This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa
File:                     AS31715.roa (raw, json)
Hash identifier:          5M2ArOlfhFdDV2SkeNo3O6lRgmhkaAP+KhjtW5yiLcM=
Subject key identifier:   04:5A:EE:68:7E:EA:96:8A:FC:16:65:C5:59:B3:3E:82:73:33:8C:62
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       6145697DFDD3E0905BDDDCDD391C64C657ED1F60
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa
Signing time:             Tue 13 Jan 2026 03:37:44 +0000
ROA not before:           Tue 13 Jan 2026 03:32:44 +0000
ROA not after:            Tue 12 Jan 2027 03:37:44 +0000
asID:                     31715
IP address blocks:        91.124.175.0/24 maxlen: 24
                          178.92.168.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 03:44:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:45:69:7d:fd:d3:e0:90:5b:dd:dc:dd:39:1c:64:c6:57:ed:1f:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jan 13 03:32:44 2026 GMT
            Not After : Jan 12 03:37:44 2027 GMT
        Subject: CN=045AEE687EEA968AFC1665C559B33E8273338C62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e0:a5:16:8e:82:d5:8c:0b:0d:58:1c:2e:d1:
                    0a:ed:31:38:93:c8:b9:2b:de:95:69:af:1f:57:42:
                    33:6f:52:21:6d:9a:e1:ec:5a:ad:9b:96:58:74:52:
                    dc:db:a4:49:1f:1d:d9:da:c4:8a:8a:30:6e:c8:59:
                    7b:bd:45:21:96:ae:14:a6:53:6c:6b:64:bf:53:87:
                    be:18:1f:7b:5c:30:22:b8:c2:f0:23:8d:23:bd:b5:
                    21:7b:11:75:66:6d:c5:eb:f7:07:55:b9:d9:e3:b8:
                    8e:89:cc:54:c7:ed:e5:b2:27:25:0e:b6:9e:29:33:
                    c6:2a:2e:22:43:c4:a9:28:bc:86:25:20:84:94:17:
                    70:ca:19:5c:a4:e5:c1:b3:fe:c6:a5:b3:0c:eb:16:
                    d2:41:a9:bd:2c:dd:83:ca:d3:58:73:d6:50:5a:09:
                    86:2d:0c:59:0a:3e:c4:c3:95:cc:3f:ea:f2:1e:cc:
                    62:06:b7:39:fe:79:cb:5a:02:21:cc:d5:8d:5f:27:
                    04:a4:45:32:8a:5b:e6:d4:96:72:99:f9:c3:1c:4e:
                    9e:ba:68:42:fd:46:8e:92:d3:af:26:87:18:bb:47:
                    bb:90:27:6a:47:6e:72:e0:56:b4:39:a0:e8:80:f5:
                    05:df:b1:b4:62:2e:90:56:f2:dd:6b:e9:dd:3a:e2:
                    58:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:5A:EE:68:7E:EA:96:8A:FC:16:65:C5:59:B3:3E:82:73:33:8C:62
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.124.175.0/24
                  178.92.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:1c:25:e8:e5:a0:45:f5:da:25:f9:63:6e:db:63:a3:ef:9e:
         c8:85:4f:9d:2b:ae:4e:bc:38:ce:4a:57:42:1f:16:97:c0:cd:
         3c:4c:58:e5:39:18:ad:f6:6f:b6:0d:34:cf:17:9e:59:38:33:
         c7:cf:fb:88:00:56:cc:53:3b:b3:04:bd:02:75:79:13:02:64:
         c6:ff:70:9f:93:6f:ce:4f:46:e5:f6:47:3e:0e:bd:87:a5:ac:
         6a:a6:cb:58:2f:df:1f:23:f8:a1:08:ab:7b:7d:48:5d:0d:38:
         61:53:18:14:8a:f9:53:1b:ca:c9:d6:c5:d6:cd:90:17:44:a0:
         7c:ba:bc:f6:86:c7:46:9d:25:44:58:27:24:f7:c7:5f:de:79:
         5a:a1:fb:49:66:0b:94:2e:87:00:9a:68:3b:9b:83:72:62:39:
         89:fd:ed:87:b2:48:d3:41:24:f3:f8:fb:d0:31:59:48:42:13:
         28:52:0d:71:aa:5a:58:35:73:23:52:af:30:77:75:e0:7a:43:
         1a:a3:91:a5:8c:df:09:21:88:80:13:80:fd:9f:40:90:e1:60:
         32:c3:bd:81:1c:e1:c0:5c:95:d0:24:85:4f:6a:19:50:ee:4b:
         fe:9c:6d:93:b0:99:b0:6f:de:f1:32:ad:e5:21:03:c8:0e:47:
         21:1e:9d:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUYUVpff3T4JBb3dzdORxkxlftH2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAxMTMwMzMyNDRaFw0yNzAxMTIwMzM3NDRaMDMxMTAvBgNV
BAMTKDA0NUFFRTY4N0VFQTk2OEFGQzE2NjVDNTU5QjMzRTgyNzMzMzhDNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF4KUWjoLVjAsNWBwu0QrtMTiT
yLkr3pVprx9XQjNvUiFtmuHsWq2bllh0UtzbpEkfHdnaxIqKMG7IWXu9RSGWrhSm
U2xrZL9Th74YH3tcMCK4wvAjjSO9tSF7EXVmbcXr9wdVudnjuI6JzFTH7eWyJyUO
tp4pM8YqLiJDxKkovIYlIISUF3DKGVyk5cGz/salswzrFtJBqb0s3YPK01hz1lBa
CYYtDFkKPsTDlcw/6vIezGIGtzn+ectaAiHM1Y1fJwSkRTKKW+bUlnKZ+cMcTp66
aEL9Ro6S068mhxi7R7uQJ2pHbnLgVrQ5oOiA9QXfsbRiLpBW8t1r6d064lgpAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUBFruaH7qlor8FmXFWbM+gnMzjGIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABbfK8D
BACyXKgwDQYJKoZIhvcNAQELBQADggEBAAUcJejloEX12iX5Y27bY6PvnsiFT50r
rk68OM5KV0IfFpfAzTxMWOU5GK32b7YNNM8Xnlk4M8fP+4gAVsxTO7MEvQJ1eRMC
ZMb/cJ+Tb85PRuX2Rz4OvYelrGqmy1gv3x8j+KEIq3t9SF0NOGFTGBSK+VMbysnW
xdbNkBdEoHy6vPaGx0adJURYJyT3x1/eeVqh+0lmC5QuhwCaaDubg3JiOYn97Yey
SNNBJPP4+9AxWUhCEyhSDXGqWlg1cyNSrzB3deB6QxqjkaWM3wkhiIATgP2fQJDh
YDLDvYEc4cBcldAkhU9qGVDuS/6cbZOwmbBv3vEyreUhA8gORyEenSo=
-----END CERTIFICATE-----