Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: ixCEYHNDanuvf/NVa9eTkW/Uh/x67KPDvSx+KEQXzrQ=
Subject key identifier: 6C:66:D7:EC:4C:D4:C6:4B:D6:69:AE:65:B7:31:15:20:2A:B4:51:00
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6C1E6F47E6AC93F11EBDAE88577C87C80C781B17
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Thu 27 Mar 2025 11:05:52 +0000
ROA not before: Thu 27 Mar 2025 11:00:52 +0000
ROA not after: Thu 26 Mar 2026 11:05:52 +0000
asID: 3320
IP address blocks: 82.21.57.0/24 maxlen: 24
82.21.75.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.21.153.0/24 maxlen: 24
82.21.184.0/24 maxlen: 24
82.21.199.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.161.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.197.0/24 maxlen: 24
82.24.4.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.21.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.41.0/24 maxlen: 24
82.24.52.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.86.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.190.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.4.0/24 maxlen: 24
82.25.5.0/24 maxlen: 24
82.25.6.0/24 maxlen: 24
82.25.7.0/24 maxlen: 24
82.25.9.0/24 maxlen: 24
82.25.14.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.138.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.88.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.197.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.27.119.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.38.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.29.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 07:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1e:6f:47:e6:ac:93:f1:1e:bd:ae:88:57:7c:87:c8:0c:78:1b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 27 11:00:52 2025 GMT
Not After : Mar 26 11:05:52 2026 GMT
Subject: CN=6C66D7EC4CD4C64BD669AE65B73115202AB45100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:fe:cb:6d:db:66:2c:92:bd:70:b2:60:56:
62:99:f4:ba:35:96:26:77:4e:21:2c:39:19:38:52:
47:06:d1:de:8d:84:42:af:04:39:9d:5e:6b:95:15:
20:4d:39:f1:69:b4:c6:fb:16:62:1b:8c:0f:a8:b0:
7e:ad:2f:77:3c:6f:ec:a2:34:52:2a:38:04:2f:0e:
9f:bb:5e:4f:f3:ec:d6:97:47:4e:08:2b:24:a5:b7:
34:4d:09:81:4c:f4:c3:15:fe:85:48:39:39:f4:47:
c1:f6:0a:84:73:c0:72:dd:fb:b0:98:96:a9:fb:27:
1f:80:23:51:23:5e:8c:8e:31:c0:8a:2c:5e:ef:99:
b9:7e:af:39:ac:ee:b1:bb:37:41:63:7f:3e:81:34:
9e:92:dc:a1:87:b5:65:9d:38:33:93:71:15:8c:93:
51:ff:ee:3a:80:c5:70:e1:7f:9b:0e:49:95:bf:05:
1d:a6:a7:b5:17:46:6b:9d:8c:8f:bc:d8:a2:77:1d:
fe:a0:df:7a:4a:08:d1:d0:be:40:29:ef:95:e2:bc:
29:b5:8b:a9:97:90:bf:32:5f:53:d5:67:f8:db:3b:
4b:bf:df:14:c2:a3:b4:5b:0c:9f:5a:f2:69:76:86:
07:44:57:d4:b2:d2:fe:90:9b:8f:f4:7c:c0:a1:29:
0a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:D7:EC:4C:D4:C6:4B:D6:69:AE:65:B7:31:15:20:2A:B4:51:00
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.57.0/24
82.21.75.0/24
82.21.125.0/24
82.21.153.0/24
82.21.184.0/24
82.21.199.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.161.0/24
82.22.187.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.197.0/24
82.24.4.0/24
82.24.14.0/24
82.24.21.0/24
82.24.30.0/24
82.24.41.0/24
82.24.52.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.86.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.190.0/24
82.24.203.0/24
82.25.4.0/22
82.25.9.0/24
82.25.14.0/24
82.25.16.0/24
82.25.133.0/24
82.25.138.0/24
82.25.140.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.88.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.147.0/24
82.26.152.0/24
82.26.155.0/24
82.26.161.0/24
82.26.168.0/24
82.26.175.0/24
82.26.197.0-82.26.198.255
82.27.10.0/24
82.27.22.0/24
82.27.105.0/24
82.27.119.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.36.0/24
82.29.38.0/23
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.65.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.29.120.0/23
Signature Algorithm: sha256WithRSAEncryption
68:e1:40:b1:be:d3:6f:c6:1e:ab:c2:54:4b:1b:77:3f:4b:9e:
bf:f5:94:5b:8a:c0:1c:96:a0:ef:d1:08:23:01:75:ba:24:d8:
f1:b0:5b:af:a2:1d:ce:28:68:35:a5:cf:e9:e0:72:04:7a:97:
48:a7:7f:36:cc:7e:72:1c:b6:62:99:de:b6:73:97:b7:8b:7f:
c9:70:a5:24:32:21:37:86:86:22:e6:76:eb:01:8f:f9:23:90:
db:0b:df:7c:6b:20:3a:1c:89:dc:50:5d:51:9d:e5:3b:a7:6b:
3a:34:fe:fa:c5:ee:72:34:4f:57:52:cf:41:04:19:2e:e7:d1:
fe:72:f8:6c:12:db:a4:69:b9:5e:86:d6:e8:0e:93:11:62:d2:
4f:2e:57:4a:b4:b3:39:83:12:01:4e:74:6d:6b:74:b6:a7:18:
95:ae:a8:cc:a5:2b:8a:ca:0e:06:a1:62:24:f4:d4:a4:6e:cc:
c7:6b:fe:37:46:28:63:c7:2f:53:a0:70:86:a4:e5:5c:b1:e0:
a7:f8:d8:d5:52:6f:3a:ef:4c:56:cd:7f:53:3b:b8:ef:7f:a9:
e3:f2:57:47:d0:45:49:84:dc:47:90:6a:3b:8f:8e:31:37:4c:
51:7d:34:70:95:b6:79:77:26:25:04:1c:b3:1b:f9:dc:10:6d:
dd:18:85:08
-----BEGIN CERTIFICATE-----
MIIGxjCCBa6gAwIBAgIUbB5vR+ask/Eeva6IV3yHyAx4GxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjcxMTAwNTJaFw0yNjAzMjYxMTA1NTJaMDMxMTAvBgNV
BAMTKDZDNjZEN0VDNENENEM2NEJENjY5QUU2NUI3MzExNTIwMkFCNDUxMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChbf7LbdtmLJK9cLJgVmKZ9Lo1
liZ3TiEsORk4UkcG0d6NhEKvBDmdXmuVFSBNOfFptMb7FmIbjA+osH6tL3c8b+yi
NFIqOAQvDp+7Xk/z7NaXR04IKySltzRNCYFM9MMV/oVIOTn0R8H2CoRzwHLd+7CY
lqn7Jx+AI1EjXoyOMcCKLF7vmbl+rzms7rG7N0Fjfz6BNJ6S3KGHtWWdODOTcRWM
k1H/7jqAxXDhf5sOSZW/BR2mp7UXRmudjI+82KJ3Hf6g33pKCNHQvkAp75XivCm1
i6mXkL8yX1PVZ/jbO0u/3xTCo7RbDJ9a8ml2hgdEV9Sy0v6Qm4/0fMChKQrvAgMB
AAGjggPQMIIDzDAdBgNVHQ4EFgQUbGbX7EzUxkvWaa5ltzEVICq0UQAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAeUGCCsGAQUFBwEHAQH/BIIB1DCCAdAwggHMBAIAATCC
AcQDBABSFTkDBABSFUsDBABSFX0DBABSFZkDBABSFbgDBABSFccDBABSFmYDBABS
FmkDBABSFmwDBABSFqEDBABSFrsDBABSFr8DBABSFsIDBABSF6gDBABSF8UDBABS
GAQDBABSGA4DBABSGBUDBABSGB4DBABSGCkDBABSGDQDBABSGDcDBABSGEgDBABS
GE4DBABSGFYDBABSGG0DBABSGHIDBABSGH0DBABSGL4DBABSGMsDBAJSGQQDBABS
GQkDBABSGQ4DBABSGRADBABSGYUDBABSGYoDBABSGYwDBABSGb8DBABSGcUDBABS
GcoDBABSGkYDBABSGlgDBABSGmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABS
GocDBABSGo0DBABSGpMDBABSGpgDBABSGpsDBABSGqEDBABSGqgDBABSGq8wDAME
AFIaxQMEAFIaxgMEAFIbCgMEAFIbFgMEAFIbaQMEAFIbdwMEAFIbxgMEAFIdFwME
AFIdHQMEAFIdJAMEAVIdJgMEAFIdLQMEAFIdMQMEAFIdMwMEAFIdQQMEAFIdRgME
AFIdSQMEAFIdTAMEAFIdTwMEAVIdeDANBgkqhkiG9w0BAQsFAAOCAQEAaOFAsb7T
b8Yeq8JUSxt3P0uev/WUW4rAHJag79EIIwF1uiTY8bBbr6IdzihoNaXP6eByBHqX
SKd/Nsx+chy2YpnetnOXt4t/yXClJDIhN4aGIuZ26wGP+SOQ2wvffGsgOhyJ3FBd
UZ3lO6drOjT++sXucjRPV1LPQQQZLufR/nL4bBLbpGm5XobW6A6TEWLSTy5XSrSz
OYMSAU50bWt0tqcYla6ozKUrisoOBqFiJPTUpG7Mx2v+N0YoY8cvU6BwhqTlXLHg
p/jY1VJvOu9MVs1/Uzu473+p4/JXR9BFSYTcR5BqO4+OMTdMUX00cJW2eXcmJQQc
sxv53BBt3RiFCA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:33:32 2025 by rpki-client