Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: jAYbLhoDwBfDQx7qSii8AVgbVjxHCkwbzP3D+FLlNCU=
Subject key identifier: E2:F5:8C:08:0F:8E:DF:78:0B:39:DE:AC:27:20:C0:EE:E2:DF:E0:33
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 47B0AF393FD9B5C0C85FC0651FBBE0ED5E090DEF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Thu 21 Aug 2025 00:00:10 +0000
ROA not before: Wed 20 Aug 2025 23:55:10 +0000
ROA not after: Thu 20 Aug 2026 00:00:10 +0000
asID: 31715
IP address blocks: 143.14.217.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.255.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b0:af:39:3f:d9:b5:c0:c8:5f:c0:65:1f:bb:e0:ed:5e:09:0d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 20 23:55:10 2025 GMT
Not After : Aug 20 00:00:10 2026 GMT
Subject: CN=E2F58C080F8EDF780B39DEAC2720C0EEE2DFE033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:52:b5:5d:b6:72:f0:0e:9c:33:85:e2:0d:cd:
12:5d:bf:04:35:5d:2b:9b:1e:aa:fa:63:a1:7f:37:
33:54:cf:79:ba:3f:bc:e5:8d:c4:51:7c:ad:e3:6a:
8e:f5:3b:36:2e:41:a9:60:0e:f8:65:64:35:2e:df:
dd:00:f3:6d:16:db:fe:31:6d:32:fb:96:e6:d2:8e:
48:3b:68:02:d6:be:d7:29:cb:c1:94:70:05:ad:83:
e5:a8:86:a6:98:f1:44:72:af:e8:31:38:e1:c6:cf:
24:8d:48:da:70:92:e7:c9:78:f9:b8:e0:e7:85:9b:
79:37:b3:24:6a:37:36:98:d5:9a:82:32:ab:39:53:
69:1b:8c:3a:3d:bf:c5:84:86:ba:f2:fc:9a:e0:10:
0f:4d:33:14:44:90:ae:12:58:e2:3f:fd:54:de:1e:
6b:0a:46:0e:9e:af:f3:8c:ef:1f:3b:0e:e2:98:ac:
f8:55:f2:6c:e1:4d:d8:af:d8:e6:09:8c:a0:20:d7:
86:87:f9:3e:25:23:6a:72:60:56:ce:a2:81:4b:b8:
9d:c6:79:4f:26:94:19:54:f9:79:6c:fa:71:dd:43:
59:9c:57:34:73:cf:8e:c1:6e:0c:6a:d6:74:ff:1b:
46:25:59:46:73:5e:6d:0e:e1:89:24:a8:22:a0:f7:
9f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F5:8C:08:0F:8E:DF:78:0B:39:DE:AC:27:20:C0:EE:E2:DF:E0:33
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.217.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
155.117.255.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8d:00:57:5e:b4:76:61:c1:42:c9:8d:54:96:82:56:d6:34:
0e:8a:53:08:5a:bc:e7:96:6a:16:7a:3a:4c:79:08:b2:a0:65:
3c:03:8e:34:68:1d:ec:3e:cd:2e:aa:e3:d2:4e:0c:e2:44:8d:
03:a5:98:9d:d8:ee:62:72:8a:90:f2:ec:de:e1:1a:a7:c8:cc:
cd:92:52:79:ee:ee:2f:73:f1:e0:96:31:a9:6f:11:73:02:9d:
e5:fa:38:49:15:67:7e:2f:d9:b9:f0:b7:fc:e2:69:45:ef:df:
26:d5:70:2e:c6:06:72:19:cd:35:09:89:f2:33:17:26:90:1e:
0b:83:8e:03:38:55:19:85:71:88:21:4e:b8:12:b2:0f:d2:b4:
e4:76:85:35:74:e5:68:c3:d7:4c:08:41:09:a2:c5:c1:25:8f:
36:00:0c:6a:4c:32:ba:3f:68:cb:39:29:f7:11:f6:b9:d9:4d:
19:70:7a:56:1d:ab:cf:87:98:1e:02:e1:69:99:eb:3d:78:ad:
ea:49:3c:30:36:4f:18:49:a8:15:c5:f1:2f:93:de:4c:a9:8a:
a1:2c:69:4f:57:12:de:48:cc:ba:6c:20:ab:d9:7c:61:30:d8:
f2:4f:39:62:91:f2:13:1b:93:44:9e:54:8a:90:3f:f1:c7:76:
81:9b:e6:c7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUR7CvOT/ZtcDIX8BlH7vg7V4JDe8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjAyMzU1MTBaFw0yNjA4MjAwMDAwMTBaMDMxMTAvBgNV
BAMTKEUyRjU4QzA4MEY4RURGNzgwQjM5REVBQzI3MjBDMEVFRTJERkUwMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCUrVdtnLwDpwzheINzRJdvwQ1
XSubHqr6Y6F/NzNUz3m6P7zljcRRfK3jao71OzYuQalgDvhlZDUu390A820W2/4x
bTL7lubSjkg7aALWvtcpy8GUcAWtg+WohqaY8URyr+gxOOHGzySNSNpwkufJePm4
4OeFm3k3syRqNzaY1ZqCMqs5U2kbjDo9v8WEhrry/JrgEA9NMxREkK4SWOI//VTe
HmsKRg6er/OM7x87DuKYrPhV8mzhTdiv2OYJjKAg14aH+T4lI2pyYFbOooFLuJ3G
eU8mlBlU+Xls+nHdQ1mcVzRzz47Bbgxq1nT/G0YlWUZzXm0O4YkkqCKg95+fAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU4vWMCA+O33gLOd6sJyDA7uLf4DMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPDtkD
BACUh5gDBACW8fkDBACbdSYDBACbdZYDBACbdf8DBACnlMcwDQYJKoZIhvcNAQEL
BQADggEBAIGNAFdetHZhwULJjVSWglbWNA6KUwhavOeWahZ6Okx5CLKgZTwDjjRo
Hew+zS6q49JODOJEjQOlmJ3Y7mJyipDy7N7hGqfIzM2SUnnu7i9z8eCWMalvEXMC
neX6OEkVZ34v2bnwt/ziaUXv3ybVcC7GBnIZzTUJifIzFyaQHguDjgM4VRmFcYgh
TrgSsg/StOR2hTV05WjD10wIQQmixcEljzYADGpMMro/aMs5KfcR9rnZTRlwelYd
q8+HmB4C4WmZ6z14repJPDA2TxhJqBXF8S+T3kypiqEsaU9XEt5IzLpsIKvZfGEw
2PJPOWKR8hMbk0SeVIqQP/HHdoGb5sc=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:53:47 2025 by rpki-client