Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: 9dkVDpRbJXrlT4AHHH8cjk+GOrtkkaE8w+3UsWjkOWA=
Subject key identifier: 5F:D2:C1:AE:1F:E1:F6:86:2B:78:00:7A:B1:42:4A:D4:B0:0B:00:3F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 53343AC08DE66766F2D0F6E6F543303833E3A32A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
Signing time: Fri 01 May 2026 12:19:39 +0000
ROA not before: Fri 01 May 2026 12:14:39 +0000
ROA not after: Fri 30 Apr 2027 12:19:39 +0000
asID: 31898
IP address blocks: 2a14:7581:f00::/44 maxlen: 48
2a14:7581:9811::/48 maxlen: 48
2a14:7583:b000::/36 maxlen: 48
2a14:7586::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:34:3a:c0:8d:e6:67:66:f2:d0:f6:e6:f5:43:30:38:33:e3:a3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 1 12:14:39 2026 GMT
Not After : Apr 30 12:19:39 2027 GMT
Subject: CN=5FD2C1AE1FE1F6862B78007AB1424AD4B00B003F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:44:51:98:a3:71:46:4c:07:77:f5:02:ee:7a:
3e:7d:d6:b3:98:e6:49:40:18:d9:b1:02:32:b4:d1:
ef:af:9a:bc:fd:fe:52:ab:1a:ee:77:0a:7f:d8:cd:
04:0f:46:c4:39:a4:bf:79:24:ee:32:dc:5f:d5:d3:
fe:05:4f:4e:89:ff:04:67:07:cf:cb:29:61:98:a4:
46:c6:80:ee:a9:03:fa:02:20:84:2c:c5:bf:1e:9a:
67:5d:a8:69:a3:28:23:80:71:30:21:58:bc:c1:6d:
35:3a:5a:a2:a6:a6:d7:08:80:d6:d3:5b:ff:57:40:
3b:87:7b:94:4b:41:bf:a9:f6:a4:0b:18:36:cd:07:
bc:d0:cc:e5:18:fd:9d:05:34:5c:bb:00:78:81:0b:
28:59:17:87:13:4c:95:45:0d:ec:ec:fe:e5:01:47:
30:a7:d1:a8:ca:50:ee:e6:8f:f0:5c:95:e1:93:e7:
d9:07:67:09:95:05:8c:27:e2:0e:dc:0a:fc:a9:a2:
79:b9:25:ff:4f:f0:5e:02:56:eb:9e:81:ad:80:ee:
ad:e8:c7:f3:97:46:62:9e:16:48:22:c1:1e:db:30:
f6:b3:65:c6:18:e7:6a:94:e4:b0:a0:d5:70:80:41:
95:88:b1:5f:6b:b8:ea:75:9b:b4:71:40:59:48:fd:
4d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D2:C1:AE:1F:E1:F6:86:2B:78:00:7A:B1:42:4A:D4:B0:0B:00:3F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f00::/44
2a14:7581:9811::/48
2a14:7583:b000::/36
2a14:7586::/36
Signature Algorithm: sha256WithRSAEncryption
80:0a:b7:48:bd:d4:a0:14:63:89:56:aa:38:0d:79:c3:d6:78:
e4:80:d8:39:bd:ca:aa:50:ec:a7:4e:ef:9b:c5:36:71:e6:8f:
14:d3:75:41:47:fc:95:a2:da:b0:b8:64:05:73:5a:bb:72:49:
c4:5a:4c:75:a8:b9:cd:31:3f:38:31:32:c9:80:6d:c3:e1:86:
70:ac:02:3c:b8:b5:1e:99:8d:d8:1b:81:f7:81:ea:2c:ad:0b:
38:a3:27:f7:5f:ba:78:e5:cd:be:0d:f1:c6:8c:29:6e:fd:d7:
4e:38:c9:6b:19:56:8c:6a:8f:d0:ba:d4:b6:40:e7:84:4e:cc:
8f:5f:ba:fd:18:68:b8:f6:3c:60:0a:31:e1:80:ff:1c:67:ae:
1a:3e:f9:ed:b3:71:77:d1:9f:09:54:f9:20:6a:b4:11:f2:04:
0f:23:2b:ed:20:b4:ee:c5:83:1c:28:04:a2:53:e4:c9:4d:02:
05:fd:0d:71:c4:33:bc:e9:a9:13:fa:74:5c:41:21:e2:e8:62:
e8:9e:d5:94:2e:13:09:02:70:ec:27:9a:3a:86:d9:23:78:3e:
f0:df:7e:b0:7e:5b:65:be:15:be:d8:50:4a:79:0d:82:02:ce:
5e:02:b5:8e:f5:09:c0:69:fc:ca:b7:be:69:d2:c2:4d:fe:2e:
78:31:ff:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUUzQ6wI3mZ2by0Pbm9UMwODPjoyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MDExMjE0MzlaFw0yNzA0MzAxMjE5MzlaMDMxMTAvBgNV
BAMTKDVGRDJDMUFFMUZFMUY2ODYyQjc4MDA3QUIxNDI0QUQ0QjAwQjAwM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNRFGYo3FGTAd39QLuej591rOY
5klAGNmxAjK00e+vmrz9/lKrGu53Cn/YzQQPRsQ5pL95JO4y3F/V0/4FT06J/wRn
B8/LKWGYpEbGgO6pA/oCIIQsxb8emmddqGmjKCOAcTAhWLzBbTU6WqKmptcIgNbT
W/9XQDuHe5RLQb+p9qQLGDbNB7zQzOUY/Z0FNFy7AHiBCyhZF4cTTJVFDezs/uUB
RzCn0ajKUO7mj/BcleGT59kHZwmVBYwn4g7cCvyponm5Jf9P8F4CVuuega2A7q3o
x/OXRmKeFkgiwR7bMPazZcYY52qU5LCg1XCAQZWIsV9ruOp1m7RxQFlI/U1bAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQUX9LBrh/h9oYreAB6sUJK1LALAD8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgACMCIDBwQqFHWB
DwADBwAqFHWBmBEDBgQqFHWDsAMGBCoUdYYAMA0GCSqGSIb3DQEBCwUAA4IBAQCA
CrdIvdSgFGOJVqo4DXnD1njkgNg5vcqqUOynTu+bxTZx5o8U03VBR/yVotqwuGQF
c1q7cknEWkx1qLnNMT84MTLJgG3D4YZwrAI8uLUemY3YG4H3geosrQs4oyf3X7p4
5c2+DfHGjClu/ddOOMlrGVaMao/QutS2QOeETsyPX7r9GGi49jxgCjHhgP8cZ64a
Pvnts3F30Z8JVPkgarQR8gQPIyvtILTuxYMcKASiU+TJTQIF/Q1xxDO86akT+nRc
QSHi6GLontWULhMJAnDsJ5o6htkjeD7w336wfltlvhW+2FBKeQ2CAs5eArWO9QnA
afzKt75p0sJN/i54Mf8x
-----END CERTIFICATE-----
Generated at Tue May 12 22:01:20 2026 by rpki-client