Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: Yr9E4NEO2sJzZFwsOz613kAb9AxoZeahd0Ea69UMrZU=
Subject key identifier: AA:6D:41:1B:E8:73:33:F6:8B:EF:97:D3:F4:F1:BB:B6:F0:2B:21:85
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 22D924CFD5527E0261DA3C212B8C1FAA7ADC2B59
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS3320.roa
Signing time: Tue 30 Sep 2025 10:03:14 +0000
ROA not before: Tue 30 Sep 2025 09:58:14 +0000
ROA not after: Tue 29 Sep 2026 10:03:14 +0000
asID: 3320
IP address blocks: 82.139.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d9:24:cf:d5:52:7e:02:61:da:3c:21:2b:8c:1f:aa:7a:dc:2b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 30 09:58:14 2025 GMT
Not After : Sep 29 10:03:14 2026 GMT
Subject: CN=AA6D411BE87333F68BEF97D3F4F1BBB6F02B2185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:b4:66:af:32:ba:c9:ab:46:3f:a8:6d:72:
50:a1:33:34:8e:e4:8d:67:e1:5d:72:95:d5:0a:1f:
7b:1e:ad:3d:98:83:61:ad:89:40:74:e7:4c:53:73:
e8:b7:5f:44:6a:59:8e:55:73:db:2f:8b:e7:53:af:
7f:90:09:46:bb:1d:15:19:2f:05:a6:80:2d:85:57:
a0:32:09:ef:a6:6d:7b:e9:0c:11:b3:5a:f3:55:08:
27:4e:14:21:61:79:d8:8a:d7:a7:14:cc:41:35:88:
2e:02:57:89:4f:5e:07:51:a0:25:19:80:e8:0d:56:
cc:6a:11:b9:97:51:68:07:28:41:59:9c:d2:31:f3:
d6:af:c3:8a:af:d7:6c:04:35:9b:55:0d:2c:f5:79:
09:32:37:2d:6c:f8:6b:72:35:72:94:24:b1:49:96:
77:c4:e2:be:28:aa:b2:32:d7:c1:52:c0:b8:e2:d7:
10:cd:88:e3:c1:e2:e0:52:48:66:d5:a3:f1:ed:b4:
30:57:c2:3c:5a:2d:16:19:c0:32:44:a0:c9:1a:7e:
98:2f:96:e0:f8:7e:80:4f:66:72:99:c8:06:65:18:
15:15:eb:c9:2d:f5:df:0a:7a:4b:c2:57:aa:53:82:
35:f9:c2:62:a5:95:1f:18:c8:b5:e3:b0:d7:bb:2b:
97:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6D:41:1B:E8:73:33:F6:8B:EF:97:D3:F4:F1:BB:B6:F0:2B:21:85
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.230.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c8:2d:5c:2a:52:67:3a:6c:40:b1:79:81:f5:ff:06:01:52:
c2:25:a4:66:5d:ce:f0:46:b6:4a:39:ad:f8:01:63:10:a4:b8:
9e:58:55:62:07:ae:b3:15:60:0a:21:80:49:ff:55:0c:eb:54:
b1:e9:3c:ea:7e:54:bc:6e:82:5e:18:1a:e4:f4:8d:0c:9d:4d:
a3:d7:71:d5:0a:22:ad:1b:a4:7a:77:9e:c9:68:b8:3d:36:40:
4d:b2:db:53:ca:02:21:4d:10:5e:c0:b7:24:b6:e3:75:74:01:
f0:7b:2d:41:bf:21:6b:48:7b:d1:1c:85:20:d2:1f:f8:41:fd:
bd:98:87:82:11:f3:43:fa:8f:0c:26:3e:06:3b:57:3d:a5:9e:
d4:47:17:b6:41:cc:70:06:3f:1e:94:a0:a4:6a:78:89:d4:13:
bb:76:4b:5d:b9:ce:20:44:13:d7:4a:5c:2c:ae:ab:4b:5b:7b:
66:7e:e2:ce:0b:5e:d8:13:07:14:a0:98:c8:ba:0e:b7:c9:4c:
8d:91:fb:eb:03:3c:a1:15:5b:b3:ad:4a:97:2e:cd:f1:34:4e:
5f:ab:d3:71:da:41:19:6f:f6:87:5c:0f:28:d0:c5:34:bb:7e:
8e:33:66:ea:c4:a7:d6:8d:20:17:8d:92:63:c9:0a:b5:e9:db:
d2:c6:53:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUItkkz9VSfgJh2jwhK4wfqnrcK1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MzAwOTU4MTRaFw0yNjA5MjkxMDAzMTRaMDMxMTAvBgNV
BAMTKEFBNkQ0MTFCRTg3MzMzRjY4QkVGOTdEM0Y0RjFCQkI2RjAyQjIxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqZLRmrzK6yatGP6htclChMzSO
5I1n4V1yldUKH3serT2Yg2GtiUB050xTc+i3X0RqWY5Vc9svi+dTr3+QCUa7HRUZ
LwWmgC2FV6AyCe+mbXvpDBGzWvNVCCdOFCFhediK16cUzEE1iC4CV4lPXgdRoCUZ
gOgNVsxqEbmXUWgHKEFZnNIx89avw4qv12wENZtVDSz1eQkyNy1s+GtyNXKUJLFJ
lnfE4r4oqrIy18FSwLji1xDNiOPB4uBSSGbVo/HttDBXwjxaLRYZwDJEoMkafpgv
luD4foBPZnKZyAZlGBUV68kt9d8KekvCV6pTgjX5wmKllR8YyLXjsNe7K5dZAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUqm1BG+hzM/aL75fT9PG7tvArIYUwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFKL5jAN
BgkqhkiG9w0BAQsFAAOCAQEAZsgtXCpSZzpsQLF5gfX/BgFSwiWkZl3O8Ea2Sjmt
+AFjEKS4nlhVYgeusxVgCiGASf9VDOtUsek86n5UvG6CXhga5PSNDJ1No9dx1Qoi
rRukeneeyWi4PTZATbLbU8oCIU0QXsC3JLbjdXQB8HstQb8ha0h70RyFINIf+EH9
vZiHghHzQ/qPDCY+BjtXPaWe1EcXtkHMcAY/HpSgpGp4idQTu3ZLXbnOIEQT10pc
LK6rS1t7Zn7izgte2BMHFKCYyLoOt8lMjZH76wM8oRVbs61Kly7N8TROX6vTcdpB
GW/2h1wPKNDFNLt+jjNm6sSn1o0gF42SY8kKtenb0sZTTg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:09 2025 by rpki-client