4:9f:a7:05:7a:a0:8c:e8:b8:e1:e1:f9:7a:a1:f4:67:
8d:ef:b5:78:59:02:30:db:98:04:16:62:59:06:96:5b:08:c0:
5e:b6:67:9e:8b:ad:f2:94:f2:05:d0:8c:61:27:75:c2:de:f1:
ec:e7:58:bf:65:ac:03:fc:7e:01:b1:e5:06:3e:82:cf:c6:53:
dc:2a:0e:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUIh7Csj0LILekYTlvzfLrleRAOaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjMwMDAwMTVaFw0yNzA0MjIwMDA1MTVaMDMxMTAvBgNV
BAMTKEY2MUUxOERGMkZBQjc4NEIwMkM1REQ3MkFFRTlGQkIwNkE3QkJDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDproXERkd+v6LiituL194qdaYe
GGZnnrYxW3gPxilbLhiCwZAvGOjlWWL8cRQ6qfSq+NSy5nqafja28DVofwHQRAO5
a98FovYoX01NxAutCdJVAzBCvu5cUa2Dbg3kPEoZGIrs08AhIlJ0cwVLClEcnf4S
HgWahj8T8ab0F9hiZ2pTORKptWoqTWQC42LC6Gs5byw5915WS+rdOu3S+GeeXOt/
xadgYda/n4Gt1T8NDz3GVGlc/DJvPZuEvjVmyChlBEHSySJd5uOea5tjaeiA6+Xo
mdADJFiHVl+fEqXGf49iShLon9G3DMpu3vwEhezXOoF7OhIm13yoNT1tZhuXAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU9h4Y3y+reEsCxd1yrun7sGp7vDgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh5gD
BACW8fkDBACijWoDBACnlMcDBACo3mgwDQYJKoZIhvcNAQELBQADggEBAF5XIKdp
Q7S4t5ymXHo61GcQTjxAgsQe73hjhZMatZk0AJDVojd5CLDRZr0eZawiocGlVToF
sqp07/xBWJ3mc7FqrVFapUoO4f6PYuDa2Z39o3ag8VwBNssvZ+/wNWEixkoi7tA4
DfYBY8tzLSGXN2YoNDezZcK6sK/2uNfhkyDoNhuUwUZAas1vN1YqIl2LTP/7sJyt
dg4JPk32s/C1RvdAczweZmnXz2SdZrqnLkNgeFh9SjqB9J+nBXqgjOi44eH5eqH0
Z43vtXhZAjDbmAQWYlkGllsIwF62Z56LrfKU8gXQjGEndcLe8eznWL9lrAP8fgGx
5QY+gs/GU9wqDl8=
-----END CERTIFICATE-----
Generated at Wed May 13 00:17:39 2026 by rpki-client