Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: ryXuWmGn3pklbfg9UMBmxVQgL4AE3t1ndTl7z3LjBlc=
Subject key identifier: CA:B3:88:80:2B:4A:85:4A:4A:5C:3F:27:67:21:EE:78:3E:A7:45:0D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 508F53A398B1D76468020CCAFC50A4EC63C9F716
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Wed 20 Nov 2024 00:02:16 +0000
ROA not before: Tue 19 Nov 2024 23:57:16 +0000
ROA not after: Wed 19 Nov 2025 00:02:16 +0000
asID: 3320
IP address blocks: 46.202.0.0/24 maxlen: 24
46.202.3.0/24 maxlen: 24
91.124.6.0/24 maxlen: 24
91.124.7.0/24 maxlen: 24
91.124.19.0/24 maxlen: 24
91.124.20.0/24 maxlen: 24
91.124.21.0/24 maxlen: 24
91.124.22.0/24 maxlen: 24
91.124.23.0/24 maxlen: 24
91.124.24.0/24 maxlen: 24
91.124.26.0/24 maxlen: 24
91.124.27.0/24 maxlen: 24
91.124.28.0/24 maxlen: 24
91.124.31.0/24 maxlen: 24
91.124.33.0/24 maxlen: 24
91.124.34.0/24 maxlen: 24
91.124.36.0/24 maxlen: 24
91.124.37.0/24 maxlen: 24
91.124.38.0/24 maxlen: 24
91.124.39.0/24 maxlen: 24
91.124.40.0/24 maxlen: 24
91.124.41.0/24 maxlen: 24
91.124.42.0/24 maxlen: 24
91.124.43.0/24 maxlen: 24
91.124.44.0/24 maxlen: 24
91.124.45.0/24 maxlen: 24
91.124.46.0/24 maxlen: 24
91.124.47.0/24 maxlen: 24
91.124.50.0/24 maxlen: 24
91.124.51.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
92.112.6.0/24 maxlen: 24
92.112.7.0/24 maxlen: 24
92.112.8.0/24 maxlen: 24
92.112.10.0/24 maxlen: 24
92.112.16.0/22 maxlen: 24
92.112.20.0/22 maxlen: 24
92.112.48.0/24 maxlen: 24
92.112.49.0/24 maxlen: 24
92.112.69.0/24 maxlen: 24
92.112.78.0/24 maxlen: 24
92.112.141.0/24 maxlen: 24
92.112.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8f:53:a3:98:b1:d7:64:68:02:0c:ca:fc:50:a4:ec:63:c9:f7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 19 23:57:16 2024 GMT
Not After : Nov 19 00:02:16 2025 GMT
Subject: CN=CAB388802B4A854A4A5C3F276721EE783EA7450D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7e:8d:e9:54:46:5c:32:42:72:65:7f:66:f3:
83:dc:c0:d5:7b:c4:78:2f:34:d9:d3:3c:25:af:db:
50:cf:bf:87:ab:31:bd:05:0f:2b:e9:69:24:24:aa:
2d:d6:dd:cd:c7:21:a8:d2:ee:c4:6f:84:45:e3:61:
f1:d6:42:31:df:66:73:10:a3:f5:a3:b3:6b:70:25:
cc:ed:04:6f:b6:82:e7:2f:6d:1e:0e:17:43:a8:68:
aa:ca:2b:d0:80:bd:85:23:10:4a:a5:d4:17:68:95:
e1:1d:34:60:82:ad:08:4f:b9:d7:e6:08:4b:9c:bc:
32:25:80:67:63:70:87:ce:63:26:4a:4d:67:7a:c2:
b8:c7:91:38:95:9b:db:b4:57:1b:1a:1a:0a:b3:5a:
61:5c:5a:9f:f2:c2:29:47:7f:0c:55:42:3e:67:49:
9f:a2:c4:23:8b:42:9b:82:70:89:f9:1f:e1:93:22:
34:60:31:16:f2:0d:36:90:21:0c:21:bd:47:13:07:
18:34:c1:a9:aa:15:1f:3b:58:60:7f:5e:49:ef:c6:
e3:53:d1:ce:24:23:25:6d:fc:ab:f0:43:d3:35:66:
c5:18:d4:dc:a6:71:e6:b6:cf:bf:75:7a:79:66:98:
3e:1d:1e:7c:da:1c:73:2a:c1:2a:fc:9d:4f:53:5c:
db:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B3:88:80:2B:4A:85:4A:4A:5C:3F:27:67:21:EE:78:3E:A7:45:0D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.0.0/24
46.202.3.0/24
91.124.6.0/23
91.124.19.0-91.124.24.255
91.124.26.0-91.124.28.255
91.124.31.0/24
91.124.33.0-91.124.34.255
91.124.36.0-91.124.47.255
91.124.50.0/23
91.124.135.0/24
92.112.6.0-92.112.8.255
92.112.10.0/24
92.112.16.0/21
92.112.48.0/23
92.112.69.0/24
92.112.78.0/24
92.112.141.0/24
92.112.158.0/24
Signature Algorithm: sha256WithRSAEncryption
46:43:3a:ef:3e:82:44:3a:37:b1:7c:0f:af:f5:15:9b:44:7a:
82:5e:2e:15:90:28:16:50:b0:aa:8b:3f:c9:c4:de:f5:df:8f:
9d:6f:1a:6b:f7:2c:b2:75:01:c2:64:9b:95:5a:ab:20:61:b3:
6b:e8:56:c0:7b:56:ad:62:6e:96:a5:94:04:34:22:6c:b4:93:
f5:f1:61:75:87:69:87:e8:25:95:04:07:58:4e:88:43:d7:fd:
98:c6:ef:67:d9:12:43:07:23:86:f9:44:64:ca:64:11:0c:1c:
cb:b6:03:44:7e:70:ed:be:a5:08:bf:45:6a:32:3d:c9:a9:66:
66:b4:63:f6:4a:e1:72:78:ea:00:14:81:58:ae:0a:dd:49:b4:
94:1a:cf:6c:aa:e6:f7:f5:9f:17:f2:89:46:eb:d8:35:5f:61:
31:fc:e4:4e:38:f1:64:f7:e4:b2:b2:0d:2a:12:e0:65:3f:62:
64:8d:5b:7e:4c:53:0d:13:5e:e1:b8:5a:7b:85:72:cb:38:37:
53:ba:ab:a8:2e:70:56:ba:40:a4:ae:31:31:fe:41:df:1e:d3:
62:e3:2f:13:e1:f2:0b:a4:5f:c0:72:73:d7:0e:7c:dc:91:13:
e6:2f:68:72:64:3d:e6:eb:e0:d9:93:ad:1b:40:07:fd:e2:97:
ce:f3:e4:e7
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIUUI9To5ix12RoAgzK/FCk7GPJ9xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMTkyMzU3MTZaFw0yNTExMTkwMDAyMTZaMDMxMTAvBgNV
BAMTKENBQjM4ODgwMkI0QTg1NEE0QTVDM0YyNzY3MjFFRTc4M0VBNzQ1MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlfo3pVEZcMkJyZX9m84PcwNV7
xHgvNNnTPCWv21DPv4erMb0FDyvpaSQkqi3W3c3HIajS7sRvhEXjYfHWQjHfZnMQ
o/Wjs2twJcztBG+2gucvbR4OF0OoaKrKK9CAvYUjEEql1BdoleEdNGCCrQhPudfm
CEucvDIlgGdjcIfOYyZKTWd6wrjHkTiVm9u0VxsaGgqzWmFcWp/ywilHfwxVQj5n
SZ+ixCOLQpuCcIn5H+GTIjRgMRbyDTaQIQwhvUcTBxg0wamqFR87WGB/XknvxuNT
0c4kIyVt/KvwQ9M1ZsUY1Nymcea2z791enlmmD4dHnzaHHMqwSr8nU9TXNsLAgMB
AAGjggKbMIIClzAdBgNVHQ4EFgQUyrOIgCtKhUpKXD8nZyHueD6nRQ0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQA
LsoAAwQALsoDAwQBW3wGMAwDBABbfBMDBABbfBgwDAMEAVt8GgMEAFt8HAMEAFt8
HzAMAwQAW3whAwQAW3wiMAwDBAJbfCQDBARbfCADBAFbfDIDBABbfIcwDAMEAVxw
BgMEAFxwCAMEAFxwCgMEA1xwEAMEAVxwMAMEAFxwRQMEAFxwTgMEAFxwjQMEAFxw
njANBgkqhkiG9w0BAQsFAAOCAQEARkM67z6CRDo3sXwPr/UVm0R6gl4uFZAoFlCw
qos/ycTe9d+PnW8aa/cssnUBwmSblVqrIGGza+hWwHtWrWJulqWUBDQibLST9fFh
dYdph+gllQQHWE6IQ9f9mMbvZ9kSQwcjhvlEZMpkEQwcy7YDRH5w7b6lCL9FajI9
yalmZrRj9krhcnjqABSBWK4K3Um0lBrPbKrm9/WfF/KJRuvYNV9hMfzkTjjxZPfk
srINKhLgZT9iZI1bfkxTDRNe4bhae4Vyyzg3U7qrqC5wVrpApK4xMf5B3x7TYuMv
E+HyC6RfwHJz1w583JET5i9ocmQ95uvg2ZOtG0AH/eKXzvPk5w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:42 2024 by rpki-client on console-ams.rpki-client.org