Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: E+iKEoMzziEpA0iWamVdD6Kzyw0wTjT9THeBnwF/iDM=
Subject key identifier: 6B:31:1C:6B:E6:DB:7C:BA:82:45:A6:50:82:E5:31:16:9E:6B:B9:69
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 11776A861DA3EBB9C0E531E7DDCCE64473C70867
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS31898.roa
Signing time: Thu 19 Jun 2025 09:01:25 +0000
ROA not before: Thu 19 Jun 2025 08:56:25 +0000
ROA not after: Thu 18 Jun 2026 09:01:25 +0000
asID: 31898
IP address blocks: 176.53.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:77:6a:86:1d:a3:eb:b9:c0:e5:31:e7:dd:cc:e6:44:73:c7:08:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 19 08:56:25 2025 GMT
Not After : Jun 18 09:01:25 2026 GMT
Subject: CN=6B311C6BE6DB7CBA8245A65082E531169E6BB969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:58:85:c1:c3:a5:f2:fa:92:fa:f2:98:fd:
15:e3:06:16:8e:54:1a:98:9d:f3:42:29:95:1e:f3:
2d:f7:9b:90:02:4f:5e:2e:e1:13:43:8f:1a:44:d2:
9a:51:6a:05:4f:b6:18:e4:90:9a:be:24:30:99:21:
70:2c:07:a0:4d:17:7f:8a:9c:4a:55:eb:a3:99:5d:
16:f9:db:5e:fe:46:ae:0a:01:fe:65:5d:06:9f:a5:
93:d9:fd:cf:f8:58:be:54:17:d0:a7:5d:5d:7d:4b:
d5:32:be:51:0f:27:c9:44:34:b1:d8:e2:9a:71:95:
56:a3:84:b1:36:8d:ce:c0:c2:66:fd:6b:76:c2:3d:
14:48:76:42:c5:83:ed:73:14:55:ab:e1:f9:2f:55:
a1:45:f4:b7:53:92:fa:89:d1:c3:a4:39:e7:f4:88:
17:b8:c6:8d:a8:22:3f:aa:eb:94:08:81:1a:71:3b:
12:ac:39:b9:62:eb:89:c9:f3:b4:4b:23:b6:70:15:
8c:c4:38:ab:81:a6:f3:a2:7f:03:7f:fb:6b:64:b5:
6d:a5:e0:75:39:15:c6:aa:60:f2:a6:03:44:6b:56:
32:9e:2b:f5:da:73:f3:4f:b8:e4:b8:4a:2a:21:2e:
57:ae:5a:4a:40:19:51:8e:1e:fe:ff:50:a0:5f:b6:
88:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:31:1C:6B:E6:DB:7C:BA:82:45:A6:50:82:E5:31:16:9E:6B:B9:69
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.156.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:37:0b:c0:e1:bd:0d:30:e2:f0:b1:80:9f:09:74:9c:6c:1c:
47:b5:46:bb:4e:e1:06:71:f0:ce:1b:f0:d8:b7:f9:9e:37:a7:
6c:18:56:a2:ea:24:26:8e:e1:35:fa:27:07:b6:98:24:70:40:
cc:7d:ad:a0:db:01:cc:00:7f:9f:1f:50:03:33:1f:e4:22:4a:
7e:ec:12:35:c7:48:ea:a1:a0:01:22:d3:5d:57:83:29:03:eb:
18:e8:0b:bd:fd:bd:f8:24:9a:f3:14:70:31:0f:46:b7:d7:84:
08:e5:7d:13:ac:40:56:b6:6d:7f:20:95:e0:d7:1f:e9:74:43:
17:b2:23:d0:e5:e6:74:37:ce:26:74:d4:b5:93:f1:8b:a8:7c:
79:fb:03:57:04:8c:87:f7:eb:3e:d1:d3:86:e7:94:47:ca:5a:
f8:6d:51:74:5f:e7:0d:a5:44:d5:29:c4:10:21:74:73:d6:5d:
8d:a5:83:2f:ac:17:fa:bf:ef:7f:31:4e:28:d7:ba:2f:b8:b7:
14:3f:06:59:f2:62:7e:02:2a:81:0c:a5:06:5d:b9:72:cf:45:
1b:53:72:65:b4:f6:5b:7e:a2:7a:89:63:3e:de:18:40:4a:a3:
26:95:1c:64:e7:4c:45:8f:62:17:32:b8:bf:80:8c:d8:fe:07:
ec:ba:18:eb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUEXdqhh2j67nA5THn3czmRHPHCGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MTkwODU2MjVaFw0yNjA2MTgwOTAxMjVaMDMxMTAvBgNV
BAMTKDZCMzExQzZCRTZEQjdDQkE4MjQ1QTY1MDgyRTUzMTE2OUU2QkI5NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgNFiFwcOl8vqS+vKY/RXjBhaO
VBqYnfNCKZUe8y33m5ACT14u4RNDjxpE0ppRagVPthjkkJq+JDCZIXAsB6BNF3+K
nEpV66OZXRb5217+Rq4KAf5lXQafpZPZ/c/4WL5UF9CnXV19S9UyvlEPJ8lENLHY
4ppxlVajhLE2jc7Awmb9a3bCPRRIdkLFg+1zFFWr4fkvVaFF9LdTkvqJ0cOkOef0
iBe4xo2oIj+q65QIgRpxOxKsObli64nJ87RLI7ZwFYzEOKuBpvOifwN/+2tktW2l
4HU5FcaqYPKmA0RrVjKeK/Xac/NPuOS4SiohLleuWkpAGVGOHv7/UKBftoi/AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUazEca+bbfLqCRaZQguUxFp5ruWkwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwNZww
DQYJKoZIhvcNAQELBQADggEBAI43C8DhvQ0w4vCxgJ8JdJxsHEe1RrtO4QZx8M4b
8Ni3+Z43p2wYVqLqJCaO4TX6Jwe2mCRwQMx9raDbAcwAf58fUAMzH+QiSn7sEjXH
SOqhoAEi011XgykD6xjoC739vfgkmvMUcDEPRrfXhAjlfROsQFa2bX8gleDXH+l0
QxeyI9Dl5nQ3ziZ01LWT8YuofHn7A1cEjIf36z7R04bnlEfKWvhtUXRf5w2lRNUp
xBAhdHPWXY2lgy+sF/q/738xTijXui+4txQ/BlnyYn4CKoEMpQZduXLPRRtTcmW0
9lt+onqJYz7eGEBKoyaVHGTnTEWPYhcyuL+AjNj+B+y6GOs=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:20:20 2025 by rpki-client