Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: KvueT1G2GkSlCP+a4WE68FgwS0ID3H2Tt13fPHXd3Iw=
Subject key identifier: D9:B9:B1:31:0B:F1:51:DB:F9:30:89:8E:82:4C:10:05:D6:46:44:1B
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5A79139A2FDABC2742C638209E84D3F13612F612
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa
Signing time: Wed 15 Apr 2026 02:22:48 +0000
ROA not before: Wed 15 Apr 2026 02:17:48 +0000
ROA not after: Wed 14 Apr 2027 02:22:48 +0000
asID: 31898
IP address blocks: 2a0f:85c1:3f0::/48 maxlen: 48
2a0f:85c1:c18::/48 maxlen: 48
2a0f:85c1:cc0::/48 maxlen: 48
2a0f:85c1:e3c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:79:13:9a:2f:da:bc:27:42:c6:38:20:9e:84:d3:f1:36:12:f6:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Apr 15 02:17:48 2026 GMT
Not After : Apr 14 02:22:48 2027 GMT
Subject: CN=D9B9B1310BF151DBF930898E824C1005D646441B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:92:9f:54:34:6c:f3:9e:71:fc:00:55:92:
8e:83:ef:f3:de:61:8b:57:61:0e:3e:f3:d8:63:f6:
6f:4c:9c:fb:86:ca:cc:01:cd:48:5e:9b:c2:c9:51:
9b:83:0b:d1:3e:4b:74:60:ac:f2:b7:78:46:be:bf:
19:78:92:94:3e:55:f9:3a:fe:09:5f:d8:86:35:24:
a1:49:68:6a:fb:1f:a0:00:ce:39:df:da:6c:ca:62:
a0:2e:1d:b9:2a:3e:bc:f4:e1:fe:95:1a:d5:05:e0:
c7:2a:02:21:c8:ad:b9:93:b7:ae:85:0f:de:18:fe:
08:42:71:1d:cb:82:89:6d:26:6e:89:33:48:9a:9e:
ad:77:aa:2c:f8:e0:77:20:f7:20:92:a2:01:c5:47:
95:f0:53:7c:b7:8a:ed:f6:a1:af:af:d1:b6:42:ea:
ae:f2:10:16:73:c5:bd:e8:ce:4a:ac:0c:9a:02:61:
f4:e0:c8:65:2f:50:18:6d:ad:a8:45:6e:6c:37:5b:
8f:f7:84:e4:a4:0a:4f:97:53:16:03:49:56:81:50:
68:4f:fa:b5:e3:10:9a:08:ef:9a:34:7f:4e:96:ec:
07:81:c2:30:63:76:df:58:38:58:ff:8e:b1:e9:eb:
c5:4e:dc:69:3b:08:7b:8c:b4:02:3f:95:7d:23:8a:
de:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B9:B1:31:0B:F1:51:DB:F9:30:89:8E:82:4C:10:05:D6:46:44:1B
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f0::/48
2a0f:85c1:c18::/48
2a0f:85c1:cc0::/48
2a0f:85c1:e3c::/48
Signature Algorithm: sha256WithRSAEncryption
ab:d7:cc:d8:7f:f6:2f:9a:01:1e:77:65:ec:8e:83:0b:db:9d:
19:22:16:ef:dc:5a:89:11:01:ec:3c:5a:9e:11:d7:76:04:33:
80:ae:b7:7b:0d:e2:d5:e6:83:21:ae:b2:6e:1c:55:5e:19:dc:
2f:69:92:b2:b3:ef:21:57:83:75:76:ce:ca:0a:a4:6d:32:12:
64:39:13:4a:fe:1d:f8:80:94:c4:5f:fa:f4:a3:f9:43:08:db:
49:9a:9b:5f:03:aa:65:a2:e0:ca:fc:02:fb:87:10:67:db:9c:
1e:7a:57:37:f2:8d:4d:17:ba:96:44:8d:41:d6:50:a9:3b:35:
04:42:00:0e:29:c5:d9:51:1b:66:41:2e:3f:77:2d:44:73:af:
c5:04:ee:39:9e:c1:e8:1d:d5:e3:b0:0f:67:2a:05:3f:c1:9e:
4f:e6:06:cf:3a:06:f8:af:7a:76:31:e2:42:96:77:d5:ce:05:
56:33:24:2f:58:b9:19:72:f5:84:f8:15:cb:4e:8b:77:e8:b9:
0e:17:6a:85:36:6f:c9:2e:c0:5b:c5:cd:aa:18:6e:6a:dd:90:
68:c9:18:95:9d:27:25:6b:28:7b:87:5e:ed:e3:cd:47:60:f6:
17:b5:21:c7:50:52:c6:34:13:ae:f5:11:ce:5f:a5:0c:b4:f5:
22:72:c1:05
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUWnkTmi/avCdCxjggnoTT8TYS9hIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNjA0MTUwMjE3NDhaFw0yNzA0MTQwMjIyNDhaMDMxMTAvBgNV
BAMTKEQ5QjlCMTMxMEJGMTUxREJGOTMwODk4RTgyNEMxMDA1RDY0NjQ0MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC96pKfVDRs855x/ABVko6D7/Pe
YYtXYQ4+89hj9m9MnPuGyswBzUhem8LJUZuDC9E+S3RgrPK3eEa+vxl4kpQ+Vfk6
/glf2IY1JKFJaGr7H6AAzjnf2mzKYqAuHbkqPrz04f6VGtUF4McqAiHIrbmTt66F
D94Y/ghCcR3LgoltJm6JM0ianq13qiz44Hcg9yCSogHFR5XwU3y3iu32oa+v0bZC
6q7yEBZzxb3ozkqsDJoCYfTgyGUvUBhtrahFbmw3W4/3hOSkCk+XUxYDSVaBUGhP
+rXjEJoI75o0f06W7AeBwjBjdt9YOFj/jrHp68VO3Gk7CHuMtAI/lX0jit69AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQU2bmxMQvxUdv5MImOgkwQBdZGRBswHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgACMCQDBwAqD4XB
A/ADBwAqD4XBDBgDBwAqD4XBDMADBwAqD4XBDjwwDQYJKoZIhvcNAQELBQADggEB
AKvXzNh/9i+aAR53ZeyOgwvbnRkiFu/cWokRAew8Wp4R13YEM4Cut3sN4tXmgyGu
sm4cVV4Z3C9pkrKz7yFXg3V2zsoKpG0yEmQ5E0r+HfiAlMRf+vSj+UMI20mam18D
qmWi4Mr8AvuHEGfbnB56VzfyjU0XupZEjUHWUKk7NQRCAA4pxdlRG2ZBLj93LURz
r8UE7jmewegd1eOwD2cqBT/Bnk/mBs86BvivenYx4kKWd9XOBVYzJC9YuRly9YT4
FctOi3fouQ4XaoU2b8kuwFvFzaoYbmrdkGjJGJWdJyVrKHuHXu3jzUdg9he1IcdQ
UsY0E671Ec5fpQy09SJywQU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:33:37 2026 by rpki-client