Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: d+hzzbGDOBIMXaOHH4fR9npiTQp00MytGSfP75EA08w=
Subject key identifier: ED:BB:19:66:1E:FE:CB:64:94:CB:E6:96:21:F0:5F:C6:9F:26:D5:E2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2F45589410A22BB6CE4B483B2C9A0986E0CABCED
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Mon 20 Oct 2025 14:48:07 +0000
ROA not before: Mon 20 Oct 2025 14:43:07 +0000
ROA not after: Mon 19 Oct 2026 14:48:07 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.61.0/24 maxlen: 24
95.134.112.0/24 maxlen: 24
95.134.178.0/24 maxlen: 24
95.134.180.0/24 maxlen: 24
95.134.192.0/24 maxlen: 24
95.134.205.0/24 maxlen: 24
95.134.224.0/22 maxlen: 24
95.134.233.0/24 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
95.135.222.0/24 maxlen: 24
178.92.85.0/24 maxlen: 24
178.92.88.0/24 maxlen: 24
178.92.93.0/24 maxlen: 24
178.92.106.0/24 maxlen: 24
178.92.172.0/22 maxlen: 24
178.92.199.0/24 maxlen: 24
178.92.207.0/24 maxlen: 24
178.92.232.0/24 maxlen: 24
178.92.248.0/24 maxlen: 24
178.93.17.0/24 maxlen: 24
178.93.19.0/24 maxlen: 24
178.93.28.0/24 maxlen: 24
178.93.31.0/24 maxlen: 24
178.93.35.0/24 maxlen: 24
178.93.59.0/24 maxlen: 24
178.93.208.0/24 maxlen: 24
178.93.224.0/24 maxlen: 24
178.93.254.0/24 maxlen: 24
178.94.38.0/24 maxlen: 24
178.94.54.0/24 maxlen: 24
178.94.68.0/24 maxlen: 24
178.94.123.0/24 maxlen: 24
178.95.11.0/24 maxlen: 24
178.95.15.0/24 maxlen: 24
178.95.16.0/24 maxlen: 24
178.95.21.0/24 maxlen: 24
178.95.27.0/24 maxlen: 24
178.95.93.0/24 maxlen: 24
178.95.103.0/24 maxlen: 24
178.95.112.0/24 maxlen: 24
178.95.127.0/24 maxlen: 24
178.95.128.0/24 maxlen: 24
178.95.129.0/24 maxlen: 24
178.95.130.0/24 maxlen: 24
178.95.132.0/24 maxlen: 24
178.95.134.0/24 maxlen: 24
178.95.136.0/24 maxlen: 24
178.95.140.0/22 maxlen: 24
178.95.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 07:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:45:58:94:10:a2:2b:b6:ce:4b:48:3b:2c:9a:09:86:e0:ca:bc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 20 14:43:07 2025 GMT
Not After : Oct 19 14:48:07 2026 GMT
Subject: CN=EDBB19661EFECB6494CBE69621F05FC69F26D5E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8a:17:d4:63:94:bd:5d:82:e5:ea:7a:d3:11:
cb:e9:3e:6c:e9:d9:84:8d:31:9b:56:80:13:7f:0a:
ec:51:86:db:37:fd:76:d6:cc:4b:f5:0a:11:9c:72:
6d:76:52:29:89:d9:a8:12:a1:8d:b2:d0:f7:ab:b5:
58:17:0a:2a:ba:b8:93:40:10:ff:da:87:dc:8c:45:
c2:eb:6a:87:fc:2a:ae:10:47:bd:c7:b3:e5:5a:e9:
e1:b4:fc:c0:d2:3d:da:48:27:a0:09:3b:b1:0f:3a:
80:41:2d:74:45:8e:7f:49:d7:99:01:f6:e8:a0:ea:
c2:ac:81:a1:d4:1f:20:c3:8f:35:27:c8:15:0e:d6:
e3:cf:3b:cb:c1:17:12:ae:73:5d:4a:04:bc:da:18:
18:bb:38:95:64:d7:48:d0:e2:74:e1:87:3f:f5:40:
ce:72:18:54:e1:2f:d9:7b:a3:1b:9b:db:00:d2:d9:
79:79:db:d2:5c:a1:7b:b3:de:69:dc:87:cc:b0:3f:
38:65:97:a8:f2:b6:d1:29:8e:1b:0c:2e:c3:de:83:
05:3e:27:56:af:bc:ef:e0:88:ac:3b:5f:71:e6:97:
30:f5:fd:48:36:43:44:32:c4:03:ec:2a:fe:76:71:
0e:50:75:60:d8:3d:f8:19:0c:da:12:11:44:a8:fa:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BB:19:66:1E:FE:CB:64:94:CB:E6:96:21:F0:5F:C6:9F:26:D5:E2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.134.16.0/22
95.134.61.0/24
95.134.112.0/24
95.134.178.0/24
95.134.180.0/24
95.134.192.0/24
95.134.205.0/24
95.134.224.0/22
95.134.233.0/24
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
95.135.222.0/24
178.92.85.0/24
178.92.88.0/24
178.92.93.0/24
178.92.106.0/24
178.92.172.0/22
178.92.199.0/24
178.92.207.0/24
178.92.232.0/24
178.92.248.0/24
178.93.17.0/24
178.93.19.0/24
178.93.28.0/24
178.93.31.0/24
178.93.35.0/24
178.93.59.0/24
178.93.208.0/24
178.93.224.0/24
178.93.254.0/24
178.94.38.0/24
178.94.54.0/24
178.94.68.0/24
178.94.123.0/24
178.95.11.0/24
178.95.15.0-178.95.16.255
178.95.21.0/24
178.95.27.0/24
178.95.93.0/24
178.95.103.0/24
178.95.112.0/24
178.95.127.0-178.95.130.255
178.95.132.0/24
178.95.134.0/24
178.95.136.0/24
178.95.140.0/22
178.95.194.0/24
Signature Algorithm: sha256WithRSAEncryption
40:59:82:3a:1e:f5:d1:c7:21:98:00:2c:82:6c:24:b3:b8:28:
f9:01:68:41:47:81:7b:57:b9:4d:9c:a8:94:4b:a8:40:18:00:
3f:3a:8f:6d:e3:0c:97:fd:99:94:8d:27:12:76:2f:0e:94:d3:
83:78:f2:86:64:c2:dc:24:10:94:ee:32:d6:3e:87:da:84:7e:
4c:e9:12:4f:b6:28:ee:3c:0f:c0:3a:fd:b3:0f:72:e8:7c:21:
20:52:f0:6f:25:ab:07:79:56:60:40:1a:d2:60:f6:56:4c:4a:
65:6b:85:30:7b:9a:c1:15:f0:e6:57:6c:de:f8:11:31:6d:cf:
31:9e:e6:12:03:5f:b7:1c:f7:96:9e:2e:09:ba:5b:c0:f4:d8:
57:fd:d3:40:2b:37:d0:05:7e:42:ed:be:23:8e:55:67:bb:ad:
47:dd:96:ef:3d:ce:94:f1:e2:71:c1:a3:f0:b2:be:5c:44:56:
4f:67:0e:92:56:78:0c:fb:23:7a:11:da:af:87:dc:c5:da:49:
bb:6a:2e:0c:e1:06:1d:7d:18:f9:c3:fe:42:e1:29:22:4a:76:
5e:69:94:9c:e6:1d:ec:c9:42:1c:e3:14:10:9b:62:6e:03:48:
63:d8:81:ba:40:94:3d:98:08:78:19:e0:d1:b1:d3:0f:3a:18:
c5:63:84:d3
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIUL0VYlBCiK7bOS0g7LJoJhuDKvO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjAxNDQzMDdaFw0yNjEwMTkxNDQ4MDdaMDMxMTAvBgNV
BAMTKEVEQkIxOTY2MUVGRUNCNjQ5NENCRTY5NjIxRjA1RkM2OUYyNkQ1RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGihfUY5S9XYLl6nrTEcvpPmzp
2YSNMZtWgBN/CuxRhts3/XbWzEv1ChGccm12UimJ2agSoY2y0PertVgXCiq6uJNA
EP/ah9yMRcLraof8Kq4QR73Hs+Va6eG0/MDSPdpIJ6AJO7EPOoBBLXRFjn9J15kB
9uig6sKsgaHUHyDDjzUnyBUO1uPPO8vBFxKuc11KBLzaGBi7OJVk10jQ4nThhz/1
QM5yGFThL9l7oxub2wDS2Xl529JcoXuz3mnch8ywPzhll6jyttEpjhsMLsPegwU+
J1avvO/giKw7X3HmlzD1/Ug2Q0QyxAPsKv52cQ5QdWDYPfgZDNoSEUSo+vCNAgMB
AAGjggNOMIIDSjAdBgNVHQ4EFgQU7bsZZh7+y2SUy+aWIfBfxp8m1eIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWMGCCsGAQUFBwEHAQH/BIIBUjCCAU4wggFKBAIAATCC
AUIDBAJbfHADBAJbfKQDBABccAoDBAJfhhADBABfhj0DBABfhnADBABfhrIDBABf
hrQDBABfhsADBABfhs0DBAJfhuADBABfhukDBAJfhywDBAJfh0wDBAJfh1gDBABf
h94DBACyXFUDBACyXFgDBACyXF0DBACyXGoDBAKyXKwDBACyXMcDBACyXM8DBACy
XOgDBACyXPgDBACyXREDBACyXRMDBACyXRwDBACyXR8DBACyXSMDBACyXTsDBACy
XdADBACyXeADBACyXf4DBACyXiYDBACyXjYDBACyXkQDBACyXnsDBACyXwswDAME
ALJfDwMEALJfEAMEALJfFQMEALJfGwMEALJfXQMEALJfZwMEALJfcDAMAwQAsl9/
AwQAsl+CAwQAsl+EAwQAsl+GAwQAsl+IAwQCsl+MAwQAsl/CMA0GCSqGSIb3DQEB
CwUAA4IBAQBAWYI6HvXRxyGYACyCbCSzuCj5AWhBR4F7V7lNnKiUS6hAGAA/Oo9t
4wyX/ZmUjScSdi8OlNODePKGZMLcJBCU7jLWPofahH5M6RJPtijuPA/AOv2zD3Lo
fCEgUvBvJasHeVZgQBrSYPZWTEpla4Uwe5rBFfDmV2ze+BExbc8xnuYSA1+3HPeW
ni4JulvA9NhX/dNAKzfQBX5C7b4jjlVnu61H3ZbvPc6U8eJxwaPwsr5cRFZPZw6S
VngM+yN6Edqvh9zF2km7ai4M4QYdfRj5w/5C4SkiSnZeaZSc5h3syUIc4xQQm2Ju
A0hj2IG6QJQ9mAh4GeDRsdMPOhjFY4TT
-----END CERTIFICATE-----
Generated at Tue Oct 21 09:34:37 2025 by rpki-client