Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: u+2fjE+KqIN4Y/lisrqAQkQnWyyH2NkYIMQfQAEGCoA=
Subject key identifier: AB:8E:A1:03:F0:4F:03:30:54:31:D4:87:91:33:70:65:94:F2:5D:2C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 24450851402C853CE0AD1196AF7E6A6BCE48DBBC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Thu 16 Oct 2025 22:23:06 +0000
ROA not before: Thu 16 Oct 2025 22:18:06 +0000
ROA not after: Thu 15 Oct 2026 22:23:06 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.178.0/24 maxlen: 24
95.134.180.0/24 maxlen: 24
95.134.192.0/24 maxlen: 24
95.134.205.0/24 maxlen: 24
95.134.224.0/22 maxlen: 24
95.134.233.0/24 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
95.135.222.0/24 maxlen: 24
178.92.85.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
178.92.93.0/24 maxlen: 24
178.92.106.0/24 maxlen: 24
178.92.172.0/22 maxlen: 24
178.92.232.0/24 maxlen: 24
178.92.248.0/24 maxlen: 24
178.93.17.0/24 maxlen: 24
178.93.19.0/24 maxlen: 24
178.93.28.0/24 maxlen: 24
178.93.31.0/24 maxlen: 24
178.93.35.0/24 maxlen: 24
178.93.59.0/24 maxlen: 24
178.93.208.0/24 maxlen: 24
178.93.224.0/24 maxlen: 24
178.93.254.0/24 maxlen: 24
178.94.38.0/24 maxlen: 24
178.94.54.0/24 maxlen: 24
178.94.68.0/24 maxlen: 24
178.94.123.0/24 maxlen: 24
178.95.11.0/24 maxlen: 24
178.95.15.0/24 maxlen: 24
178.95.16.0/24 maxlen: 24
178.95.21.0/24 maxlen: 24
178.95.27.0/24 maxlen: 24
178.95.93.0/24 maxlen: 24
178.95.103.0/24 maxlen: 24
178.95.112.0/24 maxlen: 24
178.95.127.0/24 maxlen: 24
178.95.128.0/24 maxlen: 24
178.95.129.0/24 maxlen: 24
178.95.130.0/24 maxlen: 24
178.95.132.0/24 maxlen: 24
178.95.134.0/24 maxlen: 24
178.95.136.0/24 maxlen: 24
178.95.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:45:08:51:40:2c:85:3c:e0:ad:11:96:af:7e:6a:6b:ce:48:db:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 16 22:18:06 2025 GMT
Not After : Oct 15 22:23:06 2026 GMT
Subject: CN=AB8EA103F04F03305431D4879133706594F25D2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:50:31:40:1f:2a:8b:78:30:85:8b:1d:15:1b:
b8:44:89:6c:d0:09:c8:e6:0d:19:de:c3:9d:f7:f9:
9b:dd:2d:93:de:47:28:7c:8d:e3:0c:c2:56:1c:50:
79:0e:17:c6:21:db:dc:1a:1c:3a:ab:39:43:35:84:
5d:71:b6:7b:47:22:e7:fb:89:8b:39:ef:73:db:9b:
d3:2b:41:ff:97:3e:cb:cc:44:4c:ac:e9:ae:25:1e:
bf:27:b5:ca:e2:59:67:23:26:b8:9a:69:7e:81:9d:
28:3d:27:d4:ee:40:82:b9:53:5e:5e:59:73:e1:8e:
01:67:65:83:06:9e:15:01:69:4e:29:fc:38:fe:c3:
f3:88:40:7c:d4:c3:10:c3:3d:a5:d0:5c:00:8d:e4:
d8:4f:a9:03:9f:63:05:41:59:13:c3:14:22:eb:34:
1d:52:41:1c:1a:c0:83:6d:cf:1e:bd:dd:26:e3:6e:
5b:4d:1c:3f:ed:5d:48:58:0e:ea:e9:2b:3a:94:12:
86:bd:ba:5a:c4:c4:7b:9d:82:92:8a:ad:60:6b:b8:
52:80:2b:9b:80:98:9c:d8:6c:36:bf:e8:8b:04:aa:
a9:ae:c1:c5:c9:77:d7:26:3a:fe:6a:6e:54:93:54:
0d:f7:16:1b:a2:93:73:de:11:c3:fd:9a:53:50:8a:
22:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8E:A1:03:F0:4F:03:30:54:31:D4:87:91:33:70:65:94:F2:5D:2C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.134.16.0/22
95.134.178.0/24
95.134.180.0/24
95.134.192.0/24
95.134.205.0/24
95.134.224.0/22
95.134.233.0/24
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
95.135.222.0/24
178.92.85.0/24
178.92.88.0/24
178.92.93.0/24
178.92.106.0/24
178.92.172.0/22
178.92.232.0/24
178.92.248.0/24
178.93.17.0/24
178.93.19.0/24
178.93.28.0/24
178.93.31.0/24
178.93.35.0/24
178.93.59.0/24
178.93.208.0/24
178.93.224.0/24
178.93.254.0/24
178.94.38.0/24
178.94.54.0/24
178.94.68.0/24
178.94.123.0/24
178.95.11.0/24
178.95.15.0-178.95.16.255
178.95.21.0/24
178.95.27.0/24
178.95.93.0/24
178.95.103.0/24
178.95.112.0/24
178.95.127.0-178.95.130.255
178.95.132.0/24
178.95.134.0/24
178.95.136.0/24
178.95.194.0/24
Signature Algorithm: sha256WithRSAEncryption
86:13:60:39:3f:10:e1:2c:23:cb:43:78:02:b7:3b:c6:93:67:
ac:e0:27:1c:7e:91:3d:a0:fe:04:9a:a3:53:18:e3:30:9c:46:
42:fa:a0:0b:7d:c3:d3:69:46:bc:fb:f1:27:fa:46:d7:63:ff:
57:e0:33:9b:f8:f7:46:67:3f:d7:a6:9d:0e:07:7b:10:80:fe:
78:2c:b0:26:5e:bf:9a:ff:8f:ed:04:9d:d0:d6:17:a2:f6:ee:
46:d6:71:35:c5:3c:41:11:37:96:52:9b:92:be:45:67:b9:bb:
47:00:7a:66:4a:ae:be:62:79:ac:a4:ba:23:1d:04:dd:f3:26:
46:40:39:4e:3a:8b:ef:f9:91:63:6b:1d:30:a4:ea:c5:47:6b:
82:27:ad:7e:8c:5a:5c:60:be:59:09:cc:bc:a8:c8:d5:3d:74:
20:d3:94:3b:cb:fb:25:f7:45:40:92:60:e1:f3:e2:6c:af:12:
9b:9c:7d:e3:6e:82:8b:e0:03:e0:2a:65:52:68:fc:e7:e1:c9:
d2:b5:b3:cb:af:9c:1d:c0:7e:cf:ad:12:f8:07:24:c2:44:f4:
68:91:c4:ec:5b:67:77:37:a7:84:a4:03:a1:c5:23:80:15:f4:
35:9a:23:79:5d:86:9e:b5:22:b8:b9:ee:4d:67:3e:b0:94:1e:
ee:bb:d7:d5
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIUJEUIUUAshTzgrRGWr35qa85I27wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTYyMjE4MDZaFw0yNjEwMTUyMjIzMDZaMDMxMTAvBgNV
BAMTKEFCOEVBMTAzRjA0RjAzMzA1NDMxRDQ4NzkxMzM3MDY1OTRGMjVEMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQUDFAHyqLeDCFix0VG7hEiWzQ
CcjmDRnew533+ZvdLZPeRyh8jeMMwlYcUHkOF8Yh29waHDqrOUM1hF1xtntHIuf7
iYs573Pbm9MrQf+XPsvMREys6a4lHr8ntcriWWcjJriaaX6BnSg9J9TuQIK5U15e
WXPhjgFnZYMGnhUBaU4p/Dj+w/OIQHzUwxDDPaXQXACN5NhPqQOfYwVBWRPDFCLr
NB1SQRwawINtzx693SbjbltNHD/tXUhYDurpKzqUEoa9ulrExHudgpKKrWBruFKA
K5uAmJzYbDa/6IsEqqmuwcXJd9cmOv5qblSTVA33Fhuik3PeEcP9mlNQiiLDAgMB
AAGjggMwMIIDLDAdBgNVHQ4EFgQUq46hA/BPAzBUMdSHkTNwZZTyXSwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAUUGCCsGAQUFBwEHAQH/BIIBNDCCATAwggEsBAIAATCC
ASQDBAJbfHADBAJbfKQDBABccAoDBAJfhhADBABfhrIDBABfhrQDBABfhsADBABf
hs0DBAJfhuADBABfhukDBAJfhywDBAJfh0wDBAJfh1gDBABfh94DBACyXFUDBACy
XFgDBACyXF0DBACyXGoDBAKyXKwDBACyXOgDBACyXPgDBACyXREDBACyXRMDBACy
XRwDBACyXR8DBACyXSMDBACyXTsDBACyXdADBACyXeADBACyXf4DBACyXiYDBACy
XjYDBACyXkQDBACyXnsDBACyXwswDAMEALJfDwMEALJfEAMEALJfFQMEALJfGwME
ALJfXQMEALJfZwMEALJfcDAMAwQAsl9/AwQAsl+CAwQAsl+EAwQAsl+GAwQAsl+I
AwQAsl/CMA0GCSqGSIb3DQEBCwUAA4IBAQCGE2A5PxDhLCPLQ3gCtzvGk2es4Ccc
fpE9oP4EmqNTGOMwnEZC+qALfcPTaUa8+/En+kbXY/9X4DOb+PdGZz/Xpp0OB3sQ
gP54LLAmXr+a/4/tBJ3Q1hei9u5G1nE1xTxBETeWUpuSvkVnubtHAHpmSq6+Ynms
pLojHQTd8yZGQDlOOovv+ZFjax0wpOrFR2uCJ61+jFpcYL5ZCcy8qMjVPXQg05Q7
y/sl90VAkmDh8+JsrxKbnH3jboKL4APgKmVSaPzn4cnStbPLr5wdwH7PrRL4ByTC
RPRokcTsW2d3N6eEpAOhxSOAFfQ1miN5XYaetSK4ue5NZz6wlB7uu9fV
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:36:29 2025 by rpki-client