Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: 0FH2TbXKO1KwWYayyM4mcqzA8hUKcpGvqf8+M2smuV0=
Subject key identifier: 67:12:D1:34:5A:94:2B:89:9D:B5:9C:CB:8A:3C:D9:9A:73:8D:2C:69
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 135F7431B6385AAED4A8A88B01EE5D716A8AE37F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Fri 26 Sep 2025 12:32:40 +0000
ROA not before: Fri 26 Sep 2025 12:27:40 +0000
ROA not after: Fri 25 Sep 2026 12:32:40 +0000
asID: 31715
IP address blocks: 143.14.217.0/24 maxlen: 24
147.79.2.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:5f:74:31:b6:38:5a:ae:d4:a8:a8:8b:01:ee:5d:71:6a:8a:e3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Sep 26 12:27:40 2025 GMT
Not After : Sep 25 12:32:40 2026 GMT
Subject: CN=6712D1345A942B899DB59CCB8A3CD99A738D2C69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2d:3d:99:30:0d:59:1d:d5:cf:15:31:49:01:
a9:fb:18:41:0f:9f:e9:00:3b:72:b6:e7:e5:ff:a7:
10:b2:90:fc:33:97:ab:19:bb:e5:76:b7:21:16:1d:
31:c9:62:c8:c4:17:a6:7e:be:87:99:cb:26:f3:4c:
ea:75:42:43:0b:e6:3e:06:78:68:bd:d8:84:d9:4f:
00:f6:f9:90:e1:67:dc:c5:b0:39:c3:2c:3b:47:ed:
a5:6c:24:7a:f5:d8:e3:92:b1:8a:48:44:2d:71:3a:
7d:7c:43:ae:26:90:7e:ad:45:47:90:f1:d6:fa:9f:
7b:93:22:27:79:41:b8:d2:49:5e:5b:e0:18:fb:4a:
0f:41:3a:a8:de:dc:db:73:e0:fa:f0:e6:0c:71:87:
b4:fa:97:bf:2c:fe:1b:db:a3:8c:87:82:e4:e8:bf:
05:a3:b4:22:37:c8:24:e0:f6:2b:45:7f:2c:42:2c:
84:d5:43:bb:57:43:7c:45:39:eb:e3:56:27:53:39:
d4:70:54:bf:c3:c9:57:0c:eb:e6:67:3c:e1:36:9c:
fb:f4:10:c4:4b:76:7c:6f:fe:39:95:70:c8:69:1e:
ef:8b:a6:be:3d:1b:22:5b:7d:c3:4d:ec:35:9d:92:
33:62:71:9a:4a:9d:12:95:6f:3c:ae:25:4d:92:fa:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:12:D1:34:5A:94:2B:89:9D:B5:9C:CB:8A:3C:D9:9A:73:8D:2C:69
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.217.0/24
147.79.2.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:5d:41:79:d2:8c:ae:d5:6e:87:22:0f:89:6d:d8:70:04:bb:
c1:cf:5a:95:1f:65:61:24:de:25:33:f5:e0:6d:5e:df:77:95:
94:c7:cd:23:65:73:ce:1b:31:f2:3a:9a:6b:73:ca:0c:e9:bc:
fa:db:18:60:ba:63:42:7a:3c:1f:f8:48:ba:34:18:f6:24:b2:
de:91:96:0d:e5:69:91:8b:68:af:6a:5b:0e:c8:2e:9b:3a:c2:
52:73:9e:75:f2:0b:fb:1b:6a:83:c0:30:62:fe:be:af:18:b2:
3d:33:eb:37:b7:f0:24:03:3a:b1:f9:3c:87:98:c1:05:9b:13:
96:c2:ff:8c:da:48:40:ea:18:ff:83:8e:e6:ab:1f:d5:1a:39:
61:85:4d:59:3b:34:d6:0b:25:1f:0d:77:20:a2:75:1d:d0:af:
76:7c:e8:04:b0:ca:db:d2:32:b3:32:43:b2:61:a9:c7:bc:a8:
be:71:87:2d:d7:da:9e:8e:da:1b:f2:2b:4c:bd:20:3d:5e:0e:
0a:5e:fe:7f:61:27:65:28:ac:a1:84:27:d7:9a:9f:76:27:f4:
3a:ff:1b:c5:58:a7:b3:d2:bc:8f:19:25:4f:04:99:1b:1e:e8:
25:67:92:74:87:c7:77:a3:d4:59:a9:7e:81:1a:5d:fc:a6:6a:
b8:0b:1a:32
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUE190MbY4Wq7UqKiLAe5dcWqK438wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MjYxMjI3NDBaFw0yNjA5MjUxMjMyNDBaMDMxMTAvBgNV
BAMTKDY3MTJEMTM0NUE5NDJCODk5REI1OUNDQjhBM0NEOTlBNzM4RDJDNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaLT2ZMA1ZHdXPFTFJAan7GEEP
n+kAO3K25+X/pxCykPwzl6sZu+V2tyEWHTHJYsjEF6Z+voeZyybzTOp1QkML5j4G
eGi92ITZTwD2+ZDhZ9zFsDnDLDtH7aVsJHr12OOSsYpIRC1xOn18Q64mkH6tRUeQ
8db6n3uTIid5QbjSSV5b4Bj7Sg9BOqje3Ntz4Prw5gxxh7T6l78s/hvbo4yHguTo
vwWjtCI3yCTg9itFfyxCLITVQ7tXQ3xFOevjVidTOdRwVL/DyVcM6+ZnPOE2nPv0
EMRLdnxv/jmVcMhpHu+Lpr49GyJbfcNN7DWdkjNicZpKnRKVbzyuJU2S+gQRAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUZxLRNFqUK4mdtZzLijzZmnONLGkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPDtkD
BACTTwIDBACUh5gDBACW8fkDBACbdSYDBACbdZYDBACnlMcwDQYJKoZIhvcNAQEL
BQADggEBAKhdQXnSjK7VbociD4lt2HAEu8HPWpUfZWEk3iUz9eBtXt93lZTHzSNl
c84bMfI6mmtzygzpvPrbGGC6Y0J6PB/4SLo0GPYkst6Rlg3laZGLaK9qWw7ILps6
wlJznnXyC/sbaoPAMGL+vq8Ysj0z6ze38CQDOrH5PIeYwQWbE5bC/4zaSEDqGP+D
juarH9UaOWGFTVk7NNYLJR8NdyCidR3Qr3Z86ASwytvSMrMyQ7Jhqce8qL5xhy3X
2p6O2hvyK0y9ID1eDgpe/n9hJ2UorKGEJ9ean3Yn9Dr/G8VYp7PSvI8ZJU8EmRse
6CVnknSHx3ej1FmpfoEaXfymargLGjI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:27:16 2025 by rpki-client