Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: fAEgMXrJqGdfFtffH9yIFdoHNNzqLPQ71TUGwcplVIo=
Subject key identifier: E0:09:05:79:6B:2E:63:52:00:19:3D:FB:0E:A7:17:AD:C4:AF:BD:4D
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 23F2C6E66F49D961041CB0282FB39AC6A98EFA2A
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
Signing time: Wed 22 Oct 2025 15:34:37 +0000
ROA not before: Wed 22 Oct 2025 15:29:37 +0000
ROA not after: Wed 21 Oct 2026 15:34:37 +0000
asID: 31898
IP address blocks: 2a14:7581:f00::/44 maxlen: 48
2a14:7581:9811::/48 maxlen: 48
2a14:7583:b000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:f2:c6:e6:6f:49:d9:61:04:1c:b0:28:2f:b3:9a:c6:a9:8e:fa:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Oct 22 15:29:37 2025 GMT
Not After : Oct 21 15:34:37 2026 GMT
Subject: CN=E00905796B2E635200193DFB0EA717ADC4AFBD4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:8c:a2:56:85:45:9a:81:99:e2:00:a2:55:
ae:0d:e2:38:aa:15:f4:53:5f:ac:ab:85:ca:e4:45:
d2:11:83:38:b7:5f:ac:04:2d:62:1d:75:68:fb:f2:
36:92:1f:be:e4:fc:93:e0:2a:d0:56:a7:89:3e:d5:
13:bb:46:3b:b4:71:c5:4b:ac:28:8a:19:03:af:2f:
b6:f6:5a:49:50:cb:82:df:b0:37:91:bd:a6:dd:c9:
9e:f4:7c:9d:58:52:80:1b:28:f1:ba:06:21:e5:f5:
8c:85:a9:94:80:15:a0:44:09:27:05:8a:8d:df:ce:
1c:30:3d:71:bd:d2:31:f6:91:01:06:bf:6e:0c:ad:
52:f8:82:c1:88:0b:38:90:49:1c:13:cf:e4:11:88:
53:99:ee:4d:b9:95:e0:a0:7a:7b:73:53:c7:37:ee:
78:bc:ba:d1:9a:e0:b7:26:cc:84:39:2d:a5:f5:ff:
e6:ef:37:3e:f7:c9:0b:9e:ee:55:18:fc:73:43:c2:
c2:1c:dc:b3:89:6d:a2:4a:6e:2c:2e:7a:44:9b:d6:
ad:ed:6d:33:16:b3:ee:3b:87:03:1d:92:30:5e:9b:
c5:ae:c9:6f:de:01:23:61:85:64:0e:b3:43:ff:38:
e0:7d:9d:37:28:90:20:2b:ab:70:06:c0:ea:c0:94:
a0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:09:05:79:6B:2E:63:52:00:19:3D:FB:0E:A7:17:AD:C4:AF:BD:4D
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f00::/44
2a14:7581:9811::/48
2a14:7583:b000::/36
Signature Algorithm: sha256WithRSAEncryption
25:ad:98:5e:0c:61:8d:56:8b:62:fe:af:e2:d5:0f:19:1e:33:
1c:c8:27:45:6b:dd:b5:b2:74:18:2b:c1:39:5d:b0:cb:32:1c:
b3:d5:b8:8b:78:9c:92:ee:2c:75:b2:6b:f7:00:2c:1a:38:e7:
63:ae:65:5c:40:82:f6:00:a8:53:06:b6:3b:16:5d:dd:9d:c6:
ab:5d:7a:0c:58:9f:5d:07:6b:86:2e:58:6a:3a:63:dc:53:a7:
cb:13:a0:3a:cd:22:64:c4:3a:9c:04:32:f6:70:f8:6f:80:6e:
b1:ad:c0:68:62:a6:c4:47:25:45:45:dd:a6:5e:6a:3d:6b:c0:
47:f9:cf:84:19:40:06:79:88:0d:cf:68:da:c4:ba:f7:4d:cb:
9a:d0:e6:4f:4e:e2:0a:92:e4:1a:e2:79:a5:e6:66:84:b0:cc:
50:86:f7:68:46:4d:13:a5:78:ed:7e:60:98:ff:4a:91:be:45:
b7:90:89:c7:ff:d2:88:92:3e:dd:a5:1d:f4:6f:e8:5d:90:c9:
81:5c:9f:fc:ab:a9:7b:01:a4:aa:81:bc:08:fe:12:70:2f:0b:
9f:2e:62:3f:37:32:ea:66:f9:b7:31:f4:8e:65:bb:45:2f:57:
00:a9:ce:8b:10:e7:2d:ec:d5:94:56:9a:97:a7:65:33:b3:39:
4d:e5:59:01
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUI/LG5m9J2WEEHLAoL7OaxqmO+iowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTEwMjIxNTI5MzdaFw0yNjEwMjExNTM0MzdaMDMxMTAvBgNV
BAMTKEUwMDkwNTc5NkIyRTYzNTIwMDE5M0RGQjBFQTcxN0FEQzRBRkJENEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5hoyiVoVFmoGZ4gCiVa4N4jiq
FfRTX6yrhcrkRdIRgzi3X6wELWIddWj78jaSH77k/JPgKtBWp4k+1RO7Rju0ccVL
rCiKGQOvL7b2WklQy4LfsDeRvabdyZ70fJ1YUoAbKPG6BiHl9YyFqZSAFaBECScF
io3fzhwwPXG90jH2kQEGv24MrVL4gsGICziQSRwTz+QRiFOZ7k25leCgentzU8c3
7ni8utGa4LcmzIQ5LaX1/+bvNz73yQue7lUY/HNDwsIc3LOJbaJKbiwuekSb1q3t
bTMWs+47hwMdkjBem8WuyW/eASNhhWQOs0P/OOB9nTcokCArq3AGwOrAlKDzAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQU4AkFeWsuY1IAGT37DqcXrcSvvU0wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgACMBoDBwQqFHWB
DwADBwAqFHWBmBEDBgQqFHWDsDANBgkqhkiG9w0BAQsFAAOCAQEAJa2YXgxhjVaL
Yv6v4tUPGR4zHMgnRWvdtbJ0GCvBOV2wyzIcs9W4i3icku4sdbJr9wAsGjjnY65l
XECC9gCoUwa2OxZd3Z3Gq116DFifXQdrhi5Yajpj3FOnyxOgOs0iZMQ6nAQy9nD4
b4Busa3AaGKmxEclRUXdpl5qPWvAR/nPhBlABnmIDc9o2sS6903LmtDmT07iCpLk
GuJ5peZmhLDMUIb3aEZNE6V47X5gmP9Kkb5Ft5CJx//SiJI+3aUd9G/oXZDJgVyf
/KupewGkqoG8CP4ScC8Lny5iPzcy6mb5tzH0jmW7RS9XAKnOixDnLezVlFaal6dl
M7M5TeVZAQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:36:18 2025 by rpki-client