Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: gaq8nh+pQGw8dIa/K512lpMXjVvFbPtxT0X6SxqWcKg=
Subject key identifier: 32:58:0F:00:C8:23:C3:BC:5B:55:5C:74:9B:C1:86:B9:05:AF:7D:DD
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 323616A7A37FDE83D7D68A1E7067AA8BAC2EDF9B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Sat 11 Apr 2026 00:00:18 +0000
ROA not before: Fri 10 Apr 2026 23:55:18 +0000
ROA not after: Sat 10 Apr 2027 00:00:18 +0000
asID: 31715
IP address blocks: 148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
162.141.106.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:36:16:a7:a3:7f:de:83:d7:d6:8a:1e:70:67:aa:8b:ac:2e:df:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 10 23:55:18 2026 GMT
Not After : Apr 10 00:00:18 2027 GMT
Subject: CN=32580F00C823C3BC5B555C749BC186B905AF7DDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:58:2e:e8:d1:09:0c:65:8e:f3:34:52:3f:
7d:9d:48:00:a4:97:91:17:06:cb:99:a3:0d:42:2b:
b2:78:63:40:7f:78:ea:d3:60:63:b6:c6:22:69:28:
69:c8:79:fc:d4:a1:10:cd:1a:97:f5:94:ce:25:c3:
c6:82:40:4a:14:2c:8b:ad:80:9c:af:f1:32:18:d3:
e7:9d:41:78:d0:28:c3:ca:b1:2b:24:6b:5e:45:07:
ae:f9:24:03:a7:09:b3:5b:3b:5c:36:f6:fa:d7:31:
91:35:f7:9e:72:7f:24:3f:99:73:fe:0c:ed:49:c2:
30:7a:a3:9f:4a:70:cc:cb:5a:34:2b:47:3a:a6:7a:
c1:a3:f6:a4:d2:b7:d2:9a:a9:34:06:ba:3f:b0:75:
9a:f0:ac:a6:0a:c8:18:ff:09:44:c2:e2:d0:f0:89:
b0:e5:24:11:51:f5:6c:f8:37:f8:8c:a4:a2:86:a9:
79:29:89:da:a3:44:bc:90:8a:f5:76:15:b6:a5:d5:
d1:e5:1e:bc:83:0d:d9:fc:dd:ce:5c:11:88:db:b9:
ab:f8:15:ce:1c:07:02:96:34:8e:7c:96:97:3c:55:
dc:09:93:c3:a1:03:1d:5c:43:4e:4e:ae:1a:58:28:
a4:52:e7:0a:c6:a6:ce:b1:dd:e9:63:72:15:41:98:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:58:0F:00:C8:23:C3:BC:5B:55:5C:74:9B:C1:86:B9:05:AF:7D:DD
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.152.0/24
150.241.249.0/24
155.117.150.0/24
162.141.106.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:87:ab:e1:c3:fd:84:35:a0:22:d1:e1:09:45:32:1b:5c:a3:
86:fa:f5:6d:98:28:35:d0:19:fe:2d:85:00:f4:ce:b8:1a:5e:
4c:61:90:90:e5:69:78:6c:f4:2c:64:28:f4:27:89:ca:41:95:
6b:2d:0c:42:2d:f1:13:ab:04:92:75:43:14:e7:e4:7c:56:9d:
72:26:ea:a8:66:ba:32:f0:6d:3d:53:f0:22:b9:0b:23:4b:e9:
a5:b9:f1:14:94:fd:ca:d0:84:10:9f:36:75:b1:20:7b:96:a6:
1f:29:92:d5:48:78:c3:9a:24:cc:25:1b:3a:0c:b0:a1:04:86:
9a:f4:a7:04:b8:88:01:16:c7:75:b5:b6:fe:3f:37:3d:9e:4e:
3a:b0:e3:d7:d0:04:3d:8b:a7:e6:1f:3a:d3:24:8f:01:a1:d9:
56:69:d6:e0:84:22:80:7b:fb:29:5d:e1:e1:78:af:69:31:53:
73:2c:da:e5:27:e0:d8:8f:8f:7f:34:62:b3:95:c8:84:16:21:
50:5b:0d:52:d5:a6:3a:2a:7b:32:da:02:b7:66:14:c7:30:1f:
3c:18:f2:c4:c9:48:a4:8f:43:13:b0:69:a2:e8:f5:6c:0b:93:
58:d8:fd:b5:10:bb:6c:38:91:62:ba:1a:5e:bc:8f:e3:c0:69:
84:29:cf:59
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUMjYWp6N/3oPX1ooecGeqi6wu35swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTAyMzU1MThaFw0yNzA0MTAwMDAwMThaMDMxMTAvBgNV
BAMTKDMyNTgwRjAwQzgyM0MzQkM1QjU1NUM3NDlCQzE4NkI5MDVBRjdEREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPgVgu6NEJDGWO8zRSP32dSACk
l5EXBsuZow1CK7J4Y0B/eOrTYGO2xiJpKGnIefzUoRDNGpf1lM4lw8aCQEoULIut
gJyv8TIY0+edQXjQKMPKsSska15FB675JAOnCbNbO1w29vrXMZE1955yfyQ/mXP+
DO1JwjB6o59KcMzLWjQrRzqmesGj9qTSt9KaqTQGuj+wdZrwrKYKyBj/CUTC4tDw
ibDlJBFR9Wz4N/iMpKKGqXkpidqjRLyQivV2Fbal1dHlHryDDdn83c5cEYjbuav4
Fc4cBwKWNI58lpc8VdwJk8OhAx1cQ05OrhpYKKRS5wrGps6x3eljchVBmBPxAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUMlgPAMgjw7xbVVx0m8GGuQWvfd0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh5gD
BACW8fkDBACbdZYDBACijWoDBACnlMcwDQYJKoZIhvcNAQELBQADggEBAG+Hq+HD
/YQ1oCLR4QlFMhtco4b69W2YKDXQGf4thQD0zrgaXkxhkJDlaXhs9CxkKPQnicpB
lWstDEIt8ROrBJJ1QxTn5HxWnXIm6qhmujLwbT1T8CK5CyNL6aW58RSU/crQhBCf
NnWxIHuWph8pktVIeMOaJMwlGzoMsKEEhpr0pwS4iAEWx3W1tv4/Nz2eTjqw49fQ
BD2Lp+YfOtMkjwGh2VZp1uCEIoB7+yld4eF4r2kxU3Ms2uUn4NiPj380YrOVyIQW
IVBbDVLVpjoqezLaArdmFMcwHzwY8sTJSKSPQxOwaaLo9WwLk1jY/bUQu2w4kWK6
Gl68j+PAaYQpz1k=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:06:52 2026 by rpki-client