Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: DehazPqdp6lWDJtRtuhIEcC3Zm1QYC1PoNOMLzKT3ls=
Subject key identifier: D5:99:8A:B1:45:23:3B:D8:7F:D8:AC:5F:99:E3:B5:D6:5B:E3:39:CF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 31F22FFF234255B41EDE883CDF409C184F99C8A5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
Signing time: Tue 02 Jun 2026 13:03:22 +0000
ROA not before: Tue 02 Jun 2026 12:58:22 +0000
ROA not after: Tue 01 Jun 2027 13:03:22 +0000
asID: 3320
IP address blocks: 82.21.184.0/24 maxlen: 24
82.22.102.0/24 maxlen: 24
82.22.105.0/24 maxlen: 24
82.22.108.0/24 maxlen: 24
82.22.191.0/24 maxlen: 24
82.22.194.0/24 maxlen: 24
82.23.168.0/24 maxlen: 24
82.23.228.0/24 maxlen: 24
82.24.14.0/24 maxlen: 24
82.24.30.0/24 maxlen: 24
82.24.55.0/24 maxlen: 24
82.24.72.0/24 maxlen: 24
82.24.78.0/24 maxlen: 24
82.24.109.0/24 maxlen: 24
82.24.114.0/24 maxlen: 24
82.24.125.0/24 maxlen: 24
82.24.203.0/24 maxlen: 24
82.25.24.0/24 maxlen: 24
82.25.133.0/24 maxlen: 24
82.25.191.0/24 maxlen: 24
82.25.197.0/24 maxlen: 24
82.25.202.0/24 maxlen: 24
82.26.70.0/24 maxlen: 24
82.26.100.0/24 maxlen: 24
82.26.108.0/24 maxlen: 24
82.26.111.0/24 maxlen: 24
82.26.123.0/24 maxlen: 24
82.26.128.0/24 maxlen: 24
82.26.135.0/24 maxlen: 24
82.26.141.0/24 maxlen: 24
82.26.161.0/24 maxlen: 24
82.26.168.0/24 maxlen: 24
82.27.10.0/24 maxlen: 24
82.27.22.0/24 maxlen: 24
82.27.198.0/24 maxlen: 24
82.29.23.0/24 maxlen: 24
82.29.29.0/24 maxlen: 24
82.29.65.0/24 maxlen: 24
82.29.120.0/24 maxlen: 24
82.38.102.0/24 maxlen: 24
82.38.111.0/24 maxlen: 24
82.38.133.0/24 maxlen: 24
82.38.220.0/24 maxlen: 24
82.38.221.0/24 maxlen: 24
82.38.222.0/24 maxlen: 24
82.39.102.0/24 maxlen: 24
82.39.251.0/24 maxlen: 24
82.39.254.0/24 maxlen: 24
82.39.255.0/24 maxlen: 24
82.40.21.0/24 maxlen: 24
82.41.143.0/24 maxlen: 24
82.41.158.0/24 maxlen: 24
82.41.244.0/24 maxlen: 24
82.41.245.0/24 maxlen: 24
82.47.14.0/24 maxlen: 24
82.47.15.0/24 maxlen: 24
82.47.16.0/24 maxlen: 24
82.47.27.0/24 maxlen: 24
82.47.59.0/24 maxlen: 24
82.47.104.0/24 maxlen: 24
82.47.117.0/24 maxlen: 24
82.47.147.0/24 maxlen: 24
82.47.220.0/24 maxlen: 24
84.75.154.0/24 maxlen: 24
84.75.172.0/24 maxlen: 24
84.75.196.0/24 maxlen: 24
84.75.200.0/24 maxlen: 24
84.75.206.0/24 maxlen: 24
84.75.209.0/24 maxlen: 24
84.75.218.0/24 maxlen: 24
178.83.152.0/24 maxlen: 24
178.83.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f2:2f:ff:23:42:55:b4:1e:de:88:3c:df:40:9c:18:4f:99:c8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 12:58:22 2026 GMT
Not After : Jun 1 13:03:22 2027 GMT
Subject: CN=D5998AB145233BD87FD8AC5F99E3B5D65BE339CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:c5:17:30:ba:15:84:99:87:6d:e7:e9:54:
ec:26:7e:31:46:30:93:fe:af:48:1f:7c:f7:b7:fa:
98:50:ff:53:72:c0:fe:ea:46:ef:8e:91:d0:29:e5:
56:d3:6d:60:f6:4e:e1:fc:f0:58:e2:1f:fc:bd:a8:
c8:0a:9e:39:24:67:2a:15:f2:b6:1b:56:78:de:2d:
e8:4a:77:4a:9d:09:01:04:16:81:90:7b:6a:4f:c3:
a1:11:bc:5e:45:0d:0b:67:ff:84:5d:6e:81:f4:4c:
43:0c:17:d6:6b:1c:1a:b3:29:76:00:c5:ad:53:cc:
61:e9:06:68:1b:80:75:0f:ab:e1:97:d9:5d:d8:ae:
9a:19:b0:e7:ce:f5:e4:0d:7a:89:7b:aa:c9:44:a5:
70:cd:81:00:b4:e2:5d:ae:d1:83:8e:31:6b:99:db:
e9:85:dd:ef:96:e2:38:17:24:14:c0:9e:9f:2f:4e:
70:9f:a1:a3:07:2d:fc:f2:be:8c:ab:dc:c4:14:4a:
be:41:76:23:bb:37:e2:ce:c0:ea:1b:d4:8b:53:7c:
92:07:3f:55:91:e5:06:44:b7:11:11:c6:cc:54:d8:
b7:65:72:b8:df:64:e6:a2:02:c5:21:65:96:68:f6:
38:74:c1:59:13:c9:66:f7:7e:e1:f9:10:2c:f7:ed:
d0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:99:8A:B1:45:23:3B:D8:7F:D8:AC:5F:99:E3:B5:D6:5B:E3:39:CF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.184.0/24
82.22.102.0/24
82.22.105.0/24
82.22.108.0/24
82.22.191.0/24
82.22.194.0/24
82.23.168.0/24
82.23.228.0/24
82.24.14.0/24
82.24.30.0/24
82.24.55.0/24
82.24.72.0/24
82.24.78.0/24
82.24.109.0/24
82.24.114.0/24
82.24.125.0/24
82.24.203.0/24
82.25.24.0/24
82.25.133.0/24
82.25.191.0/24
82.25.197.0/24
82.25.202.0/24
82.26.70.0/24
82.26.100.0/24
82.26.108.0/24
82.26.111.0/24
82.26.123.0/24
82.26.128.0/24
82.26.135.0/24
82.26.141.0/24
82.26.161.0/24
82.26.168.0/24
82.27.10.0/24
82.27.22.0/24
82.27.198.0/24
82.29.23.0/24
82.29.29.0/24
82.29.65.0/24
82.29.120.0/24
82.38.102.0/24
82.38.111.0/24
82.38.133.0/24
82.38.220.0-82.38.222.255
82.39.102.0/24
82.39.251.0/24
82.39.254.0/23
82.40.21.0/24
82.41.143.0/24
82.41.158.0/24
82.41.244.0/23
82.47.14.0-82.47.16.255
82.47.27.0/24
82.47.59.0/24
82.47.104.0/24
82.47.117.0/24
82.47.147.0/24
82.47.220.0/24
84.75.154.0/24
84.75.172.0/24
84.75.196.0/24
84.75.200.0/24
84.75.206.0/24
84.75.209.0/24
84.75.218.0/24
178.83.152.0/24
178.83.161.0/24
Signature Algorithm: sha256WithRSAEncryption
28:4a:c5:ac:60:6d:57:02:27:b9:17:40:4c:af:22:5b:ef:48:
f1:e3:e8:77:a3:85:5f:c2:6b:02:b9:e7:e3:84:f0:1f:8d:72:
7e:27:9b:75:49:0b:0d:22:58:fb:42:89:28:f8:96:11:67:20:
61:1d:73:7f:98:29:45:62:84:8c:61:7a:8f:a6:bd:89:3c:c9:
f9:9f:b8:83:29:fb:b5:70:7a:ca:6f:d2:f3:63:78:e1:99:84:
24:ae:ac:31:29:9b:25:79:1c:c5:cd:03:cd:85:48:39:fa:5e:
da:17:63:de:d6:58:0d:dd:17:90:71:41:0e:32:90:80:64:f3:
bb:6b:d6:17:b9:82:a0:0f:d0:75:bf:c3:40:d4:e0:36:3e:b5:
a7:d7:07:4f:cb:8e:d2:5f:a8:60:41:1d:bb:07:d7:fa:c3:d7:
12:06:21:e9:ba:80:1b:ac:a6:56:23:56:eb:d5:d8:df:c0:c7:
9e:e2:63:de:38:30:e4:d1:dd:57:2a:ef:29:ea:ec:a8:d9:e3:
ba:3c:81:95:72:0f:cb:fb:5d:dd:b0:6b:20:da:0e:8d:af:63:
7b:cd:b4:8e:ae:4c:39:ef:6f:4d:0e:88:95:33:1e:3e:41:87:
7c:ea:0f:d4:85:30:45:57:ae:6c:ca:3a:ed:a2:74:46:69:2b:
62:56:ec:87
-----BEGIN CERTIFICATE-----
MIIGnjCCBYagAwIBAgIUMfIv/yNCVbQe3og830CcGE+ZyKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIxMjU4MjJaFw0yNzA2MDExMzAzMjJaMDMxMTAvBgNV
BAMTKEQ1OTk4QUIxNDUyMzNCRDg3RkQ4QUM1Rjk5RTNCNUQ2NUJFMzM5Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3McUXMLoVhJmHbefpVOwmfjFG
MJP+r0gffPe3+phQ/1NywP7qRu+OkdAp5VbTbWD2TuH88FjiH/y9qMgKnjkkZyoV
8rYbVnjeLehKd0qdCQEEFoGQe2pPw6ERvF5FDQtn/4RdboH0TEMMF9ZrHBqzKXYA
xa1TzGHpBmgbgHUPq+GX2V3YrpoZsOfO9eQNeol7qslEpXDNgQC04l2u0YOOMWuZ
2+mF3e+W4jgXJBTAnp8vTnCfoaMHLfzyvoyr3MQUSr5BdiO7N+LOwOob1ItTfJIH
P1WR5QZEtxERxsxU2LdlcrjfZOaiAsUhZZZo9jh0wVkTyWb3fuH5ECz37dDLAgMB
AAGjggOoMIIDpDAdBgNVHQ4EFgQU1ZmKsUUjO9h/2KxfmeO11lvjOc8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAb0GCCsGAQUFBwEHAQH/BIIBrDCCAagwggGkBAIAATCC
AZwDBABSFbgDBABSFmYDBABSFmkDBABSFmwDBABSFr8DBABSFsIDBABSF6gDBABS
F+QDBABSGA4DBABSGB4DBABSGDcDBABSGEgDBABSGE4DBABSGG0DBABSGHIDBABS
GH0DBABSGMsDBABSGRgDBABSGYUDBABSGb8DBABSGcUDBABSGcoDBABSGkYDBABS
GmQDBABSGmwDBABSGm8DBABSGnsDBABSGoADBABSGocDBABSGo0DBABSGqEDBABS
GqgDBABSGwoDBABSGxYDBABSG8YDBABSHRcDBABSHR0DBABSHUEDBABSHXgDBABS
JmYDBABSJm8DBABSJoUwDAMEAlIm3AMEAFIm3gMEAFInZgMEAFIn+wMEAVIn/gME
AFIoFQMEAFIpjwMEAFIpngMEAVIp9DAMAwQBUi8OAwQAUi8QAwQAUi8bAwQAUi87
AwQAUi9oAwQAUi91AwQAUi+TAwQAUi/cAwQAVEuaAwQAVEusAwQAVEvEAwQAVEvI
AwQAVEvOAwQAVEvRAwQAVEvaAwQAslOYAwQAslOhMA0GCSqGSIb3DQEBCwUAA4IB
AQAoSsWsYG1XAie5F0BMryJb70jx4+h3o4VfwmsCuefjhPAfjXJ+J5t1SQsNIlj7
Qoko+JYRZyBhHXN/mClFYoSMYXqPpr2JPMn5n7iDKfu1cHrKb9LzY3jhmYQkrqwx
KZsleRzFzQPNhUg5+l7aF2Pe1lgN3ReQcUEOMpCAZPO7a9YXuYKgD9B1v8NA1OA2
PrWn1wdPy47SX6hgQR27B9f6w9cSBiHpuoAbrKZWI1br1djfwMee4mPeODDk0d1X
Ku8p6uyo2eO6PIGVcg/L+13dsGsg2g6Nr2N7zbSOrkw5729NDoiVMx4+QYd86g/U
hTBFV65syjrtonRGaStiVuyH
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:41 2026 by rpki-client