Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: ZPjDFShHIrpvJkH8TrTkqOnFtFcFeIsF490Qa3IGmVI=
Subject key identifier: 84:08:DC:C0:15:F9:20:8E:B6:49:06:C0:9E:37:30:18:DB:D1:02:D1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 187675803C56C03FDA2BF7EE62A1B1E1E34C1503
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
Signing time: Thu 21 Aug 2025 13:27:25 +0000
ROA not before: Thu 21 Aug 2025 13:22:25 +0000
ROA not after: Thu 20 Aug 2026 13:27:25 +0000
asID: 3320
IP address blocks: 140.233.192.0/18 maxlen: 24
140.233.192.0/24 maxlen: 24
143.14.128.0/24 maxlen: 24
143.14.129.0/24 maxlen: 24
143.14.130.0/24 maxlen: 24
143.14.140.0/24 maxlen: 24
143.14.170.0/24 maxlen: 24
147.79.8.0/21 maxlen: 24
147.79.48.0/24 maxlen: 24
147.79.49.0/24 maxlen: 24
147.79.50.0/24 maxlen: 24
147.79.51.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
150.241.192.0/24 maxlen: 24
150.241.193.0/24 maxlen: 24
150.241.194.0/24 maxlen: 24
150.241.195.0/24 maxlen: 24
155.117.17.0/24 maxlen: 24
155.117.113.0/24 maxlen: 24
155.117.124.0/24 maxlen: 24
155.117.125.0/24 maxlen: 24
155.117.126.0/24 maxlen: 24
155.117.157.0/24 maxlen: 24
155.117.167.0/24 maxlen: 24
155.117.168.0/24 maxlen: 24
155.117.200.0/24 maxlen: 24
155.117.215.0/24 maxlen: 24
155.117.221.0/24 maxlen: 24
155.117.241.0/24 maxlen: 24
162.141.158.0/24 maxlen: 24
167.148.69.0/24 maxlen: 24
167.148.126.0/24 maxlen: 24
167.148.159.0/24 maxlen: 24
167.148.162.0/24 maxlen: 24
167.148.192.0/24 maxlen: 24
167.148.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:76:75:80:3c:56:c0:3f:da:2b:f7:ee:62:a1:b1:e1:e3:4c:15:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 21 13:22:25 2025 GMT
Not After : Aug 20 13:27:25 2026 GMT
Subject: CN=8408DCC015F9208EB64906C09E373018DBD102D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:27:15:4e:7c:0f:e7:82:26:d3:08:0c:ca:e6:
74:ae:ec:14:33:a3:9a:a6:64:7a:98:f9:ba:3c:c6:
ab:9a:3f:da:51:37:ad:b0:fa:54:ee:82:ab:3a:c5:
a2:5e:bf:5b:02:b5:b4:f4:2e:c8:0f:3a:fe:9d:c8:
b1:a1:82:6a:75:1e:20:86:ca:52:e0:cc:e0:cb:93:
59:61:06:ff:53:be:ea:a0:31:33:2e:40:00:f2:80:
26:a5:03:2d:16:26:d1:4a:64:7f:a2:50:93:12:96:
3c:37:1d:84:71:4f:79:67:ef:c6:4f:43:12:77:f2:
53:9a:a0:10:2d:d1:9e:de:8c:a7:59:b9:e3:86:47:
0d:a9:bc:3b:65:38:49:b0:64:9b:2d:a1:f8:7f:e7:
09:9c:05:b3:c4:3b:b5:ca:3d:95:d8:cf:78:97:ea:
2e:bd:26:1c:5e:3f:1d:cb:dd:53:c9:d0:4e:52:fa:
df:95:79:e6:74:bd:bc:f0:8a:09:93:bc:5e:13:ed:
ee:12:d1:e4:9f:0a:1c:c2:bb:fa:40:2d:07:35:7a:
5e:15:ba:20:11:59:ef:0c:2b:1e:db:ac:f1:5d:3c:
41:cb:c8:46:a6:35:c2:f5:3b:01:0d:ec:74:6b:91:
7c:3c:c2:4f:73:61:ec:cf:14:1e:c0:7d:5c:51:b9:
bb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:08:DC:C0:15:F9:20:8E:B6:49:06:C0:9E:37:30:18:DB:D1:02:D1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.128.0-143.14.130.255
143.14.140.0/24
143.14.170.0/24
147.79.8.0/21
147.79.48.0/22
148.135.192.0/24
150.241.192.0/22
155.117.17.0/24
155.117.113.0/24
155.117.124.0-155.117.126.255
155.117.157.0/24
155.117.167.0-155.117.168.255
155.117.200.0/24
155.117.215.0/24
155.117.221.0/24
155.117.241.0/24
162.141.158.0/24
167.148.69.0/24
167.148.126.0/24
167.148.159.0/24
167.148.162.0/24
167.148.192.0/24
167.148.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:05:3c:b6:69:7a:0c:90:8e:ae:9d:55:d7:3b:7f:19:24:fe:
13:00:d4:df:13:87:f9:fa:c7:19:6c:04:2a:bd:92:48:b2:31:
fd:9a:8a:a5:53:a8:6b:65:8c:e5:e5:ee:ba:c5:56:75:dd:67:
96:a1:fd:b8:ee:23:a6:b0:47:d0:f7:f7:0d:73:7f:f5:30:50:
45:07:cb:2e:a8:0e:6a:17:3f:54:09:f9:6f:5d:a0:31:38:a1:
de:94:9e:17:dc:24:f7:55:e7:78:db:8a:00:2d:22:86:73:ed:
f6:c1:65:28:80:8d:72:9f:d7:32:da:a6:bc:97:e7:c8:2a:b5:
50:12:ff:22:8d:3f:b3:14:2a:d9:b2:3b:a0:62:5f:42:72:90:
14:d9:35:3b:8f:e9:aa:18:af:df:f6:a8:5b:4a:1f:bb:f3:fe:
34:35:fc:bf:e5:4e:3f:03:46:9c:36:e5:5d:c7:48:d4:3a:49:
65:fa:cd:fe:7c:db:ec:e9:73:f7:81:f5:54:89:0f:2c:fb:e5:
1c:af:fe:54:c0:31:3d:5a:f4:ea:d2:55:e5:a5:3a:a8:e2:9a:
c2:67:e3:9c:c4:13:cd:80:1b:16:57:5f:a3:83:32:13:e9:3b:
22:6f:0f:0d:40:c3:26:3b:d1:9e:31:67:4b:0c:33:f3:e6:58:
e7:9e:7d:9c
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIUGHZ1gDxWwD/aK/fuYqGx4eNMFQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MjExMzIyMjVaFw0yNjA4MjAxMzI3MjVaMDMxMTAvBgNV
BAMTKDg0MDhEQ0MwMTVGOTIwOEVCNjQ5MDZDMDlFMzczMDE4REJEMTAyRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0JxVOfA/ngibTCAzK5nSu7BQz
o5qmZHqY+bo8xquaP9pRN62w+lTugqs6xaJev1sCtbT0LsgPOv6dyLGhgmp1HiCG
ylLgzODLk1lhBv9TvuqgMTMuQADygCalAy0WJtFKZH+iUJMSljw3HYRxT3ln78ZP
QxJ38lOaoBAt0Z7ejKdZueOGRw2pvDtlOEmwZJstofh/5wmcBbPEO7XKPZXYz3iX
6i69JhxePx3L3VPJ0E5S+t+VeeZ0vbzwigmTvF4T7e4S0eSfChzCu/pALQc1el4V
uiARWe8MKx7brPFdPEHLyEamNcL1OwEN7HRrkXw8wk9zYezPFB7AfVxRubuPAgMB
AAGjggKvMIICqzAdBgNVHQ4EFgQUhAjcwBX5II62SQbAnjcwGNvRAtEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxQYIKwYBBQUHAQcBAf8EgbUwgbIwga8EAgABMIGoAwQG
jOnAMAwDBAePDoADBACPDoIDBACPDowDBACPDqoDBAOTTwgDBAKTTzADBACUh8AD
BAKW8cADBACbdREDBACbdXEwDAMEApt1fAMEAJt1fgMEAJt1nTAMAwQAm3WnAwQA
m3WoAwQAm3XIAwQAm3XXAwQAm3XdAwQAm3XxAwQAoo2eAwQAp5RFAwQAp5R+AwQA
p5SfAwQAp5SiAwQAp5TAAwQAp5TTMA0GCSqGSIb3DQEBCwUAA4IBAQCOBTy2aXoM
kI6unVXXO38ZJP4TANTfE4f5+scZbAQqvZJIsjH9moqlU6hrZYzl5e66xVZ13WeW
of247iOmsEfQ9/cNc3/1MFBFB8suqA5qFz9UCflvXaAxOKHelJ4X3CT3Ved424oA
LSKGc+32wWUogI1yn9cy2qa8l+fIKrVQEv8ijT+zFCrZsjugYl9CcpAU2TU7j+mq
GK/f9qhbSh+78/40Nfy/5U4/A0acNuVdx0jUOkll+s3+fNvs6XP3gfVUiQ8s++Uc
r/5UwDE9WvTq0lXlpTqo4prCZ+OcxBPNgBsWV1+jgzIT6Tsibw8NQMMmO9GeMWdL
DDPz5ljnnn2c
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:48:57 2025 by rpki-client