Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: lkVLIMfRKpVrmaWSWxzTgXeG/qjq3Py/lW4k5vj8JZs=
Subject key identifier: AF:35:45:79:30:E3:68:8C:69:AF:0C:EA:6B:3E:56:E7:88:85:F3:ED
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4E93642A15CFD905DE4F2D72224D630FD524D9E4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Mon 28 Apr 2025 07:30:37 +0000
ROA not before: Mon 28 Apr 2025 07:25:37 +0000
ROA not after: Mon 27 Apr 2026 07:30:37 +0000
asID: 3320
IP address blocks: 82.21.57.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.21.153.0/24 maxlen: 24
82.21.184.0/24 maxlen: 24
82.21.199.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.161.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.197.0/24 maxlen: 24
82.24.4.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.21.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.41.0/24 maxlen: 24
82.24.52.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.86.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.190.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.4.0/24 maxlen: 24
82.25.5.0/24 maxlen: 24
82.25.6.0/24 maxlen: 24
82.25.7.0/24 maxlen: 24
82.25.9.0/24 maxlen: 24
82.25.14.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.138.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.88.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.197.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.27.119.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.38.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.29.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 13:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:93:64:2a:15:cf:d9:05:de:4f:2d:72:22:4d:63:0f:d5:24:d9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 28 07:25:37 2025 GMT
Not After : Apr 27 07:30:37 2026 GMT
Subject: CN=AF35457930E3688C69AF0CEA6B3E56E78885F3ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8e:72:d9:0e:9d:64:c7:07:b1:67:34:29:04:
a3:b5:da:ea:81:5e:22:b2:72:5e:47:03:3d:bd:85:
5c:c3:f9:79:62:83:92:49:31:93:16:34:cb:c8:09:
10:22:47:90:22:4e:e1:a4:8e:b7:1f:3f:df:29:32:
d0:41:0b:7f:d9:54:62:ad:b2:15:64:3d:de:5a:28:
98:e4:a8:82:f5:b4:2f:1c:9e:78:33:f5:78:4d:ff:
6e:12:e3:3b:b5:2a:2f:c9:5f:f2:6d:a7:1c:c5:b5:
7e:91:c2:5b:82:20:17:ac:82:8d:b9:a9:77:5f:8c:
33:70:aa:ad:0a:4f:84:f9:c1:1e:e7:47:a6:3f:f4:
b9:72:eb:5f:4c:9c:e6:58:f0:64:dc:39:9a:ae:ee:
8f:88:20:ad:8c:c8:82:07:d8:e8:06:71:da:b8:43:
18:7d:43:e9:74:32:d0:4a:d4:e7:30:57:b4:17:42:
4b:8e:eb:67:ef:f3:6d:f6:f4:58:c5:e9:5e:e1:a6:
25:32:d4:97:c9:2b:e3:7f:f6:f7:bd:95:79:04:24:
cf:9e:80:f6:38:dd:a9:a4:5b:aa:e3:42:76:c9:de:
a1:8b:2b:5d:b7:93:e0:91:ab:a0:b6:4c:70:7b:ec:
c8:c9:8e:4f:69:5f:b5:2e:6b:6e:36:c7:03:e6:d7:
56:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:35:45:79:30:E3:68:8C:69:AF:0C:EA:6B:3E:56:E7:88:85:F3:ED
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.57.0/24
82.21.125.0/24
82.21.153.0/24
82.21.184.0/24
82.21.199.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.161.0/24
82.22.187.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.197.0/24
82.24.4.0/24
82.24.14.0/24
82.24.21.0/24
82.24.30.0/24
82.24.41.0/24
82.24.52.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.86.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.190.0/24
82.24.203.0/24
82.25.4.0/22
82.25.9.0/24
82.25.14.0/24
82.25.16.0/24
82.25.133.0/24
82.25.138.0/24
82.25.140.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.88.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.147.0/24
82.26.155.0/24
82.26.161.0/24
82.26.168.0/24
82.26.175.0/24
82.26.197.0-82.26.198.255
82.27.10.0/24
82.27.22.0/24
82.27.105.0/24
82.27.119.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.36.0/24
82.29.38.0/23
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.65.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.29.120.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:1d:4e:33:cf:0d:d6:ab:2f:a7:80:eb:03:47:88:ff:55:82:
2e:39:b3:31:b9:b9:ee:ac:4e:3c:fd:b6:e3:70:c6:59:ac:c1:
47:bb:96:3d:9b:7b:1e:f1:87:9b:6e:a7:f6:a7:9e:22:b6:fc:
fa:ea:16:61:33:b9:10:b5:e7:cc:54:87:d5:42:54:3e:5c:85:
3c:99:84:53:00:89:66:57:a0:3c:e9:4d:8b:92:59:05:ff:bf:
30:c7:64:7c:8b:49:c8:b7:d7:61:41:ca:6e:1f:69:5a:7f:16:
5e:46:bb:d2:ab:ac:d2:a4:fb:6a:55:4f:06:41:58:88:ea:54:
d4:a3:16:a1:e3:b0:48:f8:18:ea:5a:16:0c:06:29:6d:f7:aa:
e0:3b:e2:76:65:96:f2:ba:a5:5b:d0:9b:26:0a:c3:63:e9:7d:
a7:d7:1e:6c:00:02:0d:54:20:13:ec:07:90:ff:81:35:98:5f:
1f:ff:06:eb:d4:28:41:96:fb:db:2f:f0:36:b1:be:83:cb:98:
10:5c:d1:3c:c0:14:70:9d:61:fa:bb:e6:11:8c:27:05:60:60:
d2:d6:7d:ab:dd:fa:1e:d1:cc:2c:fa:40:49:5f:33:8a:00:0c:
48:ec:77:40:fb:d6:a9:5e:43:b6:20:0e:77:1d:5c:05:07:0f:
fc:0c:ae:f3
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgIUTpNkKhXP2QXeTy1yIk1jD9Uk2eQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MjgwNzI1MzdaFw0yNjA0MjcwNzMwMzdaMDMxMTAvBgNV
BAMTKEFGMzU0NTc5MzBFMzY4OEM2OUFGMENFQTZCM0U1NkU3ODg4NUYzRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDljnLZDp1kxwexZzQpBKO12uqB
XiKycl5HAz29hVzD+Xlig5JJMZMWNMvICRAiR5AiTuGkjrcfP98pMtBBC3/ZVGKt
shVkPd5aKJjkqIL1tC8cnngz9XhN/24S4zu1Ki/JX/JtpxzFtX6RwluCIBesgo25
qXdfjDNwqq0KT4T5wR7nR6Y/9Lly619MnOZY8GTcOZqu7o+IIK2MyIIH2OgGcdq4
Qxh9Q+l0MtBK1OcwV7QXQkuO62fv82329FjF6V7hpiUy1JfJK+N/9ve9lXkEJM+e
gPY43amkW6rjQnbJ3qGLK123k+CRq6C2THB77MjJjk9pX7Uua242xwPm11YtAgMB
AAGjggPEMIIDwDAdBgNVHQ4EFgQUrzVFeTDjaIxprwzqaz5W54iF8+0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAdkGCCsGAQUFBwEHAQH/BIIByDCCAcQwggHABAIAATCC
AbgDBABSFTkDBABSFX0DBABSFZkDBABSFbgDBABSFccDBABSFmYDBABSFmkDBABS
FmwDBABSFqEDBABSFrsDBABSFr8DBABSFsIDBABSF6gDBABSF8UDBABSGAQDBABS
GA4DBABSGBUDBABSGB4DBABSGCkDBABSGDQDBABSGDcDBABSGEgDBABSGE4DBABS
GFYDBABSGG0DBABSGHIDBABSGH0DBABSGL4DBABSGMsDBAJSGQQDBABSGQkDBABS
GQ4DBABSGRADBABSGYUDBABSGYoDBABSGYwDBABSGb8DBABSGcUDBABSGcoDBABS
GkYDBABSGlgDBABSGmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABS
Go0DBABSGpMDBABSGpsDBABSGqEDBABSGqgDBABSGq8wDAMEAFIaxQMEAFIaxgME
AFIbCgMEAFIbFgMEAFIbaQMEAFIbdwMEAFIbxgMEAFIdFwMEAFIdHQMEAFIdJAME
AVIdJgMEAFIdLQMEAFIdMQMEAFIdMwMEAFIdQQMEAFIdRgMEAFIdSQMEAFIdTAME
AFIdTwMEAVIdeDANBgkqhkiG9w0BAQsFAAOCAQEAih1OM88N1qsvp4DrA0eI/1WC
LjmzMbm57qxOPP2243DGWazBR7uWPZt7HvGHm26n9qeeIrb8+uoWYTO5ELXnzFSH
1UJUPlyFPJmEUwCJZlegPOlNi5JZBf+/MMdkfItJyLfXYUHKbh9pWn8WXka70qus
0qT7alVPBkFYiOpU1KMWoeOwSPgY6loWDAYpbfeq4DvidmWW8rqlW9CbJgrDY+l9
p9cebAACDVQgE+wHkP+BNZhfH/8G69QoQZb72y/wNrG+g8uYEFzRPMAUcJ1h+rvm
EYwnBWBg0tZ9q936HtHMLPpASV8zigAMSOx3QPvWqV5DtiAOdx1cBQcP/Ayu8w==
-----END CERTIFICATE-----
Generated at Tue May 6 06:35:47 2025 by rpki-client