Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
File:                     AS3356.roa (raw, json)
Hash identifier:          PJRngWQSvBYAH7oJLlfgBm3vWNS/UesKdGYfOLtdF2E=
Subject key identifier:   AB:75:BF:1A:EB:26:57:A6:DC:2C:FD:0E:97:EC:50:6E:14:BF:29:A4
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5B3B9FDFEEE439D7A254B86DA3DAC25B17A0F700
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa
Signing time:             Thu 17 Jul 2025 06:14:44 +0000
ROA not before:           Thu 17 Jul 2025 06:09:44 +0000
ROA not after:            Thu 16 Jul 2026 06:14:44 +0000
asID:                     3356
IP address blocks:        82.21.78.0/24 maxlen: 24
                          82.21.79.0/24 maxlen: 24
                          82.21.246.0/24 maxlen: 24
                          82.21.247.0/24 maxlen: 24
                          82.22.64.0/24 maxlen: 24
                          82.22.66.0/24 maxlen: 24
                          82.22.67.0/24 maxlen: 24
                          82.22.68.0/24 maxlen: 24
                          82.22.69.0/24 maxlen: 24
                          82.22.70.0/24 maxlen: 24
                          82.22.71.0/24 maxlen: 24
                          82.22.72.0/24 maxlen: 24
                          82.22.73.0/24 maxlen: 24
                          82.22.74.0/24 maxlen: 24
                          82.22.75.0/24 maxlen: 24
                          82.22.89.0/24 maxlen: 24
                          82.22.93.0/24 maxlen: 24
                          82.22.142.0/24 maxlen: 24
                          82.22.164.0/24 maxlen: 24
                          82.22.188.0/24 maxlen: 24
                          82.22.189.0/24 maxlen: 24
                          82.22.202.0/24 maxlen: 24
                          82.22.203.0/24 maxlen: 24
                          82.22.219.0/24 maxlen: 24
                          82.22.246.0/24 maxlen: 24
                          82.23.19.0/24 maxlen: 24
                          82.23.20.0/24 maxlen: 24
                          82.23.23.0/24 maxlen: 24
                          82.23.24.0/24 maxlen: 24
                          82.23.59.0/24 maxlen: 24
                          82.23.60.0/24 maxlen: 24
                          82.23.139.0/24 maxlen: 24
                          82.23.164.0/24 maxlen: 24
                          82.23.169.0/24 maxlen: 24
                          82.23.175.0/24 maxlen: 24
                          82.23.185.0/24 maxlen: 24
                          82.23.196.0/24 maxlen: 24
                          82.23.236.0/24 maxlen: 24
                          82.24.5.0/24 maxlen: 24
                          82.24.6.0/24 maxlen: 24
                          82.24.7.0/24 maxlen: 24
                          82.24.9.0/24 maxlen: 24
                          82.24.12.0/24 maxlen: 24
                          82.24.13.0/24 maxlen: 24
                          82.24.15.0/24 maxlen: 24
                          82.24.18.0/24 maxlen: 24
                          82.24.43.0/24 maxlen: 24
                          82.24.54.0/24 maxlen: 24
                          82.24.65.0/24 maxlen: 24
                          82.24.66.0/24 maxlen: 24
                          82.24.67.0/24 maxlen: 24
                          82.24.73.0/24 maxlen: 24
                          82.24.74.0/24 maxlen: 24
                          82.24.75.0/24 maxlen: 24
                          82.24.80.0/24 maxlen: 24
                          82.24.87.0/24 maxlen: 24
                          82.24.89.0/24 maxlen: 24
                          82.24.104.0/24 maxlen: 24
                          82.24.108.0/24 maxlen: 24
                          82.24.115.0/24 maxlen: 24
                          82.24.124.0/24 maxlen: 24
                          82.24.147.0/24 maxlen: 24
                          82.24.173.0/24 maxlen: 24
                          82.24.180.0/24 maxlen: 24
                          82.24.202.0/24 maxlen: 24
                          82.25.136.0/24 maxlen: 24
                          82.25.160.0/24 maxlen: 24
                          82.25.174.0/24 maxlen: 24
                          82.25.185.0/24 maxlen: 24
                          82.25.186.0/24 maxlen: 24
                          82.26.71.0/24 maxlen: 24
                          82.26.86.0/24 maxlen: 24
                          82.26.95.0/24 maxlen: 24
                          82.26.129.0/24 maxlen: 24
                          82.26.146.0/24 maxlen: 24
                          82.27.111.0/24 maxlen: 24
                          82.27.231.0/24 maxlen: 24
                          82.27.248.0/24 maxlen: 24
                          82.29.246.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:3b:9f:df:ee:e4:39:d7:a2:54:b8:6d:a3:da:c2:5b:17:a0:f7:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 17 06:09:44 2025 GMT
            Not After : Jul 16 06:14:44 2026 GMT
        Subject: CN=AB75BF1AEB2657A6DC2CFD0E97EC506E14BF29A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d6:ea:7e:31:79:27:21:42:8e:95:b6:d6:f5:
                    6c:73:a9:9d:51:32:79:4e:59:fb:7e:36:5e:0d:aa:
                    25:72:cf:ca:ac:e0:d5:c5:27:e7:9b:d4:8b:05:b8:
                    22:51:52:9c:9e:8a:94:3e:b2:ab:7c:fa:21:7a:9a:
                    5e:67:57:d1:94:ae:e4:06:b1:6a:f3:0f:49:2b:04:
                    b3:7d:fa:cb:26:74:a6:72:5b:cb:1a:29:04:82:24:
                    51:99:25:50:5c:fa:a3:c8:e0:b6:ba:3b:59:d1:00:
                    53:49:7e:d7:c8:90:0f:bf:74:7e:35:e5:bf:76:be:
                    97:5f:d6:ec:ab:36:37:ff:6a:7e:11:f5:c2:3f:7d:
                    54:9b:87:87:15:02:1f:e0:c3:09:2a:d8:36:e0:ee:
                    5e:85:e3:13:15:c9:39:5a:68:7b:11:a2:0c:a4:bf:
                    20:56:2d:33:87:10:1a:5e:d2:5b:91:5d:ec:e8:21:
                    00:35:5f:f9:f3:d3:15:c4:00:03:26:78:23:36:d9:
                    94:e3:e5:78:4a:12:5b:2d:3d:cc:56:20:97:65:85:
                    af:29:dc:5c:3b:b7:11:54:1e:c5:ec:bd:63:69:f9:
                    84:6d:7a:e0:20:74:4a:fd:27:e1:73:92:e5:28:ab:
                    08:66:ba:c4:b4:d0:8d:ef:84:dd:98:2d:e4:d5:66:
                    75:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:75:BF:1A:EB:26:57:A6:DC:2C:FD:0E:97:EC:50:6E:14:BF:29:A4
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3356.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.78.0/23
                  82.21.246.0/23
                  82.22.64.0/24
                  82.22.66.0-82.22.75.255
                  82.22.89.0/24
                  82.22.93.0/24
                  82.22.142.0/24
                  82.22.164.0/24
                  82.22.188.0/23
                  82.22.202.0/23
                  82.22.219.0/24
                  82.22.246.0/24
                  82.23.19.0-82.23.20.255
                  82.23.23.0-82.23.24.255
                  82.23.59.0-82.23.60.255
                  82.23.139.0/24
                  82.23.164.0/24
                  82.23.169.0/24
                  82.23.175.0/24
                  82.23.185.0/24
                  82.23.196.0/24
                  82.23.236.0/24
                  82.24.5.0-82.24.7.255
                  82.24.9.0/24
                  82.24.12.0/23
                  82.24.15.0/24
                  82.24.18.0/24
                  82.24.43.0/24
                  82.24.54.0/24
                  82.24.65.0-82.24.67.255
                  82.24.73.0-82.24.75.255
                  82.24.80.0/24
                  82.24.87.0/24
                  82.24.89.0/24
                  82.24.104.0/24
                  82.24.108.0/24
                  82.24.115.0/24
                  82.24.124.0/24
                  82.24.147.0/24
                  82.24.173.0/24
                  82.24.180.0/24
                  82.24.202.0/24
                  82.25.136.0/24
                  82.25.160.0/24
                  82.25.174.0/24
                  82.25.185.0-82.25.186.255
                  82.26.71.0/24
                  82.26.86.0/24
                  82.26.95.0/24
                  82.26.129.0/24
                  82.26.146.0/24
                  82.27.111.0/24
                  82.27.231.0/24
                  82.27.248.0/24
                  82.29.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:f3:85:cf:c8:73:71:fc:f9:97:a0:fd:76:e2:43:32:9a:b7:
         89:b7:bb:11:1e:1d:22:82:78:74:2e:e6:91:31:c2:d4:b3:94:
         a1:d1:bf:cc:17:c6:89:02:8f:85:17:01:5f:7e:16:54:57:74:
         d6:75:75:ef:47:35:8c:f5:a3:f8:0d:66:9e:25:00:85:3d:71:
         a8:81:f6:49:86:ab:d3:93:3f:6d:9c:31:cd:29:6e:9b:5b:69:
         09:e5:e0:52:fd:9d:b0:40:6b:70:5e:ff:7f:d3:2d:dd:e9:e3:
         ad:32:19:e8:31:93:73:0e:ef:e1:ce:5e:e7:86:e6:ef:3c:16:
         ef:91:23:50:1e:6d:e0:1a:69:39:67:91:63:ee:eb:fa:75:47:
         57:2e:66:35:27:9b:55:19:9e:b1:31:f9:5d:22:f6:58:9d:ee:
         4f:a5:82:87:7d:59:e0:11:c2:cd:ac:4b:68:84:a5:5f:2e:3e:
         31:69:53:d6:6e:c3:99:34:72:57:d1:d1:d0:ea:84:84:50:bd:
         e3:96:43:91:af:8c:5c:75:18:52:8c:7e:bd:3b:b0:eb:73:ec:
         fd:75:43:1c:85:f8:80:20:d0:ce:28:4d:df:bb:65:ff:46:20:
         7f:15:86:58:82:11:2f:9b:55:dc:b6:df:18:8a:fd:5f:3f:7c:
         aa:9f:7e:db
-----BEGIN CERTIFICATE-----
MIIGjDCCBXSgAwIBAgIUWzuf3+7kOdeiVLhto9rCWxeg9wAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MTcwNjA5NDRaFw0yNjA3MTYwNjE0NDRaMDMxMTAvBgNV
BAMTKEFCNzVCRjFBRUIyNjU3QTZEQzJDRkQwRTk3RUM1MDZFMTRCRjI5QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR1up+MXknIUKOlbbW9WxzqZ1R
MnlOWft+Nl4NqiVyz8qs4NXFJ+eb1IsFuCJRUpyeipQ+sqt8+iF6ml5nV9GUruQG
sWrzD0krBLN9+ssmdKZyW8saKQSCJFGZJVBc+qPI4La6O1nRAFNJftfIkA+/dH41
5b92vpdf1uyrNjf/an4R9cI/fVSbh4cVAh/gwwkq2Dbg7l6F4xMVyTlaaHsRogyk
vyBWLTOHEBpe0luRXezoIQA1X/nz0xXEAAMmeCM22ZTj5XhKElstPcxWIJdlha8p
3Fw7txFUHsXsvWNp+YRteuAgdEr9J+FzkuUoqwhmusS00I3vhN2YLeTVZnWLAgMB
AAGjggOWMIIDkjAdBgNVHQ4EFgQUq3W/GusmV6bcLP0Ol+xQbhS/KaQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzM1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAasGCCsGAQUFBwEHAQH/BIIBmjCCAZYwggGSBAIAATCC
AYoDBAFSFU4DBAFSFfYDBABSFkAwDAMEAVIWQgMEAlIWSAMEAFIWWQMEAFIWXQME
AFIWjgMEAFIWpAMEAVIWvAMEAVIWygMEAFIW2wMEAFIW9jAMAwQAUhcTAwQAUhcU
MAwDBABSFxcDBABSFxgwDAMEAFIXOwMEAFIXPAMEAFIXiwMEAFIXpAMEAFIXqQME
AFIXrwMEAFIXuQMEAFIXxAMEAFIX7DAMAwQAUhgFAwQDUhgAAwQAUhgJAwQBUhgM
AwQAUhgPAwQAUhgSAwQAUhgrAwQAUhg2MAwDBABSGEEDBAJSGEAwDAMEAFIYSQME
AlIYSAMEAFIYUAMEAFIYVwMEAFIYWQMEAFIYaAMEAFIYbAMEAFIYcwMEAFIYfAME
AFIYkwMEAFIYrQMEAFIYtAMEAFIYygMEAFIZiAMEAFIZoAMEAFIZrjAMAwQAUhm5
AwQAUhm6AwQAUhpHAwQAUhpWAwQAUhpfAwQAUhqBAwQAUhqSAwQAUhtvAwQAUhvn
AwQAUhv4AwQAUh32MA0GCSqGSIb3DQEBCwUAA4IBAQAe84XPyHNx/PmXoP124kMy
mreJt7sRHh0ignh0LuaRMcLUs5Sh0b/MF8aJAo+FFwFffhZUV3TWdXXvRzWM9aP4
DWaeJQCFPXGogfZJhqvTkz9tnDHNKW6bW2kJ5eBS/Z2wQGtwXv9/0y3d6eOtMhno
MZNzDu/hzl7nhubvPBbvkSNQHm3gGmk5Z5Fj7uv6dUdXLmY1J5tVGZ6xMfldIvZY
ne5PpYKHfVngEcLNrEtohKVfLj4xaVPWbsOZNHJX0dHQ6oSEUL3jlkORr4xcdRhS
jH69O7Drc+z9dUMchfiAINDOKE3fu2X/RiB/FYZYghEvm1Xctt8Yiv1fP3yqn37b
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:42 2025 by rpki-client