Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: 0zsvNQ9jY8yhqslObL1gvZrsm2/s6mUc9QHfya15zcE=
Subject key identifier: F4:71:65:F6:DC:F0:57:9C:0C:F0:DA:7D:F6:B2:5E:9F:29:B4:73:AB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 181EB2AA520D07FEF8002D174D7A4BA4ADDBF4AD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
Signing time: Sun 03 Aug 2025 17:31:48 +0000
ROA not before: Sun 03 Aug 2025 17:26:48 +0000
ROA not after: Sun 02 Aug 2026 17:31:48 +0000
asID: 3320
IP address blocks: 140.233.192.0/18 maxlen: 24
140.233.192.0/24 maxlen: 24
143.14.128.0/24 maxlen: 24
143.14.129.0/24 maxlen: 24
143.14.130.0/24 maxlen: 24
143.14.140.0/24 maxlen: 24
143.14.170.0/24 maxlen: 24
147.79.8.0/21 maxlen: 24
147.79.48.0/24 maxlen: 24
147.79.49.0/24 maxlen: 24
147.79.50.0/24 maxlen: 24
147.79.51.0/24 maxlen: 24
148.135.192.0/24 maxlen: 24
150.241.192.0/24 maxlen: 24
150.241.193.0/24 maxlen: 24
150.241.194.0/24 maxlen: 24
150.241.195.0/24 maxlen: 24
155.117.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:1e:b2:aa:52:0d:07:fe:f8:00:2d:17:4d:7a:4b:a4:ad:db:f4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 3 17:26:48 2025 GMT
Not After : Aug 2 17:31:48 2026 GMT
Subject: CN=F47165F6DCF0579C0CF0DA7DF6B25E9F29B473AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:2e:a5:03:e9:6d:ca:4e:2c:bf:fa:38:b0:
9e:e4:7f:c4:f5:a0:9c:e9:5d:fb:d4:2d:a4:5e:fb:
a0:90:f5:b9:c7:e7:0a:57:7a:03:d2:22:2d:87:3d:
c8:0b:1f:4e:5b:fc:d8:fa:96:5c:22:92:fc:c0:87:
99:a0:8e:9d:1d:f4:bd:2d:31:01:16:ab:cc:cb:73:
df:f9:0b:ba:a4:34:e0:7a:c0:86:ae:df:1c:70:2b:
31:94:59:c0:00:d2:53:33:09:af:62:56:21:84:80:
fa:8c:a8:1e:c0:9e:ca:43:bc:25:57:e0:21:a4:af:
b6:95:2c:35:c4:7e:13:0f:28:ae:6f:b1:1b:37:17:
c2:08:23:c6:d0:4a:25:00:4a:a7:16:4f:38:45:82:
55:0c:6e:01:10:44:15:17:a3:3d:ac:66:c1:bb:18:
0d:35:22:41:f4:b2:b3:3e:80:d0:4b:34:4b:16:a3:
31:85:de:62:b4:0a:0c:80:bd:b5:45:c4:6c:44:3d:
1d:f3:99:bf:bf:b6:aa:3a:74:4c:be:bd:05:aa:43:
77:db:00:9b:1c:92:64:d3:13:0d:ea:ed:db:e4:c5:
55:e2:5b:c4:e3:d5:c1:3e:9b:ff:75:ad:8e:a8:cd:
58:88:63:14:bb:a0:14:38:4c:a0:94:3b:61:11:45:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:71:65:F6:DC:F0:57:9C:0C:F0:DA:7D:F6:B2:5E:9F:29:B4:73:AB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/18
143.14.128.0-143.14.130.255
143.14.140.0/24
143.14.170.0/24
147.79.8.0/21
147.79.48.0/22
148.135.192.0/24
150.241.192.0/22
155.117.124.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b1:8b:a7:fc:53:06:2c:0f:e4:d1:21:9e:b3:e9:16:c6:7f:
77:d9:ff:6d:2a:0f:8c:0c:78:3c:61:38:08:ad:e0:93:ab:60:
be:93:6b:ef:ec:44:6e:58:70:71:ed:7b:26:0e:02:a0:04:ae:
af:a1:24:44:4d:1a:12:29:90:96:cb:46:af:6b:23:60:10:79:
16:2a:8f:c6:53:9f:45:98:90:9d:38:af:d8:b1:1c:89:32:d6:
c3:00:45:a8:79:38:3d:d7:9e:fc:00:2b:71:a8:f7:a1:c8:9a:
c1:eb:29:f6:28:03:bb:13:40:ea:a4:9c:de:89:fd:e6:62:db:
36:80:52:44:0b:91:17:2e:37:9b:2d:07:97:2f:c3:61:54:1e:
00:aa:16:9b:a7:e5:0a:c5:2b:10:9e:2b:96:dd:27:94:9a:24:
e9:b5:96:03:01:98:1d:f2:c7:4d:f1:09:5a:ae:93:f1:19:fc:
af:1b:08:72:66:6f:cf:d5:67:56:61:ba:20:90:3d:22:8f:00:
5b:10:08:f6:93:5a:37:c0:27:bd:85:0c:12:f9:c6:91:92:c1:
d7:19:14:70:6f:12:2a:cb:e1:60:1b:75:a1:ae:11:77:f5:ec:
6b:31:d5:98:51:a4:d2:92:2f:8e:8e:68:c1:0f:a9:84:36:2e:
b5:b6:ed:e0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUGB6yqlINB/74AC0XTXpLpK3b9K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MDMxNzI2NDhaFw0yNjA4MDIxNzMxNDhaMDMxMTAvBgNV
BAMTKEY0NzE2NUY2RENGMDU3OUMwQ0YwREE3REY2QjI1RTlGMjlCNDczQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkmS6lA+ltyk4sv/o4sJ7kf8T1
oJzpXfvULaRe+6CQ9bnH5wpXegPSIi2HPcgLH05b/Nj6llwikvzAh5mgjp0d9L0t
MQEWq8zLc9/5C7qkNOB6wIau3xxwKzGUWcAA0lMzCa9iViGEgPqMqB7AnspDvCVX
4CGkr7aVLDXEfhMPKK5vsRs3F8III8bQSiUASqcWTzhFglUMbgEQRBUXoz2sZsG7
GA01IkH0srM+gNBLNEsWozGF3mK0CgyAvbVFxGxEPR3zmb+/tqo6dEy+vQWqQ3fb
AJsckmTTEw3q7dvkxVXiW8Tj1cE+m/91rY6ozViIYxS7oBQ4TKCUO2ERRZwNAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU9HFl9tzwV5wM8Np99rJenym0c6swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEBozpwDAM
AwQHjw6AAwQAjw6CAwQAjw6MAwQAjw6qAwQDk08IAwQCk08wAwQAlIfAAwQClvHA
AwQAm3V8MA0GCSqGSIb3DQEBCwUAA4IBAQAQsYun/FMGLA/k0SGes+kWxn932f9t
Kg+MDHg8YTgIreCTq2C+k2vv7ERuWHBx7XsmDgKgBK6voSRETRoSKZCWy0avayNg
EHkWKo/GU59FmJCdOK/YsRyJMtbDAEWoeTg91578ACtxqPehyJrB6yn2KAO7E0Dq
pJzeif3mYts2gFJEC5EXLjebLQeXL8NhVB4Aqhabp+UKxSsQniuW3SeUmiTptZYD
AZgd8sdN8QlarpPxGfyvGwhyZm/P1WdWYbogkD0ijwBbEAj2k1o3wCe9hQwS+caR
ksHXGRRwbxIqy+FgG3WhrhF39exrMdWYUaTSki+OjmjBD6mENi61tu3g
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:40:23 2025 by rpki-client