Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: 79rIMNZF9Xp3iOpnGVHsQpmJEwdryHW7chiGRJ307rI=
Subject key identifier: 45:17:2A:EB:A5:28:5C:6E:C5:AF:95:82:B8:A5:F9:73:5B:2D:E7:42
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5A8E00AA630D22B441450BF582BDB3AD5B6EDCC1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Mon 26 May 2025 19:36:14 +0000
ROA not before: Mon 26 May 2025 19:31:14 +0000
ROA not after: Mon 25 May 2026 19:36:14 +0000
asID: 3320
IP address blocks: 82.21.57.0/24 maxlen: 24
82.21.125.0/24 maxlen: 24
82.21.153.0/24 maxlen: 24
82.21.184.0/24 maxlen: 24
82.21.199.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.161.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.197.0/24 maxlen: 24
82.24.4.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.21.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.41.0/24 maxlen: 24
82.24.52.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.86.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.190.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.4.0/24 maxlen: 24
82.25.5.0/24 maxlen: 24
82.25.6.0/24 maxlen: 24
82.25.7.0/24 maxlen: 24
82.25.9.0/24 maxlen: 24
82.25.14.0/24 maxlen: 24
82.25.16.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.138.0/24 maxlen: 24
82.25.140.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.88.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.155.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.197.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.105.0/24 maxlen: 24
82.27.119.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.29.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:8e:00:aa:63:0d:22:b4:41:45:0b:f5:82:bd:b3:ad:5b:6e:dc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 26 19:31:14 2025 GMT
Not After : May 25 19:36:14 2026 GMT
Subject: CN=45172AEBA5285C6EC5AF9582B8A5F9735B2DE742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:79:c1:9c:56:c4:50:8b:97:1e:47:da:a8:3d:
25:04:2b:81:72:38:b0:86:a3:06:ee:a0:8c:8f:e1:
66:9b:77:75:38:39:1d:e9:94:e0:9e:c9:50:fb:fd:
bc:37:b6:b5:e2:bc:9b:6d:52:ac:2b:70:95:4c:c2:
df:23:36:2e:ef:f8:f5:6e:cf:cf:5b:66:ff:16:e8:
ed:d8:6c:74:d1:06:2b:80:a5:dc:ce:32:2e:34:8c:
72:90:cd:34:77:c1:bf:b0:1f:5b:cd:d2:e4:50:a5:
51:1a:e3:69:d9:40:af:47:72:48:4e:e6:35:69:f6:
16:7e:70:a7:3a:78:9f:c5:b0:c3:b1:c9:5e:8d:8c:
f8:67:34:7c:e6:e6:f1:6b:5e:7b:59:71:5e:31:ba:
74:7d:c7:6a:fd:b9:74:44:8e:13:fb:b1:27:70:56:
7a:ee:fe:e2:1b:8e:d8:3c:46:0a:3d:06:2e:ab:ae:
72:37:af:12:59:18:44:22:f5:8b:f0:2c:a6:cf:d7:
03:0d:e7:52:f3:8b:9a:67:17:32:09:76:02:80:ba:
72:e1:45:c8:d1:50:15:c4:a3:41:e6:ac:93:97:ef:
f5:ec:21:79:83:6a:e3:69:d3:7b:2b:e1:fe:41:5b:
8b:1a:00:1e:7a:48:64:a9:3e:3e:05:5a:da:e5:3f:
96:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:17:2A:EB:A5:28:5C:6E:C5:AF:95:82:B8:A5:F9:73:5B:2D:E7:42
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.57.0/24
82.21.125.0/24
82.21.153.0/24
82.21.184.0/24
82.21.199.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.161.0/24
82.22.187.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.197.0/24
82.24.4.0/24
82.24.14.0/24
82.24.21.0/24
82.24.30.0/24
82.24.41.0/24
82.24.52.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.86.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.190.0/24
82.24.203.0/24
82.25.4.0/22
82.25.9.0/24
82.25.14.0/24
82.25.16.0/24
82.25.133.0/24
82.25.138.0/24
82.25.140.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.88.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.147.0/24
82.26.155.0/24
82.26.161.0/24
82.26.168.0/24
82.26.175.0/24
82.26.197.0-82.26.198.255
82.27.10.0/24
82.27.22.0/24
82.27.105.0/24
82.27.119.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.65.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.29.120.0/23
Signature Algorithm: sha256WithRSAEncryption
41:16:17:bb:83:ec:23:5c:47:cb:af:7e:29:3c:85:97:52:24:
9f:af:ce:2e:d8:e8:db:8a:d3:13:04:cb:1f:9e:fc:f1:ca:6b:
a9:87:70:76:a7:04:23:55:ae:22:d0:80:d3:8c:de:18:7a:72:
df:2a:09:d1:22:44:81:05:bb:1e:eb:89:c0:fe:c2:99:b8:23:
8f:c1:5c:9a:af:65:53:2c:37:b8:33:0d:12:c1:c5:6d:60:f9:
87:09:fc:a1:34:40:19:02:bf:61:7d:99:4f:47:93:9b:48:66:
35:34:0f:0a:52:51:dd:04:10:84:fa:15:e8:f5:57:d7:93:b2:
68:6a:6b:26:11:77:a7:1f:a3:61:ca:59:5d:df:e5:97:b7:38:
d4:85:3c:32:3c:09:25:d3:2f:73:cd:9b:cf:ae:b6:0e:33:b8:
82:21:32:64:2d:b8:e6:2b:99:43:56:8c:38:0d:75:a6:14:fc:
c5:ea:64:b1:83:36:10:5b:36:7c:a6:61:ee:d8:fa:f9:35:91:
74:80:c5:6c:0a:b9:f9:fb:09:ec:77:e4:6c:41:ca:4d:48:6e:
7e:69:45:0e:64:c9:99:17:be:59:e1:ed:91:9a:43:bc:f4:c5:
59:1e:d5:19:f6:2e:7f:bf:1e:8d:c9:23:5d:d4:64:5c:82:3d:
e6:0d:f8:12
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgIUWo4AqmMNIrRBRQv1gr2zrVtu3MEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjYxOTMxMTRaFw0yNjA1MjUxOTM2MTRaMDMxMTAvBgNV
BAMTKDQ1MTcyQUVCQTUyODVDNkVDNUFGOTU4MkI4QTVGOTczNUIyREU3NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ecGcVsRQi5ceR9qoPSUEK4Fy
OLCGowbuoIyP4Wabd3U4OR3plOCeyVD7/bw3trXivJttUqwrcJVMwt8jNi7v+PVu
z89bZv8W6O3YbHTRBiuApdzOMi40jHKQzTR3wb+wH1vN0uRQpVEa42nZQK9HckhO
5jVp9hZ+cKc6eJ/FsMOxyV6NjPhnNHzm5vFrXntZcV4xunR9x2r9uXREjhP7sSdw
Vnru/uIbjtg8Rgo9Bi6rrnI3rxJZGEQi9YvwLKbP1wMN51Lzi5pnFzIJdgKAunLh
RcjRUBXEo0HmrJOX7/XsIXmDauNp03sr4f5BW4saAB56SGSpPj4FWtrlP5bVAgMB
AAGjggPEMIIDwDAdBgNVHQ4EFgQURRcq66UoXG7Fr5WCuKX5c1st50IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAdkGCCsGAQUFBwEHAQH/BIIByDCCAcQwggHABAIAATCC
AbgDBABSFTkDBABSFX0DBABSFZkDBABSFbgDBABSFccDBABSFmYDBABSFmkDBABS
FmwDBABSFqEDBABSFrsDBABSFr8DBABSFsIDBABSF6gDBABSF8UDBABSGAQDBABS
GA4DBABSGBUDBABSGB4DBABSGCkDBABSGDQDBABSGDcDBABSGEgDBABSGE4DBABS
GFYDBABSGG0DBABSGHIDBABSGH0DBABSGL4DBABSGMsDBAJSGQQDBABSGQkDBABS
GQ4DBABSGRADBABSGYUDBABSGYoDBABSGYwDBABSGb8DBABSGcUDBABSGcoDBABS
GkYDBABSGlgDBABSGmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABS
Go0DBABSGpMDBABSGpsDBABSGqEDBABSGqgDBABSGq8wDAMEAFIaxQMEAFIaxgME
AFIbCgMEAFIbFgMEAFIbaQMEAFIbdwMEAFIbxgMEAFIdFwMEAFIdHQMEAFIdJAME
AFIdJwMEAFIdLQMEAFIdMQMEAFIdMwMEAFIdQQMEAFIdRgMEAFIdSQMEAFIdTAME
AFIdTwMEAVIdeDANBgkqhkiG9w0BAQsFAAOCAQEAQRYXu4PsI1xHy69+KTyFl1Ik
n6/OLtjo24rTEwTLH5788cprqYdwdqcEI1WuItCA04zeGHpy3yoJ0SJEgQW7HuuJ
wP7Cmbgjj8Fcmq9lUyw3uDMNEsHFbWD5hwn8oTRAGQK/YX2ZT0eTm0hmNTQPClJR
3QQQhPoV6PVX15OyaGprJhF3px+jYcpZXd/ll7c41IU8MjwJJdMvc82bz662DjO4
giEyZC245iuZQ1aMOA11phT8xepksYM2EFs2fKZh7tj6+TWRdIDFbAq5+fsJ7Hfk
bEHKTUhufmlFDmTJmRe+WeHtkZpDvPTFWR7VGfYuf78ejckjXdRkXII95g34Eg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:09:52 2025 by rpki-client