Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: dzj3pH8qDSsa4GBGbRyzux2mg/adiQBvjsRX21HTuyM=
Subject key identifier: E9:B1:69:58:23:46:6F:A4:D6:1F:A0:A4:46:71:17:45:8E:5E:1C:C2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 671347C4287B445AA189985728F150217D7377FC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Tue 12 May 2026 11:34:14 +0000
ROA not before: Tue 12 May 2026 11:29:14 +0000
ROA not after: Tue 11 May 2027 11:34:14 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.61.0/24 maxlen: 24
95.134.112.0/24 maxlen: 24
95.134.178.0/24 maxlen: 24
95.134.180.0/24 maxlen: 24
95.134.192.0/24 maxlen: 24
95.134.205.0/24 maxlen: 24
95.134.224.0/22 maxlen: 24
95.134.233.0/24 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
178.92.85.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
178.92.93.0/24 maxlen: 24
178.92.106.0/24 maxlen: 24
178.92.172.0/22 maxlen: 24
178.92.199.0/24 maxlen: 24
178.92.207.0/24 maxlen: 24
178.93.19.0/24 maxlen: 24
178.93.31.0/24 maxlen: 24
178.93.35.0/24 maxlen: 24
178.93.59.0/24 maxlen: 24
178.93.254.0/24 maxlen: 24
178.95.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:13:47:c4:28:7b:44:5a:a1:89:98:57:28:f1:50:21:7d:73:77:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 12 11:29:14 2026 GMT
Not After : May 11 11:34:14 2027 GMT
Subject: CN=E9B1695823466FA4D61FA0A4467117458E5E1CC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:55:b9:1e:5a:28:79:0b:ee:1d:b9:dc:03:99:
c3:35:5f:05:81:e1:f8:0b:3d:a8:43:e5:43:9e:cd:
c6:5b:57:c1:3e:1a:f0:b2:ea:6a:d2:4f:e5:da:25:
e0:ed:84:32:b7:5c:42:e1:17:5d:e3:5c:d0:1a:22:
2a:cd:f6:60:33:73:92:8c:7f:51:e2:c4:95:64:61:
4c:f6:48:63:fd:03:82:38:9d:3b:16:74:ac:13:fb:
b1:71:9f:81:fc:9c:0c:93:a2:71:b7:8d:3d:10:02:
91:35:1a:ec:35:06:21:20:7a:be:8f:8c:48:98:07:
00:a8:84:c4:ee:e0:91:14:81:03:0f:f3:86:bc:65:
c2:1f:87:73:62:64:77:e1:0b:00:65:a2:19:d3:cf:
d1:d1:b6:b1:5f:76:be:db:ec:06:2c:9a:05:0e:ba:
f0:d5:2a:16:e2:3e:6e:a4:ff:e9:e0:9b:40:ae:92:
ad:65:80:be:d9:97:c8:f4:e5:a8:f0:9c:d7:da:ba:
e7:b8:63:02:bc:64:7a:ab:d3:28:d7:65:ab:68:e0:
fe:c5:d2:ba:72:d8:ac:c5:9b:24:df:df:aa:cf:dc:
a9:c7:9f:a7:d0:71:6f:69:c7:87:f7:d2:12:56:d9:
1b:03:28:4d:c6:7f:46:7f:db:27:de:0c:51:3a:48:
cf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:B1:69:58:23:46:6F:A4:D6:1F:A0:A4:46:71:17:45:8E:5E:1C:C2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.134.16.0/22
95.134.61.0/24
95.134.112.0/24
95.134.178.0/24
95.134.180.0/24
95.134.192.0/24
95.134.205.0/24
95.134.224.0/22
95.134.233.0/24
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
178.92.85.0/24
178.92.88.0/24
178.92.93.0/24
178.92.106.0/24
178.92.172.0/22
178.92.199.0/24
178.92.207.0/24
178.93.19.0/24
178.93.31.0/24
178.93.35.0/24
178.93.59.0/24
178.93.254.0/24
178.95.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:da:3e:69:95:fe:f1:ff:72:4e:f9:d9:d1:d7:12:70:86:76:
20:5a:f7:4f:e3:51:5a:17:dd:6f:02:49:a1:f9:72:ae:ff:e2:
a3:ed:31:f7:1a:32:6f:4e:00:b2:e6:d1:8d:bd:6d:95:d9:e4:
0f:36:68:8c:d7:af:64:d6:2a:62:47:ec:0e:8b:cf:d6:1d:ae:
d9:66:7e:88:78:61:26:48:38:02:60:28:82:41:71:12:02:da:
5d:e8:4b:62:34:80:0c:39:04:7c:3b:ad:d7:6a:9a:86:14:b8:
0c:0c:27:c2:47:46:ef:94:e6:e2:b6:e9:85:08:bf:7a:ff:51:
77:b9:36:44:67:67:dd:2c:2b:5a:10:1d:6f:4c:5a:64:0d:c9:
10:a3:3e:b0:8c:8a:d7:ab:02:e8:60:c8:58:24:b6:3b:be:47:
f9:53:8e:4f:e9:37:07:8e:2f:8b:9e:4d:30:d3:4c:ca:85:6b:
96:c1:a4:a6:f5:4a:c9:92:7e:64:c3:86:b3:ba:20:95:d0:0a:
fc:cf:c6:f7:f4:e3:06:88:13:eb:b9:1b:25:cd:bc:39:11:9e:
78:0b:4f:4c:93:77:40:c7:77:5a:28:bb:cc:4f:c2:0b:b8:68:
40:e3:6b:d9:ef:3e:14:1a:f0:33:ff:c7:32:3b:55:4c:00:06:
98:d5:b1:da
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIUZxNHxCh7RFqhiZhXKPFQIX1zd/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTIxMTI5MTRaFw0yNzA1MTExMTM0MTRaMDMxMTAvBgNV
BAMTKEU5QjE2OTU4MjM0NjZGQTRENjFGQTBBNDQ2NzExNzQ1OEU1RTFDQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOVbkeWih5C+4dudwDmcM1XwWB
4fgLPahD5UOezcZbV8E+GvCy6mrST+XaJeDthDK3XELhF13jXNAaIirN9mAzc5KM
f1HixJVkYUz2SGP9A4I4nTsWdKwT+7Fxn4H8nAyTonG3jT0QApE1Guw1BiEger6P
jEiYBwCohMTu4JEUgQMP84a8ZcIfh3NiZHfhCwBlohnTz9HRtrFfdr7b7AYsmgUO
uvDVKhbiPm6k/+ngm0Cukq1lgL7Zl8j05ajwnNfauue4YwK8ZHqr0yjXZato4P7F
0rpy2KzFmyTf36rP3KnHn6fQcW9px4f30hJW2RsDKE3Gf0Z/2yfeDFE6SM9VAgMB
AAGjggKvMIICqzAdBgNVHQ4EFgQU6bFpWCNGb6TWH6CkRnEXRY5eHMIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxQYIKwYBBQUHAQcBAf8EgbUwgbIwga8EAgABMIGoAwQC
W3xwAwQCW3ykAwQAXHAKAwQCX4YQAwQAX4Y9AwQAX4ZwAwQAX4ayAwQAX4a0AwQA
X4bAAwQAX4bNAwQCX4bgAwQAX4bpAwQCX4csAwQCX4dMAwQCX4dYAwQAslxVAwQA
slxYAwQAslxdAwQAslxqAwQCslysAwQAslzHAwQAslzPAwQAsl0TAwQAsl0fAwQA
sl0jAwQAsl07AwQAsl3+AwQCsl+MMA0GCSqGSIb3DQEBCwUAA4IBAQCN2j5plf7x
/3JO+dnR1xJwhnYgWvdP41FaF91vAkmh+XKu/+Kj7TH3GjJvTgCy5tGNvW2V2eQP
NmiM169k1ipiR+wOi8/WHa7ZZn6IeGEmSDgCYCiCQXESAtpd6EtiNIAMOQR8O63X
apqGFLgMDCfCR0bvlObitumFCL96/1F3uTZEZ2fdLCtaEB1vTFpkDckQoz6wjIrX
qwLoYMhYJLY7vkf5U45P6TcHji+Lnk0w00zKhWuWwaSm9UrJkn5kw4azuiCV0Ar8
z8b39OMGiBPruRslzbw5EZ54C09Mk3dAx3daKLvMT8ILuGhA42vZ7z4UGvAz/8cy
O1VMAAaY1bHa
-----END CERTIFICATE-----
Generated at Tue May 12 22:00:30 2026 by rpki-client