Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: Qb82iE3EjN0CtIh/zz1N1Q7vZUkEpDKHqgZupWH2xMU=
Subject key identifier: 12:4A:97:60:11:B2:EA:15:F5:68:D3:68:4C:59:8A:64:A2:79:7D:C0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6FF5F72826A270FE0C7BB277424310C027092812
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
Signing time: Fri 01 Aug 2025 08:02:40 +0000
ROA not before: Fri 01 Aug 2025 07:57:40 +0000
ROA not after: Fri 31 Jul 2026 08:02:40 +0000
asID: 31715
IP address blocks: 143.14.217.0/24 maxlen: 24
143.14.230.0/24 maxlen: 24
148.135.152.0/24 maxlen: 24
150.241.249.0/24 maxlen: 24
155.117.38.0/24 maxlen: 24
155.117.150.0/24 maxlen: 24
155.117.227.0/24 maxlen: 24
155.117.255.0/24 maxlen: 24
167.148.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:f5:f7:28:26:a2:70:fe:0c:7b:b2:77:42:43:10:c0:27:09:28:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 1 07:57:40 2025 GMT
Not After : Jul 31 08:02:40 2026 GMT
Subject: CN=124A976011B2EA15F568D3684C598A64A2797DC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ea:63:d9:df:7f:ef:13:8f:e3:97:2c:3a:eb:
36:18:93:cc:f9:54:e5:d2:c6:bb:a5:13:4a:51:a9:
2a:9c:b2:af:29:60:50:b8:8b:58:47:af:54:31:37:
87:4a:27:42:73:4a:15:f5:09:fb:d0:8c:a5:0e:a0:
c7:0d:4e:18:e6:65:c1:cd:8f:3f:14:b5:f5:21:b5:
cf:87:c1:76:fc:35:28:ed:f9:d2:9f:b1:0f:84:5a:
9b:fc:5b:9b:49:ec:81:9a:58:c6:9e:03:c7:49:ae:
6b:0c:ec:7f:90:80:59:2e:03:e8:35:6f:6c:f6:18:
2f:63:c0:ee:fa:08:79:ae:f2:62:10:d2:9f:11:fc:
e5:e5:96:a9:fe:20:d4:68:66:b6:f3:2c:4f:1f:52:
a4:ce:38:df:35:cd:57:af:fe:1f:22:d6:15:80:cf:
f5:2e:87:22:7c:e7:1e:d1:77:d2:5f:e3:c6:d8:9c:
12:e1:b9:e3:ad:b5:dc:ed:fa:47:02:53:dc:b7:23:
b3:61:34:70:4f:66:97:8b:dc:29:8b:8f:67:ef:5e:
06:f4:86:55:15:13:b9:ac:0e:a5:d0:23:53:17:69:
8d:7f:b1:d9:cf:50:93:bb:ad:30:92:32:f7:08:10:
36:4a:24:64:41:e3:7f:50:34:85:ca:5e:ab:45:ac:
f1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4A:97:60:11:B2:EA:15:F5:68:D3:68:4C:59:8A:64:A2:79:7D:C0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.217.0/24
143.14.230.0/24
148.135.152.0/24
150.241.249.0/24
155.117.38.0/24
155.117.150.0/24
155.117.227.0/24
155.117.255.0/24
167.148.199.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c6:7b:5c:da:fd:26:db:55:d0:24:54:b5:75:c9:ff:d4:f7:
19:2c:69:bc:a7:7b:35:c4:6a:2a:32:af:ea:d0:af:ef:29:09:
69:d2:7a:24:ce:2f:15:2a:3d:d2:db:dc:e6:98:41:6b:24:14:
c2:c2:7c:4b:2a:e5:e0:ed:d1:4b:2b:d4:49:c1:50:46:fe:60:
da:85:ed:98:5c:6f:9f:c6:6f:14:ef:2b:8f:4b:48:b0:25:e4:
0e:6e:6b:f3:06:0a:57:74:73:c3:45:6c:e1:0e:02:fc:a7:4e:
9c:5b:b3:28:6d:50:a2:1c:a5:70:01:36:a8:91:78:54:9c:6b:
42:f2:44:e2:7e:5c:6f:04:4e:7c:06:ee:0d:e0:61:a7:48:5c:
a8:c9:99:ba:52:9e:75:a7:d0:d5:f0:25:27:70:de:ff:a9:c7:
e8:66:f7:a6:33:6d:1e:5b:ef:5d:ac:d5:dd:c2:a3:cc:da:18:
48:43:fe:f8:57:53:9f:58:d0:b6:52:97:92:2b:eb:33:86:24:
88:6a:2a:ed:98:78:e3:dd:19:b9:91:55:8b:2e:92:37:78:5f:
9f:b9:c6:df:97:67:41:01:65:70:04:6e:dc:9e:bf:1a:77:81:
d7:72:18:b9:1f:33:71:a1:10:03:88:cb:98:1d:9c:50:88:61:
2b:cf:ac:c3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUb/X3KCaicP4Me7J3QkMQwCcJKBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDEwNzU3NDBaFw0yNjA3MzEwODAyNDBaMDMxMTAvBgNV
BAMTKDEyNEE5NzYwMTFCMkVBMTVGNTY4RDM2ODRDNTk4QTY0QTI3OTdEQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq6mPZ33/vE4/jlyw66zYYk8z5
VOXSxrulE0pRqSqcsq8pYFC4i1hHr1QxN4dKJ0JzShX1CfvQjKUOoMcNThjmZcHN
jz8UtfUhtc+HwXb8NSjt+dKfsQ+EWpv8W5tJ7IGaWMaeA8dJrmsM7H+QgFkuA+g1
b2z2GC9jwO76CHmu8mIQ0p8R/OXllqn+INRoZrbzLE8fUqTOON81zVev/h8i1hWA
z/UuhyJ85x7Rd9Jf48bYnBLhueOttdzt+kcCU9y3I7NhNHBPZpeL3CmLj2fvXgb0
hlUVE7msDqXQI1MXaY1/sdnPUJO7rTCSMvcIEDZKJGRB439QNIXKXqtFrPH3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUEkqXYBGy6hX1aNNoTFmKZKJ5fcAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBACPDtkD
BACPDuYDBACUh5gDBACW8fkDBACbdSYDBACbdZYDBACbdeMDBACbdf8DBACnlMcw
DQYJKoZIhvcNAQELBQADggEBAAjGe1za/SbbVdAkVLV1yf/U9xksabynezXEaioy
r+rQr+8pCWnSeiTOLxUqPdLb3OaYQWskFMLCfEsq5eDt0Usr1EnBUEb+YNqF7Zhc
b5/GbxTvK49LSLAl5A5ua/MGCld0c8NFbOEOAvynTpxbsyhtUKIcpXABNqiReFSc
a0LyROJ+XG8ETnwG7g3gYadIXKjJmbpSnnWn0NXwJSdw3v+px+hm96YzbR5b712s
1d3Co8zaGEhD/vhXU59Y0LZSl5Ir6zOGJIhqKu2YeOPdGbmRVYsukjd4X5+5xt+X
Z0EBZXAEbtyevxp3gddyGLkfM3GhEAOIy5gdnFCIYSvPrMM=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:42:56 2025 by rpki-client