Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: mr3gcTkz95yaNsDC8EtqhV1dpgBJBYGhDVnQhuD136w=
Subject key identifier: 8B:35:7D:F7:37:8A:34:8F:35:A1:C3:20:60:54:0E:3E:C1:68:30:40
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1DE507FEB2B83F050E955B7B8811891A236E0169
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31898.roa
Signing time: Mon 28 Jul 2025 10:18:16 +0000
ROA not before: Mon 28 Jul 2025 10:13:16 +0000
ROA not after: Mon 27 Jul 2026 10:18:16 +0000
asID: 31898
IP address blocks: 82.26.110.0/24 maxlen: 24
82.27.123.0/24 maxlen: 24
82.29.42.0/24 maxlen: 24
82.29.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:e5:07:fe:b2:b8:3f:05:0e:95:5b:7b:88:11:89:1a:23:6e:01:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 28 10:13:16 2025 GMT
Not After : Jul 27 10:18:16 2026 GMT
Subject: CN=8B357DF7378A348F35A1C32060540E3EC1683040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:80:df:72:51:c5:13:2b:78:c8:13:cb:83:2b:
80:d4:48:99:6b:ea:06:96:59:ae:ff:2a:2d:bc:70:
89:a5:2c:d8:06:59:ae:2c:fa:84:80:aa:56:27:5a:
f4:e4:19:ac:08:f6:59:68:5d:74:10:c6:52:2a:65:
b1:92:4c:6a:64:3e:ce:57:06:43:30:52:d6:a3:68:
d9:3f:88:98:09:11:93:5c:e0:a9:a3:dc:2b:7b:f5:
e6:c6:f9:6f:d6:fc:05:a6:ad:bb:5b:e6:f9:68:7e:
b1:e4:ad:56:a4:16:1f:c5:d8:e0:6a:d8:3e:56:2b:
ff:42:40:56:02:64:fe:8f:2b:87:65:37:e4:be:26:
ac:c2:6f:af:9c:e1:16:e4:54:8e:71:3b:c3:b0:87:
89:fb:35:f9:5c:00:2a:2f:c2:2a:e5:bf:0b:cd:1b:
a3:9f:07:ef:61:f0:57:8c:27:61:52:52:53:0a:b3:
3b:d3:ef:bb:6a:66:33:6d:f0:c7:2c:a0:cb:c8:de:
4c:b9:c8:f8:cc:c5:52:c4:de:3a:1d:55:f3:6b:ed:
af:10:83:da:0c:51:51:a6:c5:bf:ce:cb:9a:a3:11:
1f:e4:d2:9e:8c:a5:fc:ff:74:62:8c:f0:e5:59:1c:
7e:39:9a:fd:60:a9:97:05:c5:80:93:af:39:5b:de:
bf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:35:7D:F7:37:8A:34:8F:35:A1:C3:20:60:54:0E:3E:C1:68:30:40
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.110.0/24
82.27.123.0/24
82.29.42.0/24
82.29.69.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e2:c9:a0:f4:d6:2b:f2:56:96:db:b3:7a:66:ea:f4:f5:03:
be:f7:9b:8d:06:be:50:12:60:d7:08:c4:73:cd:6f:cc:91:c7:
65:46:bb:37:69:97:2e:ef:9d:c7:3f:d5:52:c1:7a:b0:a5:3a:
16:16:fb:52:3e:2c:c5:2c:45:53:3c:b9:a1:f9:02:2b:34:ce:
63:35:8e:bf:8d:cf:75:f8:17:a5:ed:4e:77:d7:6e:48:e9:78:
a0:26:8b:5a:e4:41:59:1e:1f:83:70:4d:2e:dd:68:c9:47:bd:
ae:66:86:75:b4:52:c1:81:33:a1:de:91:81:97:5f:cb:e0:b2:
54:3a:3f:5d:65:f8:5c:11:9c:58:4e:99:55:35:77:ab:43:a3:
95:0c:b3:94:df:6d:90:7e:92:64:81:fb:14:3a:49:ca:95:42:
0d:d9:62:ee:48:cd:ae:66:6b:5e:91:d3:45:f4:18:49:f5:43:
84:6b:20:28:22:03:78:3a:a7:20:4c:5e:6a:2c:ea:0a:30:8e:
75:c5:7b:8a:ca:ff:e8:30:37:e8:9d:c1:2c:2b:39:01:0c:e8:
ed:09:11:75:a1:2d:87:fa:e1:28:69:14:d4:5f:95:03:cd:41:
2e:64:6c:87:18:da:3a:09:35:dc:08:78:76:01:d1:31:b4:18:
57:9e:a3:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUHeUH/rK4PwUOlVt7iBGJGiNuAWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjgxMDEzMTZaFw0yNjA3MjcxMDE4MTZaMDMxMTAvBgNV
BAMTKDhCMzU3REY3Mzc4QTM0OEYzNUExQzMyMDYwNTQwRTNFQzE2ODMwNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqgN9yUcUTK3jIE8uDK4DUSJlr
6gaWWa7/Ki28cImlLNgGWa4s+oSAqlYnWvTkGawI9lloXXQQxlIqZbGSTGpkPs5X
BkMwUtajaNk/iJgJEZNc4Kmj3Ct79ebG+W/W/AWmrbtb5vlofrHkrVakFh/F2OBq
2D5WK/9CQFYCZP6PK4dlN+S+JqzCb6+c4RbkVI5xO8Owh4n7NflcACovwirlvwvN
G6OfB+9h8FeMJ2FSUlMKszvT77tqZjNt8McsoMvI3ky5yPjMxVLE3jodVfNr7a8Q
g9oMUVGmxb/Oy5qjER/k0p6Mpfz/dGKM8OVZHH45mv1gqZcFxYCTrzlb3r/xAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUizV99zeKNI81ocMgYFQOPsFoMEAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABSGm4D
BABSG3sDBABSHSoDBABSHUUwDQYJKoZIhvcNAQELBQADggEBAETiyaD01ivyVpbb
s3pm6vT1A773m40GvlASYNcIxHPNb8yRx2VGuzdply7vncc/1VLBerClOhYW+1I+
LMUsRVM8uaH5Ais0zmM1jr+Nz3X4F6XtTnfXbkjpeKAmi1rkQVkeH4NwTS7daMlH
va5mhnW0UsGBM6HekYGXX8vgslQ6P11l+FwRnFhOmVU1d6tDo5UMs5TfbZB+kmSB
+xQ6ScqVQg3ZYu5Iza5ma16R00X0GEn1Q4RrICgiA3g6pyBMXmos6gowjnXFe4rK
/+gwN+idwSwrOQEM6O0JEXWhLYf64ShpFNRflQPNQS5kbIcY2joJNdwIeHYB0TG0
GFeeoxA=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:07 2025 by rpki-client