Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: 8pRb/dIXE2O8aYAr9Wt76GbfwDCqC3QAm6BHpoVOCyI=
Subject key identifier: 03:F2:46:94:B7:CD:EE:97:D2:46:7D:38:A7:7B:D1:1A:1C:5C:FC:A6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4246D9E220D1CBBA95C333B4058B0A73E915C515
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Fri 08 May 2026 13:14:12 +0000
ROA not before: Fri 08 May 2026 13:09:12 +0000
ROA not after: Fri 07 May 2027 13:14:12 +0000
asID: 3320
IP address blocks: 82.21.184.0/24 maxlen: 24
82.22.4.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.24.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.38.102.0/24 maxlen: 24
82.38.111.0/24 maxlen: 24
82.38.133.0/24 maxlen: 24
82.38.147.0/24 maxlen: 24
82.38.150.0/24 maxlen: 24
82.38.220.0/24 maxlen: 24
82.38.221.0/24 maxlen: 24
82.38.222.0/24 maxlen: 24
82.39.102.0/24 maxlen: 24
82.39.103.0/24 maxlen: 24
82.39.251.0/24 maxlen: 24
82.39.254.0/24 maxlen: 24
82.39.255.0/24 maxlen: 24
82.40.21.0/24 maxlen: 24
82.41.143.0/24 maxlen: 24
82.41.158.0/24 maxlen: 24
82.41.244.0/24 maxlen: 24
82.41.245.0/24 maxlen: 24
82.47.14.0/24 maxlen: 24
82.47.15.0/24 maxlen: 24
82.47.16.0/24 maxlen: 24
82.47.27.0/24 maxlen: 24
82.47.59.0/24 maxlen: 24
82.47.104.0/24 maxlen: 24
82.47.117.0/24 maxlen: 24
82.47.147.0/24 maxlen: 24
82.47.220.0/24 maxlen: 24
84.75.154.0/24 maxlen: 24
84.75.172.0/24 maxlen: 24
84.75.196.0/24 maxlen: 24
84.75.200.0/24 maxlen: 24
84.75.206.0/24 maxlen: 24
84.75.209.0/24 maxlen: 24
84.75.218.0/24 maxlen: 24
178.83.152.0/24 maxlen: 24
178.83.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:46:d9:e2:20:d1:cb:ba:95:c3:33:b4:05:8b:0a:73:e9:15:c5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 13:09:12 2026 GMT
Not After : May 7 13:14:12 2027 GMT
Subject: CN=03F24694B7CDEE97D2467D38A77BD11A1C5CFCA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b3:6a:4a:b2:a4:c6:21:01:f6:6a:72:6e:31:
72:18:af:9e:4e:6d:9c:7d:eb:10:4c:93:c1:1b:de:
67:ed:e3:1e:c9:2c:7c:10:df:b5:7f:3e:b0:ed:f2:
62:3c:d3:34:ad:1b:ef:5e:89:44:b7:b6:58:e8:9d:
b6:38:80:8d:16:e7:51:a7:34:f0:5c:2c:3d:c9:90:
38:e4:55:e3:60:ba:77:60:8c:7a:cc:bd:90:b1:52:
b2:a3:9b:ff:1f:23:ee:42:55:b7:3c:b3:e5:aa:95:
12:b0:d7:84:5b:d4:51:11:f1:02:53:df:6e:aa:4c:
d1:c6:35:17:4d:32:54:be:34:bc:8e:bb:65:3f:14:
56:4c:ae:09:cb:2b:34:8d:4a:1c:f7:10:94:5a:de:
9f:ae:df:7c:f4:ba:df:3a:57:f9:f3:f4:b5:26:9f:
0f:69:83:63:05:91:82:e0:b0:c8:60:25:14:0b:45:
bb:34:38:de:8a:62:c1:95:ba:81:e4:3a:97:e5:ec:
0f:5a:d0:3f:bb:60:75:bd:6c:20:cf:22:98:90:df:
f7:ce:ea:33:f8:3d:c3:30:95:c3:14:6a:32:3d:ab:
72:32:4c:c1:b9:d6:e1:a1:c0:bf:de:03:6b:bc:e5:
95:51:87:4a:96:64:77:11:26:a4:8a:35:40:ce:d2:
9b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F2:46:94:B7:CD:EE:97:D2:46:7D:38:A7:7B:D1:1A:1C:5C:FC:A6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.184.0/24
82.22.4.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.228.0/24
82.24.14.0/24
82.24.30.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.203.0/24
82.25.24.0/24
82.25.133.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.161.0/24
82.26.168.0/24
82.27.10.0/24
82.27.22.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.65.0/24
82.29.120.0/24
82.38.102.0/24
82.38.111.0/24
82.38.133.0/24
82.38.147.0/24
82.38.150.0/24
82.38.220.0-82.38.222.255
82.39.102.0/23
82.39.251.0/24
82.39.254.0/23
82.40.21.0/24
82.41.143.0/24
82.41.158.0/24
82.41.244.0/23
82.47.14.0-82.47.16.255
82.47.27.0/24
82.47.59.0/24
82.47.104.0/24
82.47.117.0/24
82.47.147.0/24
82.47.220.0/24
84.75.154.0/24
84.75.172.0/24
84.75.196.0/24
84.75.200.0/24
84.75.206.0/24
84.75.209.0/24
84.75.218.0/24
178.83.152.0/24
178.83.161.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:5f:86:64:2c:1a:5d:59:12:3c:67:f8:1e:37:9d:ab:e6:f2:
0a:8c:02:91:21:87:1c:83:a3:4d:d1:3f:d7:a1:ca:17:f6:aa:
8c:a3:4b:15:9d:a6:fd:30:98:b2:9d:af:ac:e2:76:8f:5d:54:
de:6d:44:ac:86:21:08:8b:72:4a:95:5b:58:fe:fe:0e:18:65:
b4:05:ee:b5:64:3a:9d:94:e5:87:84:63:6f:0b:9d:af:33:eb:
a8:d3:46:23:61:2b:cf:d2:de:6b:30:f7:5a:68:d2:9a:04:f9:
2a:6b:bc:c2:cc:39:00:11:64:3a:bb:43:4b:02:04:a2:86:91:
ef:0e:ac:ba:56:a3:ea:66:a3:47:37:d6:45:a3:20:4d:1a:2e:
4c:8f:8d:7b:4f:bf:69:29:85:68:cf:ec:6d:0a:df:f3:46:57:
cb:80:43:ed:25:d8:0d:ae:10:ef:b1:56:6e:c9:83:c8:1d:c7:
ca:4e:20:cb:f9:2b:3a:1d:5c:5c:03:59:9f:73:2f:84:bf:c3:
51:22:dd:4b:17:66:0e:2d:ba:8a:3c:77:aa:7b:29:21:f9:77:
f5:dd:3a:17:ad:51:68:16:5f:86:4a:d6:9e:93:4d:4c:6e:58:
ca:0f:5a:2b:46:b9:16:18:65:42:30:40:1d:1d:93:46:f9:52:
73:92:46:8a
-----BEGIN CERTIFICATE-----
MIIGsDCCBZigAwIBAgIUQkbZ4iDRy7qVwzO0BYsKc+kVxRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgxMzA5MTJaFw0yNzA1MDcxMzE0MTJaMDMxMTAvBgNV
BAMTKDAzRjI0Njk0QjdDREVFOTdEMjQ2N0QzOEE3N0JEMTFBMUM1Q0ZDQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYs2pKsqTGIQH2anJuMXIYr55O
bZx96xBMk8Eb3mft4x7JLHwQ37V/PrDt8mI80zStG+9eiUS3tljonbY4gI0W51Gn
NPBcLD3JkDjkVeNgundgjHrMvZCxUrKjm/8fI+5CVbc8s+WqlRKw14Rb1FER8QJT
326qTNHGNRdNMlS+NLyOu2U/FFZMrgnLKzSNShz3EJRa3p+u33z0ut86V/nz9LUm
nw9pg2MFkYLgsMhgJRQLRbs0ON6KYsGVuoHkOpfl7A9a0D+7YHW9bCDPIpiQ3/fO
6jP4PcMwlcMUajI9q3IyTMG51uGhwL/eA2u85ZVRh0qWZHcRJqSKNUDO0pv/AgMB
AAGjggO6MIIDtjAdBgNVHQ4EFgQUA/JGlLfN7pfSRn04p3vRGhxc/KYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAc8GCCsGAQUFBwEHAQH/BIIBvjCCAbowggG2BAIAATCC
Aa4DBABSFbgDBABSFgQDBABSFmYDBABSFmkDBABSFmwDBABSFr8DBABSFsIDBABS
F6gDBABSF+QDBABSGA4DBABSGB4DBABSGDcDBABSGEgDBABSGE4DBABSGG0DBABS
GHIDBABSGH0DBABSGMsDBABSGRgDBABSGYUDBABSGb8DBABSGcUDBABSGcoDBABS
GkYDBABSGmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABSGo0DBABS
GqEDBABSGqgDBABSGwoDBABSGxYDBABSG8YDBABSHRcDBABSHR0DBABSHUEDBABS
HXgDBABSJmYDBABSJm8DBABSJoUDBABSJpMDBABSJpYwDAMEAlIm3AMEAFIm3gME
AVInZgMEAFIn+wMEAVIn/gMEAFIoFQMEAFIpjwMEAFIpngMEAVIp9DAMAwQBUi8O
AwQAUi8QAwQAUi8bAwQAUi87AwQAUi9oAwQAUi91AwQAUi+TAwQAUi/cAwQAVEua
AwQAVEusAwQAVEvEAwQAVEvIAwQAVEvOAwQAVEvRAwQAVEvaAwQAslOYAwQAslOh
MA0GCSqGSIb3DQEBCwUAA4IBAQBtX4ZkLBpdWRI8Z/geN52r5vIKjAKRIYccg6NN
0T/XocoX9qqMo0sVnab9MJiyna+s4naPXVTebUSshiEIi3JKlVtY/v4OGGW0Be61
ZDqdlOWHhGNvC52vM+uo00YjYSvP0t5rMPdaaNKaBPkqa7zCzDkAEWQ6u0NLAgSi
hpHvDqy6VqPqZqNHN9ZFoyBNGi5Mj417T79pKYVoz+xtCt/zRlfLgEPtJdgNrhDv
sVZuyYPIHcfKTiDL+Ss6HVxcA1mfcy+Ev8NRIt1LF2YOLbqKPHeqeykh+Xf13ToX
rVFoFl+GStaek01MbljKD1orRrkWGGVCMEAdHZNG+VJzkkaK
-----END CERTIFICATE-----
Generated at Wed May 13 00:18:28 2026 by rpki-client