Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
File: AS3356.roa (raw, json)
Hash identifier: PJRngWQSvBYAH7oJLlfgBm3vWNS/UesKdGYfOLtdF2E=
Subject key identifier: AB:75:BF:1A:EB:26:57:A6:DC:2C:FD:0E:97:EC:50:6E:14:BF:29:A4
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5B3B9FDFEEE439D7A254B86DA3DAC25B17A0F700
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
Signing time: Thu 17 Jul 2025 06:14:44 +0000
ROA not before: Thu 17 Jul 2025 06:09:44 +0000
ROA not after: Thu 16 Jul 2026 06:14:44 +0000
asID: 3356
IP address blocks: 82.21.78.0/24 maxlen: 24
82.21.79.0/24 maxlen: 24
82.21.246.0/24 maxlen: 24
82.21.247.0/24 maxlen: 24
82.22.64.0/24 maxlen: 24
82.22.66.0/24 maxlen: 24
82.22.67.0/24 maxlen: 24
82.22.68.0/24 maxlen: 24
82.22.69.0/24 maxlen: 24
82.22.70.0/24 maxlen: 24
82.22.71.0/24 maxlen: 24
82.22.72.0/24 maxlen: 24
82.22.73.0/24 maxlen: 24
82.22.74.0/24 maxlen: 24
82.22.75.0/24 maxlen: 24
82.22.89.0/24 maxlen: 24
82.22.93.0/24 maxlen: 24
82.22.142.0/24 maxlen: 24
82.22.164.0/24 maxlen: 24
82.22.188.0/24 maxlen: 24
82.22.189.0/24 maxlen: 24
82.22.202.0/24 maxlen: 24
82.22.203.0/24 maxlen: 24
82.22.219.0/24 maxlen: 24
82.22.246.0/24 maxlen: 24
82.23.19.0/24 maxlen: 24
82.23.20.0/24 maxlen: 24
82.23.23.0/24 maxlen: 24
82.23.24.0/24 maxlen: 24
82.23.59.0/24 maxlen: 24
82.23.60.0/24 maxlen: 24
82.23.139.0/24 maxlen: 24
82.23.164.0/24 maxlen: 24
82.23.169.0/24 maxlen: 24
82.23.175.0/24 maxlen: 24
82.23.185.0/24 maxlen: 24
82.23.196.0/24 maxlen: 24
82.23.236.0/24 maxlen: 24
82.24.5.0/24 maxlen: 24
82.24.6.0/24 maxlen: 24
82.24.7.0/24 maxlen: 24
82.24.9.0/24 maxlen: 24
82.24.12.0/24 maxlen: 24
82.24.13.0/24 maxlen: 24
82.24.15.0/24 maxlen: 24
82.24.18.0/24 maxlen: 24
82.24.43.0/24 maxlen: 24
82.24.54.0/24 maxlen: 24
82.24.65.0/24 maxlen: 24
82.24.66.0/24 maxlen: 24
82.24.67.0/24 maxlen: 24
82.24.73.0/24 maxlen: 24
82.24.74.0/24 maxlen: 24
82.24.75.0/24 maxlen: 24
82.24.80.0/24 maxlen: 24
82.24.87.0/24 maxlen: 24
82.24.89.0/24 maxlen: 24
82.24.104.0/24 maxlen: 24
82.24.108.0/24 maxlen: 24
82.24.115.0/24 maxlen: 24
82.24.124.0/24 maxlen: 24
82.24.147.0/24 maxlen: 24
82.24.173.0/24 maxlen: 24
82.24.180.0/24 maxlen: 24
82.24.202.0/24 maxlen: 24
82.25.136.0/24 maxlen: 24
82.25.160.0/24 maxlen: 24
82.25.174.0/24 maxlen: 24
82.25.185.0/24 maxlen: 24
82.25.186.0/24 maxlen: 24
82.26.71.0/24 maxlen: 24
82.26.86.0/24 maxlen: 24
82.26.95.0/24 maxlen: 24
82.26.129.0/24 maxlen: 24
82.26.146.0/24 maxlen: 24
82.27.111.0/24 maxlen: 24
82.27.231.0/24 maxlen: 24
82.27.248.0/24 maxlen: 24
82.29.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3b:9f:df:ee:e4:39:d7:a2:54:b8:6d:a3:da:c2:5b:17:a0:f7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 17 06:09:44 2025 GMT
Not After : Jul 16 06:14:44 2026 GMT
Subject: CN=AB75BF1AEB2657A6DC2CFD0E97EC506E14BF29A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:ea:7e:31:79:27:21:42:8e:95:b6:d6:f5:
6c:73:a9:9d:51:32:79:4e:59:fb:7e:36:5e:0d:aa:
25:72:cf:ca:ac:e0:d5:c5:27:e7:9b:d4:8b:05:b8:
22:51:52:9c:9e:8a:94:3e:b2:ab:7c:fa:21:7a:9a:
5e:67:57:d1:94:ae:e4:06:b1:6a:f3:0f:49:2b:04:
b3:7d:fa:cb:26:74:a6:72:5b:cb:1a:29:04:82:24:
51:99:25:50:5c:fa:a3:c8:e0:b6:ba:3b:59:d1:00:
53:49:7e:d7:c8:90:0f:bf:74:7e:35:e5:bf:76:be:
97:5f:d6:ec:ab:36:37:ff:6a:7e:11:f5:c2:3f:7d:
54:9b:87:87:15:02:1f:e0:c3:09:2a:d8:36:e0:ee:
5e:85:e3:13:15:c9:39:5a:68:7b:11:a2:0c:a4:bf:
20:56:2d:33:87:10:1a:5e:d2:5b:91:5d:ec:e8:21:
00:35:5f:f9:f3:d3:15:c4:00:03:26:78:23:36:d9:
94:e3:e5:78:4a:12:5b:2d:3d:cc:56:20:97:65:85:
af:29:dc:5c:3b:b7:11:54:1e:c5:ec:bd:63:69:f9:
84:6d:7a:e0:20:74:4a:fd:27:e1:73:92:e5:28:ab:
08:66:ba:c4:b4:d0:8d:ef:84:dd:98:2d:e4:d5:66:
75:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:75:BF:1A:EB:26:57:A6:DC:2C:FD:0E:97:EC:50:6E:14:BF:29:A4
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.78.0/23
82.21.246.0/23
82.22.64.0/24
82.22.66.0-82.22.75.255
82.22.89.0/24
82.22.93.0/24
82.22.142.0/24
82.22.164.0/24
82.22.188.0/23
82.22.202.0/23
82.22.219.0/24
82.22.246.0/24
82.23.19.0-82.23.20.255
82.23.23.0-82.23.24.255
82.23.59.0-82.23.60.255
82.23.139.0/24
82.23.164.0/24
82.23.169.0/24
82.23.175.0/24
82.23.185.0/24
82.23.196.0/24
82.23.236.0/24
82.24.5.0-82.24.7.255
82.24.9.0/24
82.24.12.0/23
82.24.15.0/24
82.24.18.0/24
82.24.43.0/24
82.24.54.0/24
82.24.65.0-82.24.67.255
82.24.73.0-82.24.75.255
82.24.80.0/24
82.24.87.0/24
82.24.89.0/24
82.24.104.0/24
82.24.108.0/24
82.24.115.0/24
82.24.124.0/24
82.24.147.0/24
82.24.173.0/24
82.24.180.0/24
82.24.202.0/24
82.25.136.0/24
82.25.160.0/24
82.25.174.0/24
82.25.185.0-82.25.186.255
82.26.71.0/24
82.26.86.0/24
82.26.95.0/24
82.26.129.0/24
82.26.146.0/24
82.27.111.0/24
82.27.231.0/24
82.27.248.0/24
82.29.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f3:85:cf:c8:73:71:fc:f9:97:a0:fd:76:e2:43:32:9a:b7:
89:b7:bb:11:1e:1d:22:82:78:74:2e:e6:91:31:c2:d4:b3:94:
a1:d1:bf:cc:17:c6:89:02:8f:85:17:01:5f:7e:16:54:57:74:
d6:75:75:ef:47:35:8c:f5:a3:f8:0d:66:9e:25:00:85:3d:71:
a8:81:f6:49:86:ab:d3:93:3f:6d:9c:31:cd:29:6e:9b:5b:69:
09:e5:e0:52:fd:9d:b0:40:6b:70:5e:ff:7f:d3:2d:dd:e9:e3:
ad:32:19:e8:31:93:73:0e:ef:e1:ce:5e:e7:86:e6:ef:3c:16:
ef:91:23:50:1e:6d:e0:1a:69:39:67:91:63:ee:eb:fa:75:47:
57:2e:66:35:27:9b:55:19:9e:b1:31:f9:5d:22:f6:58:9d:ee:
4f:a5:82:87:7d:59:e0:11:c2:cd:ac:4b:68:84:a5:5f:2e:3e:
31:69:53:d6:6e:c3:99:34:72:57:d1:d1:d0:ea:84:84:50:bd:
e3:96:43:91:af:8c:5c:75:18:52:8c:7e:bd:3b:b0:eb:73:ec:
fd:75:43:1c:85:f8:80:20:d0:ce:28:4d:df:bb:65:ff:46:20:
7f:15:86:58:82:11:2f:9b:55:dc:b6:df:18:8a:fd:5f:3f:7c:
aa:9f:7e:db
-----BEGIN CERTIFICATE-----
MIIGjDCCBXSgAwIBAgIUWzuf3+7kOdeiVLhto9rCWxeg9wAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MTcwNjA5NDRaFw0yNjA3MTYwNjE0NDRaMDMxMTAvBgNV
BAMTKEFCNzVCRjFBRUIyNjU3QTZEQzJDRkQwRTk3RUM1MDZFMTRCRjI5QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR1up+MXknIUKOlbbW9WxzqZ1R
MnlOWft+Nl4NqiVyz8qs4NXFJ+eb1IsFuCJRUpyeipQ+sqt8+iF6ml5nV9GUruQG
sWrzD0krBLN9+ssmdKZyW8saKQSCJFGZJVBc+qPI4La6O1nRAFNJftfIkA+/dH41
5b92vpdf1uyrNjf/an4R9cI/fVSbh4cVAh/gwwkq2Dbg7l6F4xMVyTlaaHsRogyk
vyBWLTOHEBpe0luRXezoIQA1X/nz0xXEAAMmeCM22ZTj5XhKElstPcxWIJdlha8p
3Fw7txFUHsXsvWNp+YRteuAgdEr9J+FzkuUoqwhmusS00I3vhN2YLeTVZnWLAgMB
AAGjggOWMIIDkjAdBgNVHQ4EFgQUq3W/GusmV6bcLP0Ol+xQbhS/KaQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAasGCCsGAQUFBwEHAQH/BIIBmjCCAZYwggGSBAIAATCC
AYoDBAFSFU4DBAFSFfYDBABSFkAwDAMEAVIWQgMEAlIWSAMEAFIWWQMEAFIWXQME
AFIWjgMEAFIWpAMEAVIWvAMEAVIWygMEAFIW2wMEAFIW9jAMAwQAUhcTAwQAUhcU
MAwDBABSFxcDBABSFxgwDAMEAFIXOwMEAFIXPAMEAFIXiwMEAFIXpAMEAFIXqQME
AFIXrwMEAFIXuQMEAFIXxAMEAFIX7DAMAwQAUhgFAwQDUhgAAwQAUhgJAwQBUhgM
AwQAUhgPAwQAUhgSAwQAUhgrAwQAUhg2MAwDBABSGEEDBAJSGEAwDAMEAFIYSQME
AlIYSAMEAFIYUAMEAFIYVwMEAFIYWQMEAFIYaAMEAFIYbAMEAFIYcwMEAFIYfAME
AFIYkwMEAFIYrQMEAFIYtAMEAFIYygMEAFIZiAMEAFIZoAMEAFIZrjAMAwQAUhm5
AwQAUhm6AwQAUhpHAwQAUhpWAwQAUhpfAwQAUhqBAwQAUhqSAwQAUhtvAwQAUhvn
AwQAUhv4AwQAUh32MA0GCSqGSIb3DQEBCwUAA4IBAQAe84XPyHNx/PmXoP124kMy
mreJt7sRHh0ignh0LuaRMcLUs5Sh0b/MF8aJAo+FFwFffhZUV3TWdXXvRzWM9aP4
DWaeJQCFPXGogfZJhqvTkz9tnDHNKW6bW2kJ5eBS/Z2wQGtwXv9/0y3d6eOtMhno
MZNzDu/hzl7nhubvPBbvkSNQHm3gGmk5Z5Fj7uv6dUdXLmY1J5tVGZ6xMfldIvZY
ne5PpYKHfVngEcLNrEtohKVfLj4xaVPWbsOZNHJX0dHQ6oSEUL3jlkORr4xcdRhS
jH69O7Drc+z9dUMchfiAINDOKE3fu2X/RiB/FYZYghEvm1Xctt8Yiv1fP3yqn37b
-----END CERTIFICATE-----
Generated at Thu Jul 24 03:49:11 2025 by rpki-client