
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: ix6AT3IYDzPveBonUaY/kbCHB4EwB90SOnAPyitifHU=
Subject key identifier: F7:41:E0:3E:89:F5:DF:85:E1:74:C5:44:38:21:78:E1:06:22:1B:BD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1CA7720276F7BF6C09185DB5AAC311C1C822DE8D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Sun 28 Jun 2026 00:04:44 +0000
ROA not before: Sat 27 Jun 2026 23:59:44 +0000
ROA not after: Sun 27 Jun 2027 00:04:44 +0000
asID: 3320
IP address blocks: 82.21.184.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.24.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.38.102.0/24 maxlen: 24
82.38.111.0/24 maxlen: 24
82.38.133.0/24 maxlen: 24
82.38.220.0/24 maxlen: 24
82.38.221.0/24 maxlen: 24
82.38.222.0/24 maxlen: 24
82.39.102.0/24 maxlen: 24
82.39.254.0/24 maxlen: 24
82.39.255.0/24 maxlen: 24
82.40.21.0/24 maxlen: 24
82.41.143.0/24 maxlen: 24
82.41.158.0/24 maxlen: 24
82.41.244.0/24 maxlen: 24
82.47.14.0/24 maxlen: 24
82.47.15.0/24 maxlen: 24
82.47.16.0/24 maxlen: 24
82.47.27.0/24 maxlen: 24
82.47.59.0/24 maxlen: 24
82.47.104.0/24 maxlen: 24
82.47.117.0/24 maxlen: 24
82.47.147.0/24 maxlen: 24
82.47.220.0/24 maxlen: 24
84.75.154.0/24 maxlen: 24
84.75.172.0/24 maxlen: 24
84.75.196.0/24 maxlen: 24
84.75.200.0/24 maxlen: 24
84.75.206.0/24 maxlen: 24
84.75.209.0/24 maxlen: 24
84.75.218.0/24 maxlen: 24
178.83.152.0/24 maxlen: 24
178.83.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:a7:72:02:76:f7:bf:6c:09:18:5d:b5:aa:c3:11:c1:c8:22:de:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 27 23:59:44 2026 GMT
Not After : Jun 27 00:04:44 2027 GMT
Subject: CN=F741E03E89F5DF85E174C544382178E106221BBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ef:82:df:b8:bc:e4:11:2a:5e:3f:af:e6:c6:
db:4a:47:11:bd:88:63:72:d2:49:7f:82:b4:10:26:
2a:c8:20:10:91:34:0f:12:b8:b9:f1:58:0d:b3:a8:
da:13:00:68:7f:9e:84:f5:64:f6:84:1f:10:1a:1d:
78:6d:35:99:64:c4:f0:57:68:c2:68:8b:3f:90:11:
09:8f:5f:cb:b3:47:c4:1a:d8:3b:f5:cc:87:13:d9:
9d:1d:ef:53:37:0d:bd:e7:09:0f:f7:3f:c3:4f:b6:
d5:55:d8:56:9d:8d:44:34:11:11:06:5d:11:24:fc:
e6:db:a4:50:20:b3:90:dd:df:72:a1:ce:d0:c6:e2:
4b:31:3f:59:02:58:d4:f9:2d:d5:ff:5f:e1:7e:90:
42:ef:5a:01:3a:da:05:a0:c4:a3:a3:a7:bd:d2:d1:
34:ea:14:c2:b0:0c:21:4a:73:c4:77:6b:f0:39:16:
29:70:1d:82:19:7b:ba:54:a4:b9:c2:92:16:83:c4:
68:d4:c8:cc:7b:b9:ae:75:59:a4:b2:fa:7a:c5:b8:
f7:b1:22:ac:50:be:7f:4f:27:33:9c:f4:6b:c5:3a:
84:cd:9b:eb:40:a8:5c:b9:2a:68:8b:13:e4:93:bc:
4f:3e:34:1a:b6:6e:ed:61:60:b6:06:8c:69:33:e3:
90:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:41:E0:3E:89:F5:DF:85:E1:74:C5:44:38:21:78:E1:06:22:1B:BD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.184.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.228.0/24
82.24.14.0/24
82.24.30.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.203.0/24
82.25.24.0/24
82.25.133.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.161.0/24
82.26.168.0/24
82.27.10.0/24
82.27.22.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.65.0/24
82.29.120.0/24
82.38.102.0/24
82.38.111.0/24
82.38.133.0/24
82.38.220.0-82.38.222.255
82.39.102.0/24
82.39.254.0/23
82.40.21.0/24
82.41.143.0/24
82.41.158.0/24
82.41.244.0/24
82.47.14.0-82.47.16.255
82.47.27.0/24
82.47.59.0/24
82.47.104.0/24
82.47.117.0/24
82.47.147.0/24
82.47.220.0/24
84.75.154.0/24
84.75.172.0/24
84.75.196.0/24
84.75.200.0/24
84.75.206.0/24
84.75.209.0/24
84.75.218.0/24
178.83.152.0/24
178.83.161.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:7f:70:8d:f2:5a:b0:9e:4a:eb:c3:26:b2:06:bf:cc:34:62:
e8:0c:b9:98:44:44:22:75:8c:85:1b:5e:22:83:0a:4f:af:b0:
fd:87:e0:c5:91:47:09:0a:6a:02:86:34:aa:ae:f7:eb:84:39:
09:cc:34:ac:9e:5f:8e:c8:68:55:c4:86:f9:3c:27:8b:de:57:
87:08:65:74:7a:d9:76:b7:81:fc:b3:4f:8c:1e:7e:f1:72:a9:
7c:bb:5f:0d:f1:ed:fc:2f:f5:3b:67:9b:70:f5:c7:70:13:71:
46:91:54:cf:17:7a:c3:42:57:ca:1a:73:ce:98:d5:3b:5a:3c:
f4:51:ac:e1:2c:ec:bc:6a:51:f2:f5:7a:79:5d:e3:b3:cd:c5:
1f:51:01:ef:79:8c:ba:4c:4d:44:5e:c1:01:40:9b:57:df:b3:
09:39:27:cb:3f:f4:94:64:d0:51:62:69:1e:1f:69:a0:cf:a0:
f6:e1:3f:9d:ee:13:4e:d8:0a:aa:7c:0f:83:8c:92:c6:1b:16:
82:37:a4:36:fe:08:92:26:85:cf:14:4c:94:c5:ea:64:e0:98:
26:7f:05:74:57:87:69:5f:d8:7e:34:70:4e:be:ae:8f:00:12:
d1:ed:42:32:32:a4:f2:2d:cc:6c:cf:b8:e6:eb:66:27:dc:89:
9e:6a:b9:a8
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgIUHKdyAnb3v2wJGF21qsMRwcgi3o0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjcyMzU5NDRaFw0yNzA2MjcwMDA0NDRaMDMxMTAvBgNV
BAMTKEY3NDFFMDNFODlGNURGODVFMTc0QzU0NDM4MjE3OEUxMDYyMjFCQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu74LfuLzkESpeP6/mxttKRxG9
iGNy0kl/grQQJirIIBCRNA8SuLnxWA2zqNoTAGh/noT1ZPaEHxAaHXhtNZlkxPBX
aMJoiz+QEQmPX8uzR8Qa2Dv1zIcT2Z0d71M3Db3nCQ/3P8NPttVV2FadjUQ0EREG
XREk/ObbpFAgs5Dd33KhztDG4ksxP1kCWNT5LdX/X+F+kELvWgE62gWgxKOjp73S
0TTqFMKwDCFKc8R3a/A5FilwHYIZe7pUpLnCkhaDxGjUyMx7ua51WaSy+nrFuPex
IqxQvn9PJzOc9GvFOoTNm+tAqFy5KmiLE+STvE8+NBq2bu1hYLYGjGkz45CbAgMB
AAGjggOiMIIDnjAdBgNVHQ4EFgQU90HgPon134XhdMVEOCF44QYiG70wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAbcGCCsGAQUFBwEHAQH/BIIBpjCCAaIwggGeBAIAATCC
AZYDBABSFbgDBABSFmYDBABSFmkDBABSFmwDBABSFr8DBABSFsIDBABSF6gDBABS
F+QDBABSGA4DBABSGB4DBABSGDcDBABSGEgDBABSGE4DBABSGG0DBABSGHIDBABS
GH0DBABSGMsDBABSGRgDBABSGYUDBABSGb8DBABSGcUDBABSGcoDBABSGkYDBABS
GmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABSGo0DBABSGqEDBABS
GqgDBABSGwoDBABSGxYDBABSG8YDBABSHRcDBABSHR0DBABSHUEDBABSHXgDBABS
JmYDBABSJm8DBABSJoUwDAMEAlIm3AMEAFIm3gMEAFInZgMEAVIn/gMEAFIoFQME
AFIpjwMEAFIpngMEAFIp9DAMAwQBUi8OAwQAUi8QAwQAUi8bAwQAUi87AwQAUi9o
AwQAUi91AwQAUi+TAwQAUi/cAwQAVEuaAwQAVEusAwQAVEvEAwQAVEvIAwQAVEvO
AwQAVEvRAwQAVEvaAwQAslOYAwQAslOhMA0GCSqGSIb3DQEBCwUAA4IBAQCaf3CN
8lqwnkrrwyayBr/MNGLoDLmYREQidYyFG14igwpPr7D9h+DFkUcJCmoChjSqrvfr
hDkJzDSsnl+OyGhVxIb5PCeL3leHCGV0etl2t4H8s0+MHn7xcql8u18N8e38L/U7
Z5tw9cdwE3FGkVTPF3rDQlfKGnPOmNU7Wjz0UazhLOy8alHy9Xp5XeOzzcUfUQHv
eYy6TE1EXsEBQJtX37MJOSfLP/SUZNBRYmkeH2mgz6D24T+d7hNO2AqqfA+DjJLG
GxaCN6Q2/giSJoXPFEyUxepk4JgmfwV0V4dpX9h+NHBOvq6PABLR7UIyMqTyLcxs
z7jm62Yn3Imearmo
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:05:41 2026 by rpki-client