Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: wFoac5jDFH41jFZ2tojrzdyILdQfy411zVd4jPYq74g=
Subject key identifier: E7:F8:0F:84:22:08:D8:64:72:6D:50:9D:4E:58:37:FB:AB:1B:C8:6E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 737669A3C41AA1824DF8FDC04732C4FFD160367E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
Signing time: Wed 23 Apr 2025 12:08:55 +0000
ROA not before: Wed 23 Apr 2025 12:03:55 +0000
ROA not after: Wed 22 Apr 2026 12:08:55 +0000
asID: 3320
IP address blocks: 91.124.112.0/24 maxlen: 24
91.124.113.0/24 maxlen: 24
91.124.114.0/24 maxlen: 24
91.124.115.0/24 maxlen: 24
91.124.164.0/22 maxlen: 24
92.112.10.0/24 maxlen: 24
95.135.44.0/22 maxlen: 24
95.135.76.0/24 maxlen: 24
95.135.77.0/24 maxlen: 24
95.135.78.0/24 maxlen: 24
95.135.79.0/24 maxlen: 24
95.135.88.0/22 maxlen: 24
95.135.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:76:69:a3:c4:1a:a1:82:4d:f8:fd:c0:47:32:c4:ff:d1:60:36:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 23 12:03:55 2025 GMT
Not After : Apr 22 12:08:55 2026 GMT
Subject: CN=E7F80F842208D864726D509D4E5837FBAB1BC86E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0d:05:1a:2d:34:25:bc:46:c7:25:4c:d8:c3:
e7:0b:3d:36:e1:5a:1a:b4:cc:bb:9c:48:e7:55:51:
6c:02:2e:9e:cf:b3:e0:16:0d:40:98:54:81:51:db:
26:b3:dc:76:1e:59:c7:4a:aa:4d:35:63:72:9a:5d:
6e:1a:c5:3b:fe:1d:d4:80:8d:84:df:a9:0a:35:40:
7a:4a:98:c9:7e:6b:c7:c5:f2:5c:bc:60:81:0b:c8:
94:93:37:61:c8:39:32:bd:80:50:53:e1:65:44:c5:
74:e9:1f:01:d2:c4:9b:a3:ca:db:a0:71:41:e7:69:
c1:f4:aa:34:c5:7c:ad:da:72:f6:0a:9e:c1:ef:6f:
6a:49:04:ad:12:de:85:28:06:81:cc:7a:39:6d:c5:
38:02:1c:8f:d9:6f:02:69:4c:ba:91:62:7c:68:ae:
82:04:e2:2d:e9:92:79:cc:5c:8a:89:98:18:01:31:
2e:79:c6:05:48:bc:23:cb:0b:f1:cf:7a:e8:b8:b9:
c8:bf:96:cf:f7:60:74:b8:2a:52:60:f0:3d:58:62:
04:23:6f:b5:ed:f1:7b:2f:ed:1b:cf:45:0f:f2:26:
40:92:f1:26:60:9b:ed:ff:a4:f8:f6:26:5f:43:72:
f1:d9:d9:c7:5a:8f:47:88:06:bc:18:48:62:9e:e4:
6a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F8:0F:84:22:08:D8:64:72:6D:50:9D:4E:58:37:FB:AB:1B:C8:6E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.112.0/22
91.124.164.0/22
92.112.10.0/24
95.135.44.0/22
95.135.76.0/22
95.135.88.0/22
95.135.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:95:4f:cb:07:5f:43:58:82:1f:11:b5:5b:70:42:04:8b:1f:
d3:1e:f4:3c:52:04:63:06:cb:5d:0e:f8:a8:cf:db:a1:16:a1:
ea:d8:87:14:84:81:4e:7c:3e:a9:7c:7b:80:a6:39:91:96:28:
9b:8e:75:d0:26:b2:00:16:8e:65:ae:b8:9e:48:7f:c6:a0:4f:
3f:c8:50:43:34:95:d4:d5:70:e0:32:86:3d:6c:8b:2a:8b:a9:
9c:da:fd:bc:32:fb:b7:f1:cb:c3:ce:1b:37:14:a0:5b:46:7c:
44:38:97:84:33:31:0a:10:5b:b3:6a:5a:83:2f:03:36:94:ed:
a6:ff:8a:7f:72:9e:b8:9f:9e:e6:39:56:e0:e8:8e:17:5a:f2:
c9:09:a1:00:bc:b0:7c:47:b0:ab:91:db:e4:4d:4e:83:d5:a0:
3d:02:4c:b4:fc:79:f2:20:53:3d:06:f6:74:ab:83:20:2f:aa:
eb:88:41:f6:c6:ba:48:05:0b:e0:6a:54:08:43:67:ca:32:e8:
41:5b:b4:1c:09:4b:77:8b:aa:09:34:c2:be:51:51:cf:3e:1a:
12:6b:99:13:88:c7:0e:ea:65:89:e6:1a:5f:c4:dd:44:21:9e:
e7:cf:88:db:d3:36:df:24:bf:88:12:e1:71:20:8c:77:5e:0c:
39:f7:b1:7e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUc3Zpo8QaoYJN+P3ARzLE/9FgNn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjMxMjAzNTVaFw0yNjA0MjIxMjA4NTVaMDMxMTAvBgNV
BAMTKEU3RjgwRjg0MjIwOEQ4NjQ3MjZENTA5RDRFNTgzN0ZCQUIxQkM4NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJDQUaLTQlvEbHJUzYw+cLPTbh
Whq0zLucSOdVUWwCLp7Ps+AWDUCYVIFR2yaz3HYeWcdKqk01Y3KaXW4axTv+HdSA
jYTfqQo1QHpKmMl+a8fF8ly8YIELyJSTN2HIOTK9gFBT4WVExXTpHwHSxJujytug
cUHnacH0qjTFfK3acvYKnsHvb2pJBK0S3oUoBoHMejltxTgCHI/ZbwJpTLqRYnxo
roIE4i3pknnMXIqJmBgBMS55xgVIvCPLC/HPeui4uci/ls/3YHS4KlJg8D1YYgQj
b7Xt8Xsv7RvPRQ/yJkCS8SZgm+3/pPj2Jl9DcvHZ2cdaj0eIBrwYSGKe5Go5AgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQU5/gPhCII2GRybVCdTlg3+6sbyG4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAlt8cAME
Alt8pAMEAFxwCgMEAl+HLAMEAl+HTAMEAl+HWAMEAF+H3jANBgkqhkiG9w0BAQsF
AAOCAQEAfZVPywdfQ1iCHxG1W3BCBIsf0x70PFIEYwbLXQ74qM/boRah6tiHFISB
Tnw+qXx7gKY5kZYom4510CayABaOZa64nkh/xqBPP8hQQzSV1NVw4DKGPWyLKoup
nNr9vDL7t/HLw84bNxSgW0Z8RDiXhDMxChBbs2pagy8DNpTtpv+Kf3KeuJ+e5jlW
4OiOF1ryyQmhALywfEewq5Hb5E1Og9WgPQJMtPx58iBTPQb2dKuDIC+q64hB9sa6
SAUL4GpUCENnyjLoQVu0HAlLd4uqCTTCvlFRzz4aEmuZE4jHDuplieYaX8TdRCGe
58+I29M23yS/iBLhcSCMd14MOfexfg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:41:48 2025 by rpki-client