Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa
File: AS31715.roa (raw, json)
Hash identifier: YF1TBwA+VHj3WY2M4muHzUtmc/SaJk/XHvMrS1taJjg=
Subject key identifier: 2F:BA:B9:DD:92:89:8E:7C:07:E4:7E:5C:94:C8:C8:03:D8:34:52:73
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0B09EDF1B045C67715B1D5E5D120A1FC351AF00A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa
Signing time: Fri 01 Aug 2025 07:54:44 +0000
ROA not before: Fri 01 Aug 2025 07:49:44 +0000
ROA not after: Fri 31 Jul 2026 07:54:44 +0000
asID: 31715
IP address blocks: 82.23.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:09:ed:f1:b0:45:c6:77:15:b1:d5:e5:d1:20:a1:fc:35:1a:f0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 1 07:49:44 2025 GMT
Not After : Jul 31 07:54:44 2026 GMT
Subject: CN=2FBAB9DD92898E7C07E47E5C94C8C803D8345273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:58:c0:7e:6d:68:ee:51:92:08:8b:7d:fa:00:
ff:3f:88:9f:da:e6:3c:a9:a4:48:63:c8:f7:11:fc:
29:18:7e:97:f5:ee:e6:76:d0:a7:75:ba:2e:17:6f:
12:cb:86:3e:fc:1b:dc:d0:25:e9:34:16:3e:d2:eb:
51:c8:25:56:0a:08:40:11:20:63:05:2c:e1:86:32:
b7:57:0b:68:a5:be:01:69:0f:cb:39:ad:15:f7:54:
45:3b:0e:84:3d:bd:d5:b3:74:56:12:7b:16:90:7e:
48:ce:5a:c1:10:42:76:ac:07:be:9e:df:88:09:ef:
86:aa:b9:61:6f:a7:61:06:62:06:18:3f:a5:a8:8a:
ea:ed:8a:ea:d4:86:0c:8f:3c:d5:54:2d:71:c6:7a:
9f:05:27:83:47:25:0c:a8:45:ad:89:de:f0:3f:b7:
46:77:3e:a6:5a:a3:7c:f7:a7:83:da:a6:1e:1e:23:
62:93:93:9f:77:bf:75:7d:79:b5:ea:ce:52:3a:3e:
47:de:ab:d7:5d:18:3e:37:5a:37:61:ea:37:7f:ce:
6f:2f:b8:e5:28:df:a1:3d:39:6f:30:45:31:c0:c2:
e0:64:ca:66:09:aa:69:e3:8e:50:b5:bf:df:78:35:
07:89:41:4f:ba:fb:28:87:9c:a5:79:f4:08:5f:a2:
9b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BA:B9:DD:92:89:8E:7C:07:E4:7E:5C:94:C8:C8:03:D8:34:52:73
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31715.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.172.0/24
Signature Algorithm: sha256WithRSAEncryption
72:50:45:84:81:ca:c4:c2:dd:cf:50:fe:55:f4:a5:55:e3:a4:
a3:ae:ba:54:66:7c:a1:15:24:de:46:d3:c7:ca:03:ac:c4:86:
a8:38:0c:39:f3:99:59:3c:cb:2f:73:dc:fb:8c:68:1f:61:6c:
18:1f:46:97:fd:e1:2e:ba:d1:cc:9a:a8:cf:e6:bb:ed:7a:2d:
38:66:1b:4a:da:4a:7c:34:da:df:95:a4:ef:83:c5:6f:28:bb:
09:1a:c4:61:bf:1d:38:6a:45:92:8f:c1:f1:87:25:74:4a:3c:
82:20:7d:0b:c9:9d:fc:7c:18:b4:04:d9:bc:0b:f7:ab:e0:90:
a4:ed:5c:fe:d3:25:96:38:0f:10:e5:c3:3f:db:50:91:77:f6:
fb:2e:b3:37:a4:65:93:a3:52:b3:e5:0a:11:a5:11:d2:79:af:
b1:e5:ca:65:8d:fc:1a:b8:ad:d4:fb:c3:45:23:0a:d0:d1:5d:
7c:29:e7:08:b4:b1:ff:b7:58:2f:1b:87:c0:73:c7:99:c9:0d:
18:bb:86:db:95:3f:0a:65:93:b7:c1:03:58:4e:29:91:f6:f2:
0c:04:45:86:76:1d:77:3d:81:09:87:83:ef:9e:fc:e2:4f:2e:
c7:04:c9:cd:ef:0d:f5:ff:5c:3e:f0:b1:91:93:45:80:89:53:
e1:c1:e1:6a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUCwnt8bBFxncVsdXl0SCh/DUa8AowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDEwNzQ5NDRaFw0yNjA3MzEwNzU0NDRaMDMxMTAvBgNV
BAMTKDJGQkFCOUREOTI4OThFN0MwN0U0N0U1Qzk0QzhDODAzRDgzNDUyNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAWMB+bWjuUZIIi336AP8/iJ/a
5jyppEhjyPcR/CkYfpf17uZ20Kd1ui4XbxLLhj78G9zQJek0Fj7S61HIJVYKCEAR
IGMFLOGGMrdXC2ilvgFpD8s5rRX3VEU7DoQ9vdWzdFYSexaQfkjOWsEQQnasB76e
34gJ74aquWFvp2EGYgYYP6WoiurtiurUhgyPPNVULXHGep8FJ4NHJQyoRa2J3vA/
t0Z3PqZao3z3p4Paph4eI2KTk593v3V9ebXqzlI6Pkfeq9ddGD43Wjdh6jd/zm8v
uOUo36E9OW8wRTHAwuBkymYJqmnjjlC1v994NQeJQU+6+yiHnKV59Ahfopv3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUL7q53ZKJjnwH5H5clMjIA9g0UnMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSF6ww
DQYJKoZIhvcNAQELBQADggEBAHJQRYSBysTC3c9Q/lX0pVXjpKOuulRmfKEVJN5G
08fKA6zEhqg4DDnzmVk8yy9z3PuMaB9hbBgfRpf94S660cyaqM/mu+16LThmG0ra
Snw02t+VpO+DxW8ouwkaxGG/HThqRZKPwfGHJXRKPIIgfQvJnfx8GLQE2bwL96vg
kKTtXP7TJZY4DxDlwz/bUJF39vsuszekZZOjUrPlChGlEdJ5r7HlymWN/Bq4rdT7
w0UjCtDRXXwp5wi0sf+3WC8bh8Bzx5nJDRi7htuVPwplk7fBA1hOKZH28gwERYZ2
HXc9gQmHg++e/OJPLscEyc3vDfX/XD7wsZGTRYCJU+HB4Wo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:24 2025 by rpki-client