Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: TCaP2KT4b0jEn/4UQRptx9lTOPg17cKaeV9EykQDvHw=
Subject key identifier: 28:E3:47:D6:B8:A4:AC:02:28:BB:55:94:23:63:27:64:B9:FB:62:76
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5A737E9B47B69D04F662DFD666A43AC216261D41
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
Signing time: Fri 05 Jun 2026 08:16:42 +0000
ROA not before: Fri 05 Jun 2026 08:11:42 +0000
ROA not after: Fri 04 Jun 2027 08:16:42 +0000
asID: 3320
IP address blocks: 140.233.192.0/18 maxlen: 24
140.233.192.0/24 maxlen: 24
143.14.10.0/24 maxlen: 24
143.14.164.0/24 maxlen: 24
143.14.169.0/24 maxlen: 24
143.14.223.0/24 maxlen: 24
143.14.225.0/24 maxlen: 24
143.14.246.0/24 maxlen: 24
147.79.48.0/24 maxlen: 24
147.79.49.0/24 maxlen: 24
147.79.50.0/24 maxlen: 24
147.79.51.0/24 maxlen: 24
150.241.192.0/24 maxlen: 24
150.241.193.0/24 maxlen: 24
150.241.194.0/24 maxlen: 24
150.241.195.0/24 maxlen: 24
155.117.223.0/24 maxlen: 24
168.222.1.0/24 maxlen: 24
168.222.33.0/24 maxlen: 24
168.222.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:73:7e:9b:47:b6:9d:04:f6:62:df:d6:66:a4:3a:c2:16:26:1d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 5 08:11:42 2026 GMT
Not After : Jun 4 08:16:42 2027 GMT
Subject: CN=28E347D6B8A4AC0228BB559423632764B9FB6276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0a:ac:4f:70:7e:8c:a6:da:df:ef:e6:05:e9:
b3:a9:04:20:ad:39:d4:7f:73:e9:73:25:f2:06:06:
42:9b:8b:dc:b9:82:b3:e5:2b:c0:ea:9e:c3:10:ce:
28:c1:df:58:ce:eb:e1:51:fc:0b:f5:34:26:07:20:
e7:56:f4:71:ea:1f:12:21:ae:7c:e6:a7:ee:71:be:
b2:a9:c4:10:71:0b:d4:e4:b9:43:a3:d1:94:78:d2:
c1:9c:ed:08:10:8a:74:12:39:10:be:bb:be:5b:bb:
6d:4f:f6:cd:12:e1:62:66:00:7f:98:fd:9a:fe:a8:
56:6f:2e:2b:6f:5d:44:67:5c:ba:f1:eb:e3:36:d9:
b5:fc:79:74:4c:2a:b4:cf:14:2c:e6:2e:be:73:8c:
b6:ff:3c:27:4c:c8:09:98:f4:12:fe:42:90:a1:0b:
c3:a8:05:fa:11:60:d2:c2:b3:41:0d:1e:40:f2:2a:
18:54:82:16:61:54:d2:d1:f6:03:0d:fc:38:96:c1:
91:cf:71:d1:b8:89:d0:ba:e9:0e:cf:35:bb:69:11:
ec:6e:51:34:92:46:c5:e6:1f:e5:1e:6c:25:b3:95:
1e:20:9b:a3:4c:a1:c5:f8:67:a3:b1:fc:ff:6f:25:
5e:8d:db:e2:70:6c:6d:a8:01:53:e4:a5:55:2b:71:
f0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E3:47:D6:B8:A4:AC:02:28:BB:55:94:23:63:27:64:B9:FB:62:76
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.10.0/24
143.14.164.0/24
143.14.169.0/24
143.14.223.0/24
143.14.225.0/24
143.14.246.0/24
147.79.48.0/22
150.241.192.0/22
155.117.223.0/24
168.222.1.0/24
168.222.33.0/24
168.222.64.0/24
Signature Algorithm: sha256WithRSAEncryption
26:a2:2b:db:93:6a:6c:74:91:d2:d3:e0:9b:95:a5:a8:dd:3a:
c6:b3:2a:31:f0:d4:cb:ba:17:dc:66:39:f9:f8:64:0d:6b:bb:
86:31:b6:33:5d:66:1b:53:50:65:31:b9:a9:e0:b9:12:8e:18:
b6:8a:60:4a:e8:90:8d:6c:7c:44:35:89:7f:2c:31:11:e2:ac:
2a:00:73:70:62:a9:c7:3f:a5:5f:8e:45:dc:83:92:83:b6:99:
22:1a:c9:b7:43:8d:85:1b:e7:20:5a:e9:29:b5:b0:23:21:11:
7f:e0:a6:bc:36:f8:a3:73:97:cb:85:2c:db:f2:17:d1:22:3d:
4c:69:d1:c7:6c:00:64:42:51:b7:96:d3:28:0c:2c:3c:1d:a4:
51:c2:a6:83:57:c7:36:c1:7f:8a:d5:c0:dc:dc:32:7a:63:40:
5e:35:c8:7b:ec:9f:2f:9f:fd:bc:4d:22:3e:34:cf:5d:4f:cc:
bc:18:f1:22:f7:93:6e:5c:d1:c8:98:4d:5f:b0:9e:54:c0:3e:
7e:f5:d0:37:01:a4:09:73:a8:63:9a:bb:39:9e:05:f0:4c:57:
6e:a1:16:8e:1c:39:46:88:b7:6c:68:da:01:89:c7:93:ff:7d:
42:5c:fb:34:15:10:85:33:74:b3:bf:d5:5e:a1:a9:a4:db:f0:
ba:59:1b:33
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUWnN+m0e2nQT2Yt/WZqQ6whYmHUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA2MDUwODExNDJaFw0yNzA2MDQwODE2NDJaMDMxMTAvBgNV
BAMTKDI4RTM0N0Q2QjhBNEFDMDIyOEJCNTU5NDIzNjMyNzY0QjlGQjYyNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBCqxPcH6Mptrf7+YF6bOpBCCt
OdR/c+lzJfIGBkKbi9y5grPlK8DqnsMQzijB31jO6+FR/Av1NCYHIOdW9HHqHxIh
rnzmp+5xvrKpxBBxC9TkuUOj0ZR40sGc7QgQinQSORC+u75bu21P9s0S4WJmAH+Y
/Zr+qFZvLitvXURnXLrx6+M22bX8eXRMKrTPFCzmLr5zjLb/PCdMyAmY9BL+QpCh
C8OoBfoRYNLCs0ENHkDyKhhUghZhVNLR9gMN/DiWwZHPcdG4idC66Q7PNbtpEexu
UTSSRsXmH+UebCWzlR4gm6NMocX4Z6Ox/P9vJV6N2+JwbG2oAVPkpVUrcfDnAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUKONH1rikrAIou1WUI2MnZLn7YnYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEBozpwAME
AI8OCgMEAI8OpAMEAI8OqQMEAI8O3wMEAI8O4QMEAI8O9gMEApNPMAMEApbxwAME
AJt13wMEAKjeAQMEAKjeIQMEAKjeQDANBgkqhkiG9w0BAQsFAAOCAQEAJqIr25Nq
bHSR0tPgm5WlqN06xrMqMfDUy7oX3GY5+fhkDWu7hjG2M11mG1NQZTG5qeC5Eo4Y
topgSuiQjWx8RDWJfywxEeKsKgBzcGKpxz+lX45F3IOSg7aZIhrJt0ONhRvnIFrp
KbWwIyERf+CmvDb4o3OXy4Us2/IX0SI9TGnRx2wAZEJRt5bTKAwsPB2kUcKmg1fH
NsF/itXA3NwyemNAXjXIe+yfL5/9vE0iPjTPXU/MvBjxIveTblzRyJhNX7CeVMA+
fvXQNwGkCXOoY5q7OZ4F8ExXbqEWjhw5Roi3bGjaAYnHk/99Qlz7NBUQhTN0s7/V
XqGppNvwulkbMw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:43:46 2026 by rpki-client