Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: 3FrUDrUIXGdiDL+CecxdS+7MXqwQhcq+xnkgkqxzX/Q=
Subject key identifier: 9B:91:21:34:89:4D:70:08:6C:CB:D2:37:5F:7E:CE:B0:FC:3A:86:C3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 16A4D41FFA4658BE4E2A1D91E4D41C82D48709D7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
Signing time: Fri 31 Oct 2025 20:01:17 +0000
ROA not before: Fri 31 Oct 2025 19:56:17 +0000
ROA not after: Fri 30 Oct 2026 20:01:17 +0000
asID: 42831
IP address blocks: 5.181.124.0/24 maxlen: 24
5.252.78.0/24 maxlen: 24
37.143.61.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
179.61.181.0/24 maxlen: 24
181.215.25.0/24 maxlen: 24
181.215.140.0/24 maxlen: 24
181.215.226.0/24 maxlen: 24
181.215.229.0/24 maxlen: 24
191.96.110.0/24 maxlen: 24
191.96.209.0/24 maxlen: 24
191.101.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:a4:d4:1f:fa:46:58:be:4e:2a:1d:91:e4:d4:1c:82:d4:87:09:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 31 19:56:17 2025 GMT
Not After : Oct 30 20:01:17 2026 GMT
Subject: CN=9B912134894D70086CCBD2375F7ECEB0FC3A86C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:03:b0:94:95:cd:ee:61:d1:7e:e6:f6:0d:2c:
4f:52:6d:2a:de:33:ad:7d:39:68:c5:e6:bb:53:69:
11:6d:bc:57:63:2a:d1:1b:6e:00:bf:db:78:45:49:
71:cd:db:22:12:ba:67:b8:74:76:c4:f9:46:6e:f0:
e7:61:80:4b:d4:48:9f:ab:8a:4b:d8:69:ee:43:33:
dc:d3:2b:33:e6:9b:b2:cc:cb:36:e2:47:68:0a:e9:
71:83:f5:65:f4:30:7d:4d:cd:ff:3b:e1:ab:e6:d1:
2e:ec:f7:68:12:8f:0b:53:4e:03:8b:53:bb:87:a0:
5a:78:58:9f:31:28:02:7d:9a:7e:93:e7:09:a2:29:
7c:39:61:e0:a5:5c:29:dd:bb:69:d0:f8:b2:74:05:
2a:4b:0f:72:6a:a1:93:63:24:01:ab:53:98:01:8e:
01:b2:08:0d:56:2b:ad:a9:a2:52:f3:c9:50:6b:72:
78:c4:b3:02:1f:07:ba:a5:fa:7d:c5:b7:2c:be:23:
af:d1:29:2a:71:43:0f:4e:e7:91:e7:3a:47:7c:fd:
1d:e5:9f:41:4e:7f:df:24:f5:20:8c:ab:9b:d7:c5:
a7:86:7a:5b:c0:45:6b:39:a2:1f:8d:5b:fa:09:6f:
f9:19:d1:85:0a:d8:0c:58:d9:a3:55:bc:64:0a:2d:
05:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:91:21:34:89:4D:70:08:6C:CB:D2:37:5F:7E:CE:B0:FC:3A:86:C3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.124.0/24
5.252.78.0/24
37.143.61.0/24
179.61.140.0/24
179.61.181.0/24
181.215.25.0/24
181.215.140.0/24
181.215.226.0/24
181.215.229.0/24
191.96.110.0/24
191.96.209.0/24
191.101.59.0/24
Signature Algorithm: sha256WithRSAEncryption
72:73:f0:1d:8a:bb:c6:6a:f5:b9:3f:d2:3b:57:2d:2a:c7:38:
97:89:86:ed:08:26:93:52:01:2d:13:0c:f8:35:d6:b8:17:c5:
f1:23:69:d9:ae:00:28:3c:62:0a:d8:93:a9:f7:ee:e5:58:37:
fc:5a:0e:61:6c:56:52:b2:9e:12:20:03:f6:ab:fe:12:8e:7e:
83:cc:f1:92:88:18:7a:a6:c5:fd:18:58:33:6c:b0:d3:36:63:
43:df:3c:a0:2a:9f:8d:44:92:4d:18:a1:d2:82:35:6a:67:18:
e0:fa:c2:e8:c5:8d:7b:2c:74:0c:51:15:ba:dc:b8:81:77:cd:
6d:48:64:78:f5:2c:68:e8:24:da:aa:88:97:7a:51:48:72:0b:
51:b0:86:8e:3f:24:e2:70:0b:6e:36:64:c9:c7:59:23:5b:cd:
ea:5d:76:fc:fc:bd:0a:b2:70:f9:9e:da:ec:29:e0:5d:c2:97:
0c:27:6e:2f:30:3f:7e:36:65:79:bb:a1:e4:8c:3e:21:fa:4a:
d0:e4:17:a4:03:bc:80:bb:7e:78:33:e0:73:ea:07:70:78:e3:
14:1e:f1:15:e2:7c:e4:d7:36:b3:0d:d5:3d:2e:e6:c8:06:25:
97:d0:9f:87:a3:19:53:c8:09:0a:31:1c:bb:b2:26:da:c3:93:
f4:ca:79:ae
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUFqTUH/pGWL5OKh2R5NQcgtSHCdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMzExOTU2MTdaFw0yNjEwMzAyMDAxMTdaMDMxMTAvBgNV
BAMTKDlCOTEyMTM0ODk0RDcwMDg2Q0NCRDIzNzVGN0VDRUIwRkMzQTg2QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbA7CUlc3uYdF+5vYNLE9SbSre
M619OWjF5rtTaRFtvFdjKtEbbgC/23hFSXHN2yISume4dHbE+UZu8OdhgEvUSJ+r
ikvYae5DM9zTKzPmm7LMyzbiR2gK6XGD9WX0MH1Nzf874avm0S7s92gSjwtTTgOL
U7uHoFp4WJ8xKAJ9mn6T5wmiKXw5YeClXCndu2nQ+LJ0BSpLD3JqoZNjJAGrU5gB
jgGyCA1WK62polLzyVBrcnjEswIfB7ql+n3Ftyy+I6/RKSpxQw9O55HnOkd8/R3l
n0FOf98k9SCMq5vXxaeGelvARWs5oh+NW/oJb/kZ0YUK2AxY2aNVvGQKLQXNAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUm5EhNIlNcAhsy9I3X37OsPw6hsMwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgDBAAFtXwD
BAAF/E4DBAAljz0DBACzPYwDBACzPbUDBAC11xkDBAC114wDBAC11+IDBAC11+UD
BAC/YG4DBAC/YNEDBAC/ZTswDQYJKoZIhvcNAQELBQADggEBAHJz8B2Ku8Zq9bk/
0jtXLSrHOJeJhu0IJpNSAS0TDPg11rgXxfEjadmuACg8YgrYk6n37uVYN/xaDmFs
VlKynhIgA/ar/hKOfoPM8ZKIGHqmxf0YWDNssNM2Y0PfPKAqn41Ekk0YodKCNWpn
GOD6wujFjXssdAxRFbrcuIF3zW1IZHj1LGjoJNqqiJd6UUhyC1Gwho4/JOJwC242
ZMnHWSNbzepddvz8vQqycPme2uwp4F3Clwwnbi8wP342ZXm7oeSMPiH6StDkF6QD
vIC7fngz4HPqB3B44xQe8RXifOTXNrMN1T0u5sgGJZfQn4ejGVPICQoxHLuyJtrD
k/TKea4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:38:29 2025 by rpki-client