Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: Qp6zleXjSTdiMPsLHxxvFBulKAzoHISQ87rTZjIeJjA=
Subject key identifier: 6D:58:39:7E:68:8E:07:E3:30:63:DD:97:F8:4E:B0:30:99:71:AD:E7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6C65B21B22596DD9812857765148AF8E1CD4D384
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Sun 20 Jul 2025 09:45:12 +0000
ROA not before: Sun 20 Jul 2025 09:40:12 +0000
ROA not after: Sun 19 Jul 2026 09:45:12 +0000
asID: 3320
IP address blocks: 82.21.57.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.21.184.0/24 maxlen: 24
82.21.199.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.161.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.197.0/24 maxlen: 24
82.24.4.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.21.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.41.0/24 maxlen: 24
82.24.52.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.86.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.190.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.4.0/24 maxlen: 24
82.25.5.0/24 maxlen: 24
82.25.6.0/24 maxlen: 24
82.25.7.0/24 maxlen: 24
82.25.9.0/24 maxlen: 24
82.25.14.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.138.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.88.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.197.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.27.119.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.29.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:65:b2:1b:22:59:6d:d9:81:28:57:76:51:48:af:8e:1c:d4:d3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 20 09:40:12 2025 GMT
Not After : Jul 19 09:45:12 2026 GMT
Subject: CN=6D58397E688E07E33063DD97F84EB0309971ADE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:73:f0:50:d7:f1:62:7a:f4:60:57:d6:84:f3:
3b:fa:2c:2a:e4:bd:9b:ab:6b:8f:0e:7c:c6:ce:3b:
cf:20:89:be:56:ce:a7:a4:db:5c:3f:00:ea:c3:67:
92:c3:12:37:67:29:a5:21:45:06:a9:6b:ff:03:ce:
58:ab:30:fa:2e:5a:cf:9b:af:9e:24:e1:87:7c:b6:
c6:9d:39:73:ef:17:6c:9f:f1:e2:94:cf:96:a9:f5:
22:fe:e9:69:b7:5a:1c:fe:3d:61:83:33:00:34:81:
aa:c3:89:a6:36:06:7a:a4:2c:e9:76:29:89:62:15:
4e:2d:62:bb:32:36:56:6c:25:a0:92:80:26:86:89:
63:d3:f8:c6:ca:16:53:51:1a:00:23:3f:aa:89:d8:
cf:5e:93:33:de:cd:7c:65:3e:7f:75:3c:f3:a1:20:
8b:ae:81:f6:95:04:4b:1d:53:f9:46:e2:31:d7:57:
8b:2b:56:88:a8:4b:c6:1c:30:53:7c:69:2d:34:ec:
9c:95:5f:9f:7c:a7:92:5c:c7:6e:d9:9d:8f:85:bb:
82:9a:9b:0b:49:cd:3e:2d:b8:22:fc:50:d5:91:19:
3e:56:4d:1a:8b:a3:d3:97:e0:31:bb:05:24:44:79:
3c:4a:92:29:c4:51:38:88:db:2c:ab:cd:7e:34:e4:
32:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:58:39:7E:68:8E:07:E3:30:63:DD:97:F8:4E:B0:30:99:71:AD:E7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.57.0/24
82.21.125.0/24
82.21.184.0/24
82.21.199.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.161.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.197.0/24
82.24.4.0/24
82.24.14.0/24
82.24.21.0/24
82.24.30.0/24
82.24.41.0/24
82.24.52.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.86.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.190.0/24
82.24.203.0/24
82.25.4.0/22
82.25.9.0/24
82.25.14.0/24
82.25.16.0/24
82.25.133.0/24
82.25.138.0/24
82.25.140.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.88.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.147.0/24
82.26.155.0/24
82.26.161.0/24
82.26.168.0/24
82.26.175.0/24
82.26.197.0/24
82.27.10.0/24
82.27.22.0/24
82.27.105.0/24
82.27.119.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.65.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.29.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:8e:d9:a5:46:a8:0d:63:1b:bd:b6:e1:83:7d:1a:b1:be:6d:
2b:20:90:02:8c:96:e7:36:17:e4:f1:8a:db:bd:2a:1e:59:90:
8c:f3:23:a9:ec:f5:0c:91:20:1b:1c:c7:cd:9e:11:e6:e6:b6:
7f:75:b3:60:77:a8:3c:07:0c:49:2d:af:26:e9:50:dd:d6:9b:
c8:2a:70:3b:fe:d4:4d:23:81:af:3d:88:75:fe:97:d3:26:ec:
59:f6:c1:6d:7e:df:bc:6b:ef:b1:ef:83:5e:8b:14:0d:be:c2:
41:54:80:88:b5:0e:75:75:1b:1d:bd:81:07:86:bf:be:6c:5a:
ba:39:31:87:b6:3a:c4:c7:dd:cb:09:89:4a:38:1c:ea:22:1f:
04:cb:b4:46:33:be:32:92:b1:f8:2d:58:6d:a2:96:63:b0:18:
c8:b1:3e:dc:07:86:ed:e7:5c:f5:85:50:e0:52:83:35:c9:dc:
a3:fa:22:c7:9a:f0:9c:b9:ed:69:c1:49:32:eb:7d:e1:d4:89:
a3:1e:8b:95:30:2d:13:11:8a:33:4b:56:8e:94:12:44:aa:87:
79:c9:f0:b6:d7:8d:b4:d7:a6:b7:1e:a6:e6:3f:6e:4d:39:ae:
b9:c5:23:94:9e:4b:56:dd:ca:84:5d:df:03:48:ae:a2:5c:b3:
3c:d7:de:c6
-----BEGIN CERTIFICATE-----
MIIGpjCCBY6gAwIBAgIUbGWyGyJZbdmBKFd2UUivjhzU04QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjAwOTQwMTJaFw0yNjA3MTkwOTQ1MTJaMDMxMTAvBgNV
BAMTKDZENTgzOTdFNjg4RTA3RTMzMDYzREQ5N0Y4NEVCMDMwOTk3MUFERTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1c/BQ1/FievRgV9aE8zv6LCrk
vZura48OfMbOO88gib5Wzqek21w/AOrDZ5LDEjdnKaUhRQapa/8DzlirMPouWs+b
r54k4Yd8tsadOXPvF2yf8eKUz5ap9SL+6Wm3Whz+PWGDMwA0garDiaY2BnqkLOl2
KYliFU4tYrsyNlZsJaCSgCaGiWPT+MbKFlNRGgAjP6qJ2M9ekzPezXxlPn91PPOh
IIuugfaVBEsdU/lG4jHXV4srVoioS8YcMFN8aS007JyVX598p5Jcx27ZnY+Fu4Ka
mwtJzT4tuCL8UNWRGT5WTRqLo9OX4DG7BSREeTxKkinEUTiI2yyrzX405DKLAgMB
AAGjggOwMIIDrDAdBgNVHQ4EFgQUbVg5fmiOB+MwY92X+E6wMJlxrecwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAcUGCCsGAQUFBwEHAQH/BIIBtDCCAbAwggGsBAIAATCC
AaQDBABSFTkDBABSFX0DBABSFbgDBABSFccDBABSFmYDBABSFmkDBABSFmwDBABS
FqEDBABSFr8DBABSFsIDBABSF6gDBABSF8UDBABSGAQDBABSGA4DBABSGBUDBABS
GB4DBABSGCkDBABSGDQDBABSGDcDBABSGEgDBABSGE4DBABSGFYDBABSGG0DBABS
GHIDBABSGH0DBABSGL4DBABSGMsDBAJSGQQDBABSGQkDBABSGQ4DBABSGRADBABS
GYUDBABSGYoDBABSGYwDBABSGb8DBABSGcUDBABSGcoDBABSGkYDBABSGlgDBABS
GmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABSGo0DBABSGpMDBABS
GpsDBABSGqEDBABSGqgDBABSGq8DBABSGsUDBABSGwoDBABSGxYDBABSG2kDBABS
G3cDBABSG8YDBABSHRcDBABSHR0DBABSHSQDBABSHScDBABSHS0DBABSHTEDBABS
HTMDBABSHUEDBABSHUYDBABSHUkDBABSHUwDBABSHU8DBAFSHXgwDQYJKoZIhvcN
AQELBQADggEBAE2O2aVGqA1jG7224YN9GrG+bSsgkAKMluc2F+Txitu9Kh5ZkIzz
I6ns9QyRIBscx82eEebmtn91s2B3qDwHDEktrybpUN3Wm8gqcDv+1E0jga89iHX+
l9Mm7Fn2wW1+37xr77Hvg16LFA2+wkFUgIi1DnV1Gx29gQeGv75sWro5MYe2OsTH
3csJiUo4HOoiHwTLtEYzvjKSsfgtWG2ilmOwGMixPtwHhu3nXPWFUOBSgzXJ3KP6
Isea8Jy57WnBSTLrfeHUiaMei5UwLRMRijNLVo6UEkSqh3nJ8LbXjbTXprcepuY/
bk05rrnFI5SeS1bdyoRd3wNIrqJcszzX3sY=
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:48:27 2025 by rpki-client