Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa
File:                     AS31715.roa (raw, json)
Hash identifier:          5K6zNN0wK/e72M/3ISrweuZVYWJI7/90/mXma4Jfme8=
Subject key identifier:   D2:2B:72:50:C3:61:7E:42:FA:CB:D5:41:26:84:98:4B:F1:50:7F:59
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4BB80DAFB7D5B909477D0825F7ADDDA94D757BF3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa
Signing time:             Tue 03 Feb 2026 04:24:01 +0000
ROA not before:           Tue 03 Feb 2026 04:19:01 +0000
ROA not after:            Tue 02 Feb 2027 04:24:01 +0000
asID:                     31715
IP address blocks:        178.83.154.0/24 maxlen: 24
                          178.83.204.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:b8:0d:af:b7:d5:b9:09:47:7d:08:25:f7:ad:dd:a9:4d:75:7b:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Feb  3 04:19:01 2026 GMT
            Not After : Feb  2 04:24:01 2027 GMT
        Subject: CN=D22B7250C3617E42FACBD5412684984BF1507F59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:98:ef:96:27:26:91:92:a3:49:3f:f7:a3:98:
                    a4:97:95:c7:65:d2:a4:45:8d:02:48:7e:4d:dd:b9:
                    04:4d:77:4f:d8:e9:27:9c:61:53:26:9b:50:a4:fa:
                    dd:a4:3a:68:7b:60:f3:d9:07:df:b3:8c:d2:13:b6:
                    4c:84:f4:1e:08:86:61:c5:85:3a:7b:4d:4f:e1:d4:
                    19:de:b9:04:3f:4f:12:26:22:fe:0e:54:c3:f9:3f:
                    c5:ea:5a:67:5a:0d:a5:15:0b:1a:fb:61:b0:56:d8:
                    7c:87:52:23:a7:ef:f0:ef:be:01:73:9b:d0:13:f5:
                    58:bb:07:f8:23:94:1e:79:b4:ef:82:55:e0:c3:cc:
                    f8:a7:66:f7:92:5f:6c:3d:f2:17:53:9c:69:78:d0:
                    94:0a:84:15:03:db:47:1f:95:0d:ab:5f:c5:71:7c:
                    29:c1:82:a8:07:ea:65:89:af:79:3a:44:b9:b4:70:
                    8d:5e:b7:4e:85:b4:7e:4e:b6:38:6b:0f:ad:d0:f9:
                    ac:bd:b9:b8:4a:ff:e7:50:15:97:91:46:99:b7:a8:
                    ee:8b:49:ce:e0:be:3e:1b:40:e1:ea:0d:5b:ba:05:
                    66:2c:ca:76:1a:14:99:2b:f2:ee:f0:e4:24:61:79:
                    25:b3:b2:9f:6b:a3:b3:55:a2:39:52:f8:05:85:9a:
                    b9:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:2B:72:50:C3:61:7E:42:FA:CB:D5:41:26:84:98:4B:F1:50:7F:59
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.83.154.0/24
                  178.83.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:7f:c5:2d:f7:f6:92:a2:ad:64:78:96:af:dc:ba:10:6a:4b:
         b0:88:03:5c:03:55:15:c5:97:a0:06:1b:34:89:96:ca:cb:0b:
         7a:2e:30:6a:69:9e:ef:73:77:43:2c:af:e4:30:12:14:07:53:
         71:ae:85:fd:dd:9e:bf:e4:d7:a7:db:ed:8e:49:72:80:7f:4f:
         9f:22:5f:e8:91:67:8c:e6:24:f5:d9:75:f6:f3:fd:13:59:70:
         95:b8:27:fe:7d:d7:fb:5b:57:cc:cc:89:52:b7:ce:40:79:7d:
         80:49:86:d0:1f:ef:c7:76:4f:02:4a:a3:fa:93:c6:07:8a:7d:
         1e:4e:cd:5c:65:5b:36:81:f4:3c:dd:3e:c1:10:9e:d4:58:99:
         04:61:3d:ba:83:67:76:8a:f8:a0:45:72:89:de:1c:b9:30:f0:
         92:32:d7:61:19:07:ce:6c:24:3c:31:17:8a:a1:37:70:0b:14:
         85:34:57:d5:9e:76:9f:dd:67:68:70:4b:6d:ce:f6:14:a9:3d:
         ec:9d:60:c5:26:d9:b1:5c:0d:97:c9:4b:a4:3b:20:1a:45:e7:
         df:72:94:81:1e:03:25:59:17:5c:ed:37:1b:33:d7:9b:0b:f6:
         66:78:07:1f:eb:f7:9a:4c:82:db:83:3a:96:32:83:ac:a1:30:
         0a:97:98:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUS7gNr7fVuQlHfQgl963dqU11e/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMDMwNDE5MDFaFw0yNzAyMDIwNDI0MDFaMDMxMTAvBgNV
BAMTKEQyMkI3MjUwQzM2MTdFNDJGQUNCRDU0MTI2ODQ5ODRCRjE1MDdGNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQComO+WJyaRkqNJP/ejmKSXlcdl
0qRFjQJIfk3duQRNd0/Y6SecYVMmm1Ck+t2kOmh7YPPZB9+zjNITtkyE9B4IhmHF
hTp7TU/h1BneuQQ/TxImIv4OVMP5P8XqWmdaDaUVCxr7YbBW2HyHUiOn7/DvvgFz
m9AT9Vi7B/gjlB55tO+CVeDDzPinZveSX2w98hdTnGl40JQKhBUD20cflQ2rX8Vx
fCnBgqgH6mWJr3k6RLm0cI1et06FtH5OtjhrD63Q+ay9ubhK/+dQFZeRRpm3qO6L
Sc7gvj4bQOHqDVu6BWYsynYaFJkr8u7w5CRheSWzsp9ro7NVojlS+AWFmrmJAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU0ityUMNhfkL6y9VBJoSYS/FQf1kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACyU5oD
BACyU8wwDQYJKoZIhvcNAQELBQADggEBADZ/xS339pKirWR4lq/cuhBqS7CIA1wD
VRXFl6AGGzSJlsrLC3ouMGppnu9zd0Msr+QwEhQHU3Guhf3dnr/k16fb7Y5JcoB/
T58iX+iRZ4zmJPXZdfbz/RNZcJW4J/591/tbV8zMiVK3zkB5fYBJhtAf78d2TwJK
o/qTxgeKfR5OzVxlWzaB9DzdPsEQntRYmQRhPbqDZ3aK+KBFconeHLkw8JIy12EZ
B85sJDwxF4qhN3ALFIU0V9Wedp/dZ2hwS23O9hSpPeydYMUm2bFcDZfJS6Q7IBpF
599ylIEeAyVZF1ztNxsz15sL9mZ4Bx/r95pMgtuDOpYyg6yhMAqXmDQ=
-----END CERTIFICATE-----